switchroom 0.15.42 → 0.15.44

package/dist/cli/switchroom.js

@@ -13520,7 +13520,7 @@ var init_zod = __esm(() => {
 });
 
 // src/config/schema.ts
-var CodeRepoEntrySchema, AgentBindMountSchema, HttpDiffPollSchema, PollSpecSchema, TelegramMessageActionSchema, WebhookActionSchema, ActionSpecSchema, ScheduleEntrySchema, AgentSoulSchema, AgentToolsSchema, AgentMemorySchema, HookEntrySchema, AgentHooksSchema, SubagentSchema, SessionSchema, SessionContinuitySchema, webhookDispatchRule, TelegramChannelSchema, ChannelsSchema, TIMEZONE_REGEX, ApproverIdSchema, GoogleWorkspaceTierSchema, GoogleWorkspaceConfigSchema, MicrosoftWorkspaceConfigSchema, NotionWorkspaceConfigSchema, AgentGoogleWorkspaceConfigSchema, AgentMicrosoftWorkspaceConfigSchema, AgentNotionWorkspaceