arisa 3.0.14 → 3.1.2

package/src/runtime/bootstrap.js

@@ -15,6 +15,79 @@ async function exists(file) {
   }
 }
 
+function normalizeString(value) {
+  if (typeof value !== "string") return "";
+  return value.trim();
+}
+
+function parseMaxChatIds(value, fallback = 1) {
+  const parsed = Number(value);
+  if (!Number.isFinite(parsed) || parsed <= 0) return fallback;
+  return parsed;
+}
+
+function buildConfig({ telegramApiKey, telegramMaxChatIds, provider, model, piApiKey }) {
+  return {
+    telegram: {
+      token: telegramApiKey,
+      maxChatIds: telegramMaxChatIds,
+      authorizedChatIds: [],
+      chatMeta: {}
+    },
+    pi: {
+      provider,
+      model,
+      apiKey: piApiKey
+    },
+    createdAt: new Date().toISOString()
+  };
+}
+
+function resolvePiDefaults(runtime, { provider: preferredProvider = "", model: preferredModel = "" } = {}) {
+  const providers = sortBootstrapProviders(listPiProviders(runtime));
+  if (!providers.length) {
+    throw new Error("No Pi providers are available for bootstrap.");
+  }
+
+  const preferredProviderValue = normalizeString(preferredProvider);
+  const providerExists = providers.some((item) => item.provider === preferredProviderValue);
+  if (preferredProviderValue && !providerExists) {
+    console.log(`Ignoring unknown Pi provider override: ${preferredProviderValue}`);
+  }
+
+  const selectedProvider = providerExists
+    ? preferredProviderValue
+    : providers[0].provider;
+
+  const models = sortBootstrapModels(selectedProvider, listProviderModels(selectedProvider, runtime));
+  if (!models.length) {
+    throw new Error(`No Pi models are available for provider ${selectedProvider}.`);
+  }
+
+  const preferredModelValue = normalizeString(preferredModel);
+  const modelExists = models.some((item) => item.id === preferredModelValue);
+  if (preferredModelValue && !modelExists) {
+    console.log(`Ignoring unknown Pi model override for ${selectedProvider}: ${preferredModelValue}`);
+  }
+
+  const selectedModel = modelExists ? preferredModelValue : models[0].id;
+  return { provider: selectedProvider, model: selectedModel };
+}
+
+function sortBootstrapProviders(providers) {
+  const preferredOrder = ["openai-codex"];
+  const positions = new Map(providers.map((provider, index) => [provider.provider, index]));
+
+  return [...providers].sort((a, b) => {
+    const aPref = preferredOrder.indexOf(a.provider);
+    const bPref = preferredOrder.indexOf(b.provider);
+    const aRank = aPref === -1 ? Number.MAX_SAFE_INTEGER : aPref;
+    const bRank = bPref === -1 ? Number.MAX_SAFE_INTEGER : bPref;
+    if (aRank !== bRank) return aRank - bRank;
+    return (positions.get(a.provider) || 0) - (positions.get(b.provider) || 0);
+  });
+}
+
 function sortBootstrapModels(provider, models) {
   const preferred = {
     "openai-codex": ["gpt-5.4"]
@@ -49,7 +122,78 @@ async function maybeOpenExternal(url) {
   });
 }
 
-async function runInternalPiLogin(provider, rl) {
+function installAuthRelay(httpPort, setHttpRequestHandler) {
+  let authUrl = "";
+  let resolveRedirectUrl;
+  const redirectUrlPromise = new Promise((resolve) => {
+    resolveRedirectUrl = resolve;
+  });
+
+  const page = (body) => [
+    "<!DOCTYPE html><html><head><meta charset='utf-8'><meta name='viewport' content='width=device-width'>",
+    "<title>Arisa Auth</title>",
+    "<style>body{font-family:system-ui,sans-serif;max-width:600px;margin:40px auto;padding:0 20px;line-height:1.6}",
+    "input[type=text]{width:100%;padding:8px;box-sizing:border-box;margin:8px 0}",
+    "button{padding:8px 24px;cursor:pointer}code{background:#f0f0f0;padding:2px 6px;border-radius:3px}</style>",
+    "</head><body>",
+    body,
+    "</body></html>"
+  ].join("");
+
+  setHttpRequestHandler((req, res) => {
+    const parsed = new URL(req.url, `http://localhost:${httpPort}`);
+
+    if (req.method === "GET" && parsed.pathname === "/auth/callback" && parsed.searchParams.has("code")) {
+      const callbackUrl = `http://localhost:1455${parsed.pathname}${parsed.search}`;
+      resolveRedirectUrl(callbackUrl);
+      res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
+      res.end(page("<h2>Authentication received</h2><p>You can close this page. Arisa is starting&hellip;</p>"));
+      return;
+    }
+
+    if (req.method === "GET" && parsed.pathname === "/") {
+      res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
+      res.end(page([
+        "<h2>Arisa &mdash; Pi Authentication</h2>",
+        authUrl
+          ? `<p><strong>1.</strong> <a href="${authUrl}" target="_blank">Click here to log in with Pi</a></p>`
+          : "<p>Waiting for authentication URL&hellip;</p>",
+        "<p><strong>2.</strong> After login your browser will redirect to a <code>localhost</code> URL that won't load. That's expected.</p>",
+        "<p><strong>3.</strong> In your browser's address bar, replace <code>localhost:1455</code> with your server's domain and press Enter.</p>",
+        "<hr>",
+        "<p><em>Or paste the full redirect URL here:</em></p>",
+        '<form method="POST" action="/auth/relay">',
+        '<input type="text" name="url" placeholder="Paste the localhost redirect URL here&hellip;" required />',
+        "<button type='submit'>Submit</button>",
+        "</form>"
+      ].join("\n")));
+      return;
+    }
+
+    if (req.method === "POST" && parsed.pathname === "/auth/relay") {
+      let body = "";
+      req.on("data", (chunk) => { body += chunk; });
+      req.on("end", () => {
+        const url = (new URLSearchParams(body).get("url") || "").trim();
+        if (url) resolveRedirectUrl(url);
+        res.writeHead(200, { "Content-Type": "text/html; charset=utf-8" });
+        res.end(page("<h2>Authentication received</h2><p>You can close this page. Arisa is starting&hellip;</p>"));
+      });
+      return;
+    }
+
+    res.writeHead(200, { "Content-Type": "text/plain" });
+    res.end("ok");
+  });
+
+  return {
+    setAuthUrl(url) { authUrl = url; },
+    waitForRedirectUrl() { return redirectUrlPromise; },
+    uninstall() { setHttpRequestHandler(null); }
+  };
+}
+
+async function runInternalPiLogin(provider, { rl = null, authRelay = null } = {}) {
   const authStorage = AuthStorage.create();
   const selected = authStorage.getOAuthProviders().find((item) => item.id === provider);
   if (!selected) {
@@ -67,7 +211,15 @@ async function runInternalPiLogin(provider, rl) {
     onAuth: async ({ url, instructions }) => {
       console.log(`${instructions || "Open this URL to continue authentication:"}\n${url}\n`);
       await maybeOpenExternal(url);
-      if (selected.usesCallbackServer) {
+      if (authRelay) {
+        authRelay.setAuthUrl(url);
+        console.log("Waiting for authentication via the web relay...");
+        const redirectUrl = await authRelay.waitForRedirectUrl();
+        if (redirectUrl && manualCodeResolve) {
+          manualCodeResolve(redirectUrl);
+          manualCodeResolve = undefined;
+        }
+      } else if (selected.usesCallbackServer && rl) {
         const pasted = (await rl.question("Paste the redirect URL here if the browser does not return automatically, or press Enter to keep waiting: ")).trim();
         if (pasted && manualCodeResolve) {
           manualCodeResolve(pasted);
@@ -81,6 +233,9 @@ async function runInternalPiLogin(provider, rl) {
       await maybeOpenExternal(verificationUri);
     },
     onPrompt: async ({ message }) => {
+      if (!rl) {
+        throw new Error(`Pi login for ${provider} requires interactive input: ${message}`);
+      }
       return (await rl.question(`${message} `)).trim();
     },
     onProgress: (message) => {
@@ -96,10 +251,54 @@ async function runInternalPiLogin(provider, rl) {
   });
 }
 
-export async function bootstrapIfNeeded({ force = false } = {}) {
+export async function bootstrapIfNeeded({ force = false, cliConfigOverrides = {}, httpPort = 0, setHttpRequestHandler } = {}) {
   await ensureArisaHome();
   if (!force && await exists(configFile)) return;
 
+  const telegramApiKeyFromCli = normalizeString(cliConfigOverrides?.telegram?.token);
+  if (telegramApiKeyFromCli) {
+    const runtime = createPiRuntime();
+    const resolvedPi = resolvePiDefaults(runtime, cliConfigOverrides?.pi || {});
+    const telegramMaxChatIds = parseMaxChatIds(cliConfigOverrides?.telegram?.maxChatIds, 1);
+    const piApiKey = normalizeString(cliConfigOverrides?.pi?.apiKey);
+    if (!piApiKey && !hasProviderAuth(resolvedPi.provider, runtime)) {
+      if (!supportsProviderOAuth(resolvedPi.provider, runtime)) {
+        throw new Error(
+          `No auth found for ${resolvedPi.provider}. Provide --pi.apiKey for non-interactive bootstrap, or use a provider that supports OAuth.`
+        );
+      }
+      if (!httpPort || !setHttpRequestHandler) {
+        throw new Error(
+          `No auth found for ${resolvedPi.provider}. Auth relay requires an HTTP server on PORT. Provide --pi.apiKey or set the PORT environment variable.`
+        );
+      }
+      const authRelay = installAuthRelay(httpPort, setHttpRequestHandler);
+      console.log(`No existing Pi auth found for ${resolvedPi.provider}. Auth relay active on port ${httpPort}.`);
+      console.log(`Open your server URL in a browser to complete Pi authentication.\n`);
+      try {
+        await runInternalPiLogin(resolvedPi.provider, { authRelay });
+      } finally {
+        authRelay.uninstall();
+      }
+      if (!hasProviderAuth(resolvedPi.provider, createPiRuntime())) {
+        throw new Error(
+          `Pi login did not complete for ${resolvedPi.provider}. Retry or provide --pi.apiKey.`
+        );
+      }
+      console.log(`Detected Pi auth for ${resolvedPi.provider}. Continuing bootstrap.`);
+    }
+    const config = buildConfig({
+      telegramApiKey: telegramApiKeyFromCli,
+      telegramMaxChatIds,
+      provider: resolvedPi.provider,
+      model: resolvedPi.model,
+      piApiKey
+    });
+    await writeFile(configFile, `${JSON.stringify(config, null, 2)}\n`, "utf8");
+    console.log(`\nConfig saved to ${configFile} (non-interactive bootstrap)\n`);
+    return;
+  }
+
   const rl = readline.createInterface({ input, output });
   const ask = async (label, fallback = "") => {
     const suffix = fallback ? ` (${fallback})` : "";
@@ -113,7 +312,7 @@ export async function bootstrapIfNeeded({ force = false } = {}) {
   const telegramMaxChatIds = Number(await ask("Maximum authorized chat IDs", "1"));
 
   const runtime = createPiRuntime();
-  const providers = listPiProviders(runtime);
+  const providers = sortBootstrapProviders(listPiProviders(runtime));
   console.log("\nAvailable Pi providers:");
   providers.forEach((item, index) => {
     const authLabel = item.authConfigured ? "auth: configured" : item.supportsOAuth ? "auth: login or API key" : "auth: API key";
@@ -153,7 +352,7 @@ export async function bootstrapIfNeeded({ force = false } = {}) {
 
     console.log(`No existing Pi auth found for ${selectedProvider.provider}. Starting internal Pi login...`);
     try {
-      await runInternalPiLogin(selectedProvider.provider, rl);
+      await runInternalPiLogin(selectedProvider.provider, { rl });
     } catch (error) {
       console.log(`Internal Pi login failed: ${error instanceof Error ? error.message : String(error)}`);
     }
@@ -166,20 +365,13 @@ export async function bootstrapIfNeeded({ force = false } = {}) {
     console.log(`Pi auth for ${selectedProvider.provider} is still missing after login.`);
   }
 
-  const config = {
-    telegram: {
-      apiKey: telegramApiKey,
-      maxChatIds: telegramMaxChatIds,
-      authorizedChatIds: [],
-      chatMeta: {}
-    },
-    pi: {
-      provider: selectedProvider.provider,
-      model: selectedModel.id,
-      apiKey: piApiKey
-    },
-    createdAt: new Date().toISOString()
-  };
+  const config = buildConfig({
+    telegramApiKey,
+    telegramMaxChatIds,
+    provider: selectedProvider.provider,
+    model: selectedModel.id,
+    piApiKey
+  });
 
   await writeFile(configFile, `${JSON.stringify(config, null, 2)}\n`, "utf8");
   rl.close();

package/src/runtime/create-app.js

@@ -5,9 +5,51 @@ import { TaskStore } from "../core/tasks/task-store.js";
 import { AgentManager } from "../core/agent/agent-manager.js";
 import { createTelegramBot } from "../transport/telegram/bot.js";
 
-export async function createApp({ logger } = {}) {
+function normalizeString(value) {
+  const text = String(value ?? "").trim();
+  return text ? text : "";
+}
+
+function splitModelOverride(modelOverride) {
+  const separatorIndex = modelOverride.indexOf("/");
+  if (separatorIndex <= 0 || separatorIndex === modelOverride.length - 1) {
+    return null;
+  }
+  return {
+    provider: modelOverride.slice(0, separatorIndex),
+    model: modelOverride.slice(separatorIndex + 1)
+  };
+}
+
+function applyRuntimeOverrides(config, runtimeOverrides) {
+  const providerOverride = normalizeString(runtimeOverrides?.pi?.provider);
+  const modelOverride = normalizeString(runtimeOverrides?.pi?.model);
+  if (!providerOverride && !modelOverride) return config;
+
+  const splitOverride = modelOverride ? splitModelOverride(modelOverride) : null;
+  const provider = providerOverride || splitOverride?.provider || config.pi.provider;
+  const model = splitOverride && (!providerOverride || providerOverride === splitOverride.provider)
+    ? splitOverride.model
+    : (modelOverride || config.pi.model);
+
+  return {
+    ...config,
+    pi: {
+      ...config.pi,
+      provider,
+      model
+    }
+  };
+}
+
+export async function createApp({ logger, runtimeOverrides, webhookUrl, setHttpRequestHandler } = {}) {
   logger?.log("app", "loading config");
-  const config = await loadConfig();
+  const persistedConfig = await loadConfig();
+  const config = applyRuntimeOverrides(persistedConfig, runtimeOverrides);
+  if (config.pi.provider !== persistedConfig.pi.provider || config.pi.model !== persistedConfig.pi.model) {
+    logger?.log("app", `applying runtime model override: ${persistedConfig.pi.provider}/${persistedConfig.pi.model} -> ${config.pi.provider}/${config.pi.model}`);
+  }
+
   const artifactStore = new ArtifactStore();
   const toolRegistry = new ToolRegistry({ logger });
   const taskStore = new TaskStore();
@@ -15,7 +57,7 @@ export async function createApp({ logger } = {}) {
   logger?.log("app", `loaded ${toolRegistry.list().length} tools`);
 
   const agentManager = new AgentManager({ config, artifactStore, toolRegistry, taskStore, logger });
-  const bot = await createTelegramBot({ config, artifactStore, toolRegistry, taskStore, agentManager, saveConfig, updateConfig, logger });
+  const bot = await createTelegramBot({ config, artifactStore, toolRegistry, taskStore, agentManager, saveConfig, updateConfig, logger, webhookUrl, setHttpRequestHandler });
 
