@vellumai/assistant 0.7.1 → 0.7.3

package/src/runtime/routes/host-transfer-routes.ts

@@ -8,10 +8,16 @@
 import { z } from "zod";
 
 import { HostTransferProxy } from "../../daemon/host-transfer-proxy.js";
+import {
+  enforceSameActorOrThrow,
+  SAME_ACTOR_FORBIDDEN_DESCRIPTION,
+} from "../auth/same-actor.js";
+import { resolveActorPrincipalIdForLocalGuardian } from "../local-actor-identity.js";
 import * as pendingInteractions from "../pending-interactions.js";
 import {
   BadRequestError,
   ConflictError,
+  ForbiddenError,
   NotFoundError,
 } from "./errors.js";
 import type { RouteDefinition, RouteHandlerArgs } from "./types.js";
@@ -34,6 +40,7 @@ function findProxyByTransferId(transferId: string) {
 
 function handleTransferContentGet({
   pathParams = {},
+  headers = {},
 }: RouteHandlerArgs): Uint8Array {
   const transferId = pathParams.transferId;
   if (!transferId) {
@@ -45,6 +52,35 @@ function handleTransferContentGet({
     throw new NotFoundError("Unknown or consumed transfer");
   }
 
+  const targetClientId = match.proxy.getTargetClientIdForTransfer(transferId);
+  if (targetClientId != null) {
+    const headerMap = headers as Record<string, string | undefined>;
+    const submittingClientId =
+      headerMap["x-vellum-client-id"]?.trim() || undefined;
+    if (!submittingClientId)
+      throw new BadRequestError(
+        "x-vellum-client-id header required for targeted transfer",
+      );
+    if (submittingClientId !== targetClientId)
+      throw new ForbiddenError(
+        `Client "${submittingClientId}" is not the owner of this transfer`,
+      );
+
+    // Defense-in-depth: the submitting actor's principal must match the
+    // actor that opened the target client's SSE stream. Compare against
+    // the value persisted at registration time so a brief reconnect does
+    // not 403 a legitimate fetch.
+    enforceSameActorOrThrow({
+      sourceActorPrincipalId: resolveActorPrincipalIdForLocalGuardian(
+        headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
+      ),
+      targetActorPrincipalId:
+        match.proxy.getTargetActorPrincipalIdForTransfer(transferId),
+      targetClientId,
+      op: "host_transfer",
+    });
+  }
+
   const content = match.proxy.getTransferContent(transferId);
   if (!content) {
     throw new NotFoundError("Unknown or consumed transfer");
@@ -55,8 +91,11 @@ function handleTransferContentGet({
 
 /**
  * Resolve Content-Length and X-Transfer-SHA256 response headers for the
- * GET transfer content endpoint. Called by the HTTP adapter before
- * sending the response.
+ * GET transfer content endpoint. Called by the HTTP adapter AFTER the handler
+ * runs (`http-adapter.ts:107-125`), so the entry has already been consumed by
+ * `getTransferContent`. We read the size/sha256 from
+ * `takeJustConsumedTransferMetadata`, which the proxy populates synchronously
+ * during the handler's `getTransferContent` call.
  */
 function resolveTransferContentGetHeaders({
   pathParams = {},
@@ -66,16 +105,14 @@ function resolveTransferContentGetHeaders({
   const transferId = pathParams?.transferId;
   if (!transferId) return { "Content-Type": "application/octet-stream" };
 
-  const match = findProxyByTransferId(transferId);
-  if (!match) return { "Content-Type": "application/octet-stream" };
-
-  const content = match.proxy.getTransferContent(transferId);
-  if (!content) return { "Content-Type": "application/octet-stream" };
+  const meta =
+    HostTransferProxy.instance.takeJustConsumedTransferMetadata(transferId);
+  if (!meta) return { "Content-Type": "application/octet-stream" };
 
   return {
     "Content-Type": "application/octet-stream",
-    "Content-Length": content.sizeBytes.toString(),
-    "X-Transfer-SHA256": content.sha256,
+    "Content-Length": meta.sizeBytes.toString(),
+    "X-Transfer-SHA256": meta.sha256,
   };
 }
 
@@ -98,6 +135,31 @@ async function handleTransferContentPut({
     throw new NotFoundError("Unknown or consumed transfer");
   }
 