   return {
     async start() {

package/src/runtime/paths.js

@@ -7,10 +7,25 @@ export const stateDir = path.join(arisaHomeDir, "state");
 export const configFile = path.join(stateDir, "config.json");
 export const servicePidFile = path.join(stateDir, "arisa.pid");
 export const serviceLogFile = path.join(stateDir, "arisa.log");
-export const artifactsDir = path.join(arisaHomeDir, "artifacts");
-export const artifactsIndexFile = path.join(stateDir, "artifacts.json");
 export const tasksFile = path.join(stateDir, "tasks.json");
 export const toolsDir = path.join(arisaHomeDir, "tools");
+export const chatsDir = path.join(arisaHomeDir, "chats");
+
+export function getChatDir(chatId) {
+  return path.join(chatsDir, String(chatId));
+}
+
+export function getChatArtifactsDir(chatId) {
+  return path.join(getChatDir(chatId), "artifacts");
+}
+
+export function getChatArtifactsIndexFile(chatId) {
+  return path.join(getChatDir(chatId), "state", "artifacts.json");
+}
+
+export function getChatPiSessionsDir(chatId) {
+  return path.join(getChatDir(chatId), "state", "pi-sessions");
+}
 
 export function getToolDir(toolName) {
   return path.join(toolsDir, toolName);
@@ -20,6 +35,10 @@ export function getToolConfigPath(toolName) {
   return path.join(getToolDir(toolName), "config.js");
 }
 
+export function getChatToolConfigPath(chatId, toolName) {
+  return path.join(getChatDir(chatId), "tools", toolName, "config.js");
+}
+
 export function getToolRuntimeDir(toolName) {
   return getToolDir(toolName);
 }
@@ -32,9 +51,13 @@ export function getToolTmpDir(toolName) {
   return path.join(getToolRuntimeDir(toolName), "tmp");
 }
 
+export function getChatToolTmpDir(chatId, toolName) {
+  return path.join(getChatDir(chatId), "tools", toolName, "tmp");
+}
+
 export async function ensureArisaHome() {
   await mkdir(stateDir, { recursive: true });
-  await mkdir(artifactsDir, { recursive: true });
   await mkdir(toolsDir, { recursive: true });
+  await mkdir(chatsDir, { recursive: true });
 }
 

package/src/runtime/service-manager.js

@@ -36,7 +36,7 @@ export async function getServiceStatus() {
   return { running: true, pid };
 }
 
-export async function startService({ verbose = false } = {}) {
+export async function startService({ verbose = false, cliArgs = [] } = {}) {
   await ensureArisaHome();
   const status = await getServiceStatus();
   if (status.running) {
@@ -44,7 +44,7 @@ export async function startService({ verbose = false } = {}) {
   }
 
   const logHandle = await open(serviceLogFile, "a");
-  const args = [entryFile, "--service-runner"];
+  const args = [entryFile, "--service-runner", ...cliArgs];
   if (verbose) args.push("--verbose");
 
   const child = spawn(process.execPath, args, {

package/src/transport/telegram/bot.js

@@ -1,8 +1,9 @@
-import { Bot, InputFile } from "grammy";
+import { Bot, InputFile, webhookCallback } from "grammy";
 import path from "node:path";
 import { authorizeChat } from "./auth.js";
 import { captureIncomingArtifact } from "./media.js";
 import { renderTelegramHtml } from "./text-format.js";
+import { normalizeArtifactForReasoning } from "../../core/artifacts/normalize-for-reasoning.js";
 
 function quotedMessageSummary(message) {
   if (!message) return [];
@@ -39,16 +40,21 @@ function getTelegramCommand(ctx) {
   return text.slice(1, entity.length).split("@")[0].trim().toLowerCase();
 }
 
+function getIncomingMessageText(message) {
+  return message?.text || message?.caption || "";
+}
+
 function buildPrompt({ ctx, artifact, transcript, toolResult }) {
   const parts = [
-    `New Session..`,
+    `Incoming Telegram message.`,
     `chatId: ${ctx.chat.id}`,
     `userId: ${ctx.from.id}`,
     `username: ${ctx.from.username || "(no username)"}`,
     `messageId: ${ctx.msg.message_id}`
   ];
 