+  const targetClientId = match.proxy.getTargetClientIdForTransfer(transferId);
+  if (targetClientId != null) {
+    const headerMap = headers as Record<string, string | undefined>;
+    const submittingClientId =
+      headerMap["x-vellum-client-id"]?.trim() || undefined;
+    if (!submittingClientId)
+      throw new BadRequestError(
+        "x-vellum-client-id header required for targeted transfer",
+      );
+    if (submittingClientId !== targetClientId)
+      throw new ForbiddenError(
+        `Client "${submittingClientId}" is not the owner of this transfer`,
+      );
+
+    enforceSameActorOrThrow({
+      sourceActorPrincipalId: resolveActorPrincipalIdForLocalGuardian(
+        headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
+      ),
+      targetActorPrincipalId:
+        match.proxy.getTargetActorPrincipalIdForTransfer(transferId),
+      targetClientId,
+      op: "host_transfer",
+    });
+  }
+
   const data = rawBody ? Buffer.from(rawBody) : Buffer.alloc(0);
   const sha256 = headers["x-transfer-sha256"] ?? "";
 
@@ -107,11 +169,6 @@ async function handleTransferContentPut({
     sha256,
   );
 
-  // For to_sandbox transfers there is no separate /v1/host-transfer-result
-  // callback — the PUT handler is the terminal event. Always clean up the
-  // pending interaction so it doesn't leak.
-  pendingInteractions.resolve(match.requestId);
-
   if (!result.accepted) {
     throw new BadRequestError(result.error ?? "Transfer content rejected");
   }
@@ -123,7 +180,7 @@ async function handleTransferContentPut({
 // POST /v1/host-transfer-result
 // ---------------------------------------------------------------------------
 
-function handleTransferResult({ body }: RouteHandlerArgs) {
+function handleTransferResult({ body, headers }: RouteHandlerArgs) {
   if (!body || typeof body !== "object") {
     throw new BadRequestError("Request body is required");
   }
@@ -141,9 +198,7 @@ function handleTransferResult({ body }: RouteHandlerArgs) {
 
   const peeked = pendingInteractions.get(requestId);
   if (!peeked) {
-    throw new NotFoundError(
-      "No pending interaction found for this requestId",
-    );
+    throw new NotFoundError("No pending interaction found for this requestId");
   }
 
   if (peeked.kind !== "host_transfer") {
@@ -152,7 +207,28 @@ function handleTransferResult({ body }: RouteHandlerArgs) {
     );
   }
 
-  pendingInteractions.resolve(requestId);
+  if (peeked.targetClientId != null) {
+    const headerMap = (headers as Record<string, string | undefined>) ?? {};
+    const rawClientId = headerMap["x-vellum-client-id"];
+    const submittingClientId = rawClientId?.trim() || undefined;
+    if (!submittingClientId)
+      throw new BadRequestError(
+        "x-vellum-client-id header is missing for a targeted host transfer request.",
+      );
+    if (submittingClientId !== peeked.targetClientId)
+      throw new ForbiddenError(
+        `Client "${submittingClientId}" is not the target for this request (expected "${peeked.targetClientId}").`,
+      );
+
+    enforceSameActorOrThrow({
+      sourceActorPrincipalId: resolveActorPrincipalIdForLocalGuardian(
+        headerMap["x-vellum-actor-principal-id"]?.trim() || undefined,
+      ),
+      targetActorPrincipalId: peeked.targetActorPrincipalId,
+      targetClientId: peeked.targetClientId,
+      op: "host_transfer",
+    });
+  }
 
   HostTransferProxy.instance.resolveTransferResult(requestId, {
     isError: isError ?? false,
@@ -179,6 +255,15 @@ export const ROUTES: RouteDefinition[] = [
       "Serve raw file bytes for a to_host transfer. Single-use: returns 404 after first consumption.",
     tags: ["host-transfer"],
     responseHeaders: resolveTransferContentGetHeaders,
+    additionalResponses: {
+      "400": {
+        description:
+          "x-vellum-client-id header is missing for a targeted transfer.",
+      },
+      "403": {
+        description: SAME_ACTOR_FORBIDDEN_DESCRIPTION,
+      },
+    },
     handler: handleTransferContentGet,
   },
   {
@@ -191,6 +276,15 @@ export const ROUTES: RouteDefinition[] = [
     description:
       "Receive raw file bytes for a to_sandbox transfer. Verifies SHA-256 integrity via the X-Transfer-SHA256 header.",
     tags: ["host-transfer"],
+    additionalResponses: {
+      "400": {
+        description:
+          "x-vellum-client-id header is missing for a targeted transfer.",
+      },
+      "403": {
+        description: SAME_ACTOR_FORBIDDEN_DESCRIPTION,
+      },
+    },
     handler: handleTransferContentPut,
   },
   {
@@ -211,6 +305,15 @@ export const ROUTES: RouteDefinition[] = [
     responseBody: z.object({
       accepted: z.boolean(),
     }),
+    additionalResponses: {
+      "400": {
+        description:
+          "x-vellum-client-id header is missing for a targeted host transfer request.",
+      },
+      "403": {
+        description: SAME_ACTOR_FORBIDDEN_DESCRIPTION,
+      },
+    },
     handler: handleTransferResult,
   },
 ];

package/src/runtime/routes/http-adapter.ts

@@ -163,6 +163,7 @@ export function routeDefinitionsToHTTPRoutes(
             err.code as HttpErrorCode,
             err.message,
             err.statusCode,
+            err.details,
           );
         }
         throw err;

package/src/runtime/routes/identity-intro-cache.ts

@@ -48,6 +48,36 @@ function readWorkspaceFile(name: string): string {
   }
 }
 
+function parseIdentityIntroSection(content: string): string | null {
+  let inSection = false;
+
+  for (const line of content.split("\n")) {
+    const trimmed = line.trim();
+    if (/^#+\s/.test(trimmed)) {
+      inSection = trimmed.toLowerCase().includes("identity intro");
+      continue;
+    }
+    if (inSection && trimmed.length > 0) {
+      return trimmed;
+    }
+  }
+
+  return null;
+}
+
+/**
+ * Read the explicit `## Identity Intro` section from workspace prompt files.
+ *
+ * BOOTSTRAP.md instructs the assistant to write this section in IDENTITY.md.
+ * SOUL.md remains a fallback for older workspaces that stored the intro there.
+ */
+export function readWorkspaceIdentityIntro(): string | null {
+  return (
+    parseIdentityIntroSection(readWorkspaceFile("IDENTITY.md")) ??
+    parseIdentityIntroSection(readWorkspaceFile("SOUL.md"))
+  );
+}
+
 /** Compute a SHA-256 hex hash of the concatenated identity file contents. */
 export function computeIdentityContentHash(): string {
   const staticFiles = IDENTITY_FILES.map(readWorkspaceFile).join("\n---\n");

package/src/runtime/routes/identity-routes.ts

@@ -2,163 +2,33 @@
  * Identity and health endpoint handlers.
  */
 
-import { spawnSync } from "node:child_process";
-import { existsSync, readFileSync, statfsSync, statSync } from "node:fs";
+import { existsSync, readFileSync } from "node:fs";
 import { availableParallelism, cpus, totalmem } from "node:os";
 
 import { z } from "zod";
 
-import {
-  getCpuLimit,
-  getIsPlatform,
-  getMinikubeStorageSize,
-} from "../../config/env-registry.js";
+import { getCpuLimit, getIsPlatform } from "../../config/env-registry.js";
 import { parseIdentityFields } from "../../daemon/handlers/identity.js";
 import { getProfilerRuntimeStatus } from "../../daemon/profiler-run-store.js";
 import { getMaxMigrationVersion } from "../../memory/migrations/registry.js";
 import {
-  getWorkspaceDir,
-  getWorkspacePromptPath,
-} from "../../util/platform.js";
+  getDiskUsageInfo,
+  parseK8sMemoryBytes,
+} from "../../util/disk-usage.js";
+import { getWorkspacePromptPath } from "../../util/platform.js";
 import { APP_VERSION } from "../../version.js";
+import { resolveHatchedAtReadOnly } from "../../workspace/hatched-date.js";
 import { WORKSPACE_MIGRATIONS } from "../../workspace/migrations/registry.js";
 import { getLastWorkspaceMigrationId } from "../../workspace/migrations/runner.js";
 import { NotFoundError } from "./errors.js";
 import { getCachedIntro } from "./identity-intro-cache.js";
 import type { RouteDefinition } from "./types.js";
 