-  if (ctx.message?.text) parts.push(`text: ${ctx.message.text}`);
+  const messageText = getIncomingMessageText(ctx.message);
+  if (messageText) parts.push(`text: ${messageText}`);
   parts.push(...quotedMessageSummary(ctx.message?.reply_to_message));
   if (artifact?.path) parts.push(`artifactPath: ${artifact.path}`);
   if (artifact?.id) parts.push(`artifactId: ${artifact.id}`);
@@ -79,43 +85,61 @@ function buildNewSessionPrompt(ctx) {
   ].join("\n");
 }
 
-function buildAsyncTaskPrompt(task) {
-  return [
+async function buildAsyncTaskPrompt({ task, artifactStore, toolRegistry, logger }) {
+  const parts = [
     "Scheduled task fired.",
     `taskId: ${task.id}`,
     `chatId: ${task.payload.chatId}`,
-    task.payload.prompt ? `text: ${task.payload.prompt}` : null,
-    "Treat this as a new request for the chat and fulfill it now.",
-    "If needed, use tools."
-  ].filter(Boolean).join("\n");
-}
+    task.payload.prompt ? `text: ${task.payload.prompt}` : null
+  ];
 
-async function maybeTranscribeIncomingAudio({ artifact, toolRegistry, artifactStore }) {
-  if (!artifact || artifact.kind !== "audio") return { transcript: null };
+  if (task.payload.artifactId) {
+    const chatArtifactStore = artifactStore.forChat(task.payload.chatId);
+    const artifact = await chatArtifactStore.get(task.payload.artifactId);
+    if (artifact) {
+      parts.push(`artifactPath: ${artifact.path || ""}`);
+      parts.push(`artifactId: ${artifact.id}`);
+      parts.push(`mimeType: ${artifact.mimeType}`);
+      parts.push(`kind: ${artifact.kind}`);
+
+      const { normalizedArtifact, toolResult } = await normalizeArtifactForReasoning({
+        artifact,
+        desiredMimeType: "text/plain",
+        toolRegistry,
+        chatArtifactStore,
+        chatId: task.payload.chatId
+      });
 
-  const result = await toolRegistry.run({
-    name: "openai-transcribe",
-    request: {
-      artifact,
-      args: {}
+      if (normalizedArtifact) {
+        logger?.log("tasks", `artifact ${artifact.id} normalized to ${normalizedArtifact.id}`);
+        parts.push(`transcriptArtifactId: ${normalizedArtifact.id}`);
+        parts.push(`transcriptText: ${normalizedArtifact.text}`);
+        parts.push("Important: the attached audio artifact has already been normalized for reasoning. Use the transcript as the message content.");
+      } else if (artifact.kind === "audio" && toolResult) {
+        parts.push(`audioNormalizationResult: ${JSON.stringify(toolResult)}`);
+        parts.push("Important: pre-reasoning audio normalization could not be completed, so you do not have a transcript for this audio artifact.");
+      }
+    } else {
+      parts.push(`artifactId: ${task.payload.artifactId}`);
+      parts.push("Important: referenced artifact was not found.");
     }
-  });
-
-  if (!result.ok) {
-    return { transcript: null, toolResult: result };
   }
 
-  if (!result.output?.text) {
-    return { transcript: null, toolResult: { ok: false, status: "failed", error: "Transcription returned no text." } };
-  }
+  parts.push("Treat this as a new request for the chat and fulfill it now.");
+  parts.push("If needed, use tools.");
+  return parts.filter(Boolean).join("\n");
+}
 
-  const transcript = await artifactStore.createText({
-    text: result.output.text,
-    source: { type: "tool", toolName: "openai-transcribe" },
-    metadata: { fromArtifactId: artifact.id, tool: "openai-transcribe" }
+async function normalizeIncomingArtifact({ artifact, toolRegistry, chatArtifactStore, chatId }) {
+  if (!artifact) return { transcript: null, toolResult: null };
+  const { normalizedArtifact, toolResult } = await normalizeArtifactForReasoning({
+    artifact,
+    desiredMimeType: "text/plain",
+    toolRegistry,
+    chatArtifactStore,
+    chatId
   });
-
-  return { transcript, toolResult: result };
+  return { transcript: normalizedArtifact, toolResult };
 }
 
 async function collectText(session, prompt) {
@@ -143,8 +167,8 @@ async function withTyping(ctx, work) {
   }
 }
 