-interface DiskSpaceInfo {
-  path: string;
-  totalMb: number;
-  usedMb: number;
-  freeMb: number;
-}
-
-/**
- * Measure the on-disk usage of one or more directory paths using `du -sb`.
- * Returns the sum of all paths in bytes, or null on failure.
- */
-function getDirectorySizeBytes(paths: string[]): number | null {
-  try {
-    const existing = paths.filter((p) => existsSync(p));
-    if (existing.length === 0) return null;
-    const result = spawnSync("du", ["-sb", ...existing], {
-      encoding: "utf-8",
-      timeout: 30_000,
-    });
-    if (result.status !== 0) return null;
-    let total = 0;
-    for (const line of result.stdout.trim().split("\n")) {
-      const size = parseInt(line.split("\t")[0], 10);
-      if (!isNaN(size) && size > 0) total += size;
-    }
-    return total > 0 ? total : null;
-  } catch {
-    return null;
-  }
-}
-
-const DU_CACHE_TTL_MS = 60_000;
-let duCacheValue: number | null = null;
-let duCacheTime = 0;
-let duCachePaths: string | null = null;
-
-function getCachedDirectorySizeBytes(paths: string[]): number | null {
-  const key = paths.join("\0");
-  const now = Date.now();
-  if (duCachePaths === key && now - duCacheTime < DU_CACHE_TTL_MS) {
-    return duCacheValue;
-  }
-  duCacheValue = getDirectorySizeBytes(paths);
-  duCacheTime = now;
-  duCachePaths = key;
-  return duCacheValue;
-}
-
-function getDiskSpaceInfo(): DiskSpaceInfo | null {
-  try {
-    const wsDir = getWorkspaceDir();
-    const diskPath = existsSync(wsDir) ? wsDir : "/";
-    const stats = statfsSync(diskPath);
-    const fsTotalBytes = stats.bsize * stats.blocks;
-    const fsFreeBytes = stats.bsize * stats.bavail;
-    const bytesToMb = (b: number) =>
-      Math.round((b / (1024 * 1024)) * 100) / 100;
-
-    // Minikube mode: the platform passes the PVC storage size so we can
-    // report accurate capacity. On hostPath-backed PVCs statfsSync reports
-    // the host's entire filesystem rather than the PVC. Detect this by
-    // comparing filesystem size against PVC size — if the filesystem is
-    // larger, measure actual directory usage with `du` instead.
-    const storageSizeRaw = getMinikubeStorageSize();
-    if (storageSizeRaw) {
-      const pvcTotalBytes = parseK8sMemoryBytes(storageSizeRaw);
-      if (pvcTotalBytes !== null && fsTotalBytes > pvcTotalBytes * 1.1) {
-        const volumePaths = [diskPath];
-        if (diskPath !== "/data" && existsSync("/data")) {
-          volumePaths.push("/data");
-        }
-        const usedBytes = getCachedDirectorySizeBytes(volumePaths);
-        if (usedBytes !== null) {
-          return {
-            path: diskPath,
-            totalMb: bytesToMb(pvcTotalBytes),
-            usedMb: bytesToMb(usedBytes),
-            freeMb: bytesToMb(Math.max(0, pvcTotalBytes - usedBytes)),
-          };
-        }
-      }
-    }
-
-    return {
-      path: diskPath,
-      totalMb: bytesToMb(fsTotalBytes),
-      usedMb: bytesToMb(fsTotalBytes - fsFreeBytes),
-      freeMb: bytesToMb(fsFreeBytes),
-    };
-  } catch {
-    return null;
-  }
-}
-
 interface MemoryInfo {
   currentMb: number;
   maxMb: number;
 }
 
-/**
- * Parse a Kubernetes-style memory string (e.g. "3Gi", "512Mi", "1G") into bytes.
- * Returns null if the value is not a recognized format.
- */
-function parseK8sMemoryBytes(value: string): number | null {
-  const match = value
-    .trim()
-    .match(/^(\d+(?:\.\d+)?)\s*(Ki|Mi|Gi|Ti|Pi|Ei|k|M|G|T|P|E|m)?$/);
-  if (!match) return null;
-  const num = parseFloat(match[1]);
-  const unit = match[2] ?? "";
-  const multipliers: Record<string, number> = {
-    "": 1,
-    m: 1e-3,
-    k: 1e3,
-    M: 1e6,
-    G: 1e9,
-    T: 1e12,
-    P: 1e15,
-    E: 1e18,
-    Ki: 1024,
-    Mi: 1024 ** 2,
-    Gi: 1024 ** 3,
-    Ti: 1024 ** 4,
-    Pi: 1024 ** 5,
-    Ei: 1024 ** 6,
-  };
-  const mult = multipliers[unit];
-  if (mult === undefined) return null;
-  const bytes = Math.round(num * mult);
-  return bytes > 0 ? bytes : null;
-}
-
 /**
  * Read the memory limit from the VELLUM_MEMORY_LIMIT env var (K8s resource format),
  * then fall back to cgroups, then to os.totalmem().
@@ -457,7 +327,7 @@ function getDetailedHealth() {
     status: "healthy",
     timestamp: new Date().toISOString(),
     version: APP_VERSION,
-    disk: getDiskSpaceInfo(),
+    disk: getDiskUsageInfo(),
     memory: getMemoryInfo(),
     cpu: getCpuInfo(),
     migrations: {
@@ -488,13 +358,7 @@ function getIdentity() {
 
   const version = APP_VERSION;
 
-  let createdAt: string | undefined;
-  try {
-    const stats = statSync(identityPath);
-    createdAt = stats.birthtime.toISOString();
-  } catch {
-    // ignore
-  }
+  const createdAt = resolveIdentityCreatedAt(identityPath);
 
   return {
     name: fields.name ?? "",
@@ -507,10 +371,18 @@ function getIdentity() {
   };
 }
 
+function resolveIdentityCreatedAt(identityPath: string): string | undefined {
+  return resolveHatchedAtReadOnly(identityPath);
+}
+
 function getIdentityIntro() {
-  const soulIntro = readSoulIdentityIntro();
-  if (soulIntro) {
-    return { text: soulIntro };
+  const identityPath = getWorkspacePromptPath("IDENTITY.md");
+  if (existsSync(identityPath)) {
+    const content = readFileSync(identityPath, "utf-8");
+    const fields = parseIdentityFields(content);
+    if (fields.name) {
+      return { text: `Hi, I'm ${fields.name}!` };
+    }
   }
 
   const cached = getCachedIntro();
@@ -520,37 +392,6 @@ function getIdentityIntro() {
   return { text: cached.text };
 }
 
-// ---------------------------------------------------------------------------
-// Identity intro cache
-// ---------------------------------------------------------------------------
-
-/**
- * Parse the `## Identity Intro` section from SOUL.md.
- * Returns the first non-empty line under that heading, or null.
- */
-function readSoulIdentityIntro(): string | null {
-  try {
-    const soulPath = getWorkspacePromptPath("SOUL.md");
-    if (!existsSync(soulPath)) return null;
-    const content = readFileSync(soulPath, "utf-8");
-
-    let inSection = false;
-    for (const line of content.split("\n")) {
-      const trimmed = line.trim();
-      if (/^#+\s/.test(trimmed)) {
-        inSection = trimmed.toLowerCase().includes("identity intro");
-        continue;
-      }
-      if (inSection && trimmed.length > 0) {
-        return trimmed;
-      }
-    }
-  } catch {
-    // Fall through to cache/fallback
-  }
-  return null;
-}
-
 // ---------------------------------------------------------------------------
 // Zod schemas for profiler health metadata
 // ---------------------------------------------------------------------------
@@ -647,7 +488,7 @@ export const ROUTES: RouteDefinition[] = [
     handler: getIdentityIntro,
     summary: "Get identity intro text",
     description:
-      "Returns the cached identity intro string, preferring SOUL.md over LLM-generated cache.",
+      "Returns a deterministic greeting derived from the assistant name in IDENTITY.md, falling back to LLM-generated cache.",
     tags: ["identity"],
     responseBody: z.object({
       text: z.string(),

package/src/runtime/routes/inbound-message-handler.ts

@@ -11,11 +11,12 @@ import {
   isChannelId,
   parseInterfaceId,
 } from "../../channels/types.js";
-import { touchContactInteraction } from "../../contacts/contacts-write.js";
 import {
   createApprovalConversationGenerator,
   createApprovalCopyGenerator,
 } from "../../daemon/approval-generators.js";
+import { getDiskPressureStatus } from "../../daemon/disk-pressure-guard.js";
+import { classifyDiskPressureTurnPolicy } from "../../daemon/disk-pressure-policy.js";
 import { processMessage } from "../../daemon/process-message.js";
 import type { TrustContext } from "../../daemon/trust-context.js";
 import { HeartbeatService } from "../../heartbeat/heartbeat-service.js";
@@ -36,6 +37,7 @@ import {
   getPendingVerificationReply,
 } from "../../memory/delivery-channels.js";
 import {
+  clearPayload,
   findMessageBySourceId,
   linkMessage,
   recordInbound,
@@ -76,6 +78,8 @@ import { tryTranscribeAudioAttachments } from "./inbound-stages/transcribe-audio
 import type { RouteHandlerArgs } from "./types.js";
 
 const log = getLogger("runtime-http");
+const DISK_PRESSURE_REMOTE_BLOCK_REPLY =
+  "Storage is critically low, so remote messages are ignored until the guardian frees enough space. Please try again later.";
 