-export async function createTelegramBot({ config, artifactStore, toolRegistry, taskStore, agentManager, saveConfig, updateConfig, logger }) {
-  const bot = new Bot(config.telegram.apiKey);
+export async function createTelegramBot({ config, artifactStore, toolRegistry, taskStore, agentManager, saveConfig, updateConfig, logger, webhookUrl, setHttpRequestHandler }) {
+  const bot = new Bot(config.telegram.token);
   const perChatState = new Map();
 
   function getIncomingChatMeta(ctx) {
@@ -164,10 +188,12 @@ export async function createTelegramBot({ config, artifactStore, toolRegistry, t
   }
 
   async function buildIncomingPrompt(ctx) {
-    logger?.log("telegram", `message ${ctx.msg.message_id} in chat ${ctx.chat.id}`);
+    const chatId = ctx.chat.id;
+    logger?.log("telegram", `message ${ctx.msg.message_id} in chat ${chatId}`);
+    const chatArtifactStore = artifactStore.forChat(chatId);
     const artifact = await captureIncomingArtifact(ctx, artifactStore);
     if (artifact) logger?.log("telegram", `captured artifact ${artifact.kind}${artifact.id ? ` ${artifact.id}` : ""}`);
-    const { transcript, toolResult } = await maybeTranscribeIncomingAudio({ artifact, toolRegistry, artifactStore });
+    const { transcript, toolResult } = await normalizeIncomingArtifact({ artifact, toolRegistry, chatArtifactStore, chatId });
     if (transcript) logger?.log("telegram", `audio transcribed to artifact ${transcript.id}`);
     if (artifact?.kind === "audio" && !transcript) {
       logger?.log("telegram", `audio normalization unavailable for chat ${ctx.chat.id}: ${toolResult?.error || toolResult?.missingConfig?.join(", ") || "unknown error"}`);
@@ -180,7 +206,8 @@ export async function createTelegramBot({ config, artifactStore, toolRegistry, t
 
     if (text.length > maxInlineReplyLength) {
       logger?.log("telegram", `sending long reply as markdown attachment for chat ${chatId}`);
-      const artifact = await artifactStore.createGeneratedFile({
+      const chatArtifactStore = artifactStore.forChat(chatId);
+      const artifact = await chatArtifactStore.createGeneratedFile({
         fileName: `reply-${Date.now()}.md`,
         content: text,
         kind: "document",
@@ -365,7 +392,7 @@ export async function createTelegramBot({ config, artifactStore, toolRegistry, t
             logger?.log("tasks", `running task ${task.id} for chat ${task.payload.chatId}`);
             await enqueuePrompt({
               chatId: task.payload.chatId,
-              prompt: buildAsyncTaskPrompt(task),
+              prompt: await buildAsyncTaskPrompt({ task, artifactStore, toolRegistry, logger }),
               label: `scheduled task ${task.id}`
             });
             await taskStore.complete(task.id);
@@ -374,8 +401,26 @@ export async function createTelegramBot({ config, artifactStore, toolRegistry, t
           }
         }
       }, 1000).unref();
-      logger?.log("telegram", "bot polling started");
-      await bot.start({ drop_pending_updates: true });
+      if (webhookUrl && setHttpRequestHandler) {
+        const webhookPath = `/telegram-${config.telegram.token.slice(-8)}`;
+        const handleUpdate = webhookCallback(bot, "http", {
+          timeoutMilliseconds: 60_000,
+          onTimeout: "return",
+        });
+        setHttpRequestHandler((req, res) => {
+          const parsed = new URL(req.url, "http://localhost");
+          if (req.method === "POST" && parsed.pathname === webhookPath) {
+            return handleUpdate(req, res);
+          }
+          res.writeHead(200, { "Content-Type": "text/plain" });
+          res.end("ok");
+        });
+        await bot.api.setWebhook(`${webhookUrl}${webhookPath}`);
+        logger?.log("telegram", `webhook mode: ${webhookUrl}${webhookPath}`);
+      } else {
+        logger?.log("telegram", "bot polling started");
+        await bot.start({ drop_pending_updates: true });
+      }
     }
   };
 }