 // Delete-lookup retry configuration. Delete webhooks can race ahead of
 // the inbound handler's `linkMessage` call when the original message's
@@ -442,7 +446,7 @@ export async function handleChannelInbound({
           `[Voice message received — ${transcribeResult.reason}]` +
           (trimmedContent ? `\n\n${trimmedContent}` : "");
         break;
-      // "no_audio", "disabled" — no action needed
+      // "no_audio" — no action needed
     }
   }
 
@@ -511,13 +515,6 @@ export async function handleChannelInbound({
     }
   }
 
-  // Track contact interaction only for genuinely new messages (not webhook
-  // retries). This was previously in ACL enforcement which runs before dedup,
-  // causing retries to inflate interaction counts.
-  if (!result.duplicate && resolvedMember) {
-    touchContactInteraction(resolvedMember.channel.id);
-  }
-
   // external_conversation_bindings is assistant-agnostic. Restrict writes to
   // self so assistant-scoped legacy routes do not overwrite each other's
   // channel binding metadata for the same chat.
@@ -532,6 +529,78 @@ export async function handleChannelInbound({
     });
   }
 
+  // ── Actor role resolution ──
+  // Uses shared channel-agnostic resolution so all ingress paths classify
+  // guardian vs non-guardian actors the same way.
+  const trustCtx: TrustContext = resolveTrustContext({
+    assistantId: canonicalAssistantId,
+    sourceChannel,
+    conversationExternalId,
+    actorExternalId: rawSenderId,
+    actorUsername: body.actorUsername,
+    actorDisplayName: body.actorDisplayName,
+  });
+
+  const diskPressureDecision = classifyDiskPressureTurnPolicy(
+    getDiskPressureStatus(),
+    {
+      sourceChannel,
+      sourceInterface,
+      trustContext: {
+        sourceChannel: trustCtx.sourceChannel,
+        trustClass: trustCtx.trustClass,
+      },
+    },
+  );
+  if (diskPressureDecision.action === "block") {
+    if (!result.duplicate) {
+      clearPayload(result.eventId);
+      markProcessed(result.eventId);
+    }
+    log.info(
+      {
+        conversationId: result.conversationId,
+        eventId: result.eventId,
+        duplicate: result.duplicate,
+        reason: diskPressureDecision.reason,
+        trustClass: trustCtx.trustClass,
+      },
+      "Channel inbound blocked during disk pressure cleanup mode",
+    );
+
+    if (replyCallbackUrl && !result.duplicate) {
+      const replyPayload: Parameters<typeof deliverChannelReply>[1] = {
+        chatId: conversationExternalId,
+        text: DISK_PRESSURE_REMOTE_BLOCK_REPLY,
+        assistantId: canonicalAssistantId,
+      };
+      if (sourceChannel === "slack" && (canonicalSenderId ?? rawSenderId)) {
+        replyPayload.ephemeral = true;
+        replyPayload.user = (canonicalSenderId ?? rawSenderId)!;
+      }
+      try {
+        await deliverChannelReply(replyCallbackUrl, replyPayload);
+      } catch (err) {
+        log.warn(
+          {
+            err,
+            conversationId: result.conversationId,
+            eventId: result.eventId,
+          },
+          "Failed to deliver disk pressure block reply",
+        );
+      }
+    }
+
+    return {
+      accepted: true,
+      duplicate: result.duplicate,
+      eventId: result.eventId,
+      diskPressure: "blocked",
+      reason: diskPressureDecision.reason,
+    };
+  }
+
   // ── Slack reaction handling ──
   // Reactions arrive as regular `SlackInboundEvent`s with `callbackData`
   // prefixed `reaction:` (added) or `reaction_removed:` (removed).
@@ -743,18 +812,6 @@ export async function handleChannelInbound({
   // which handles request code matching, callback parsing, and NL classification
   // against canonical_guardian_requests.
 
-  // ── Actor role resolution ──
-  // Uses shared channel-agnostic resolution so all ingress paths classify
-  // guardian vs non-guardian actors the same way.
-  const trustCtx: TrustContext = resolveTrustContext({
-    assistantId: canonicalAssistantId,
-    sourceChannel,
-    conversationExternalId,
-    actorExternalId: rawSenderId,
-    actorUsername: body.actorUsername,
-    actorDisplayName: body.actorDisplayName,
-  });
-
   // ── Canonical guardian reply router ──
   const guardianReplyResult = await handleGuardianReplyIntercept({
     isDuplicate: result.duplicate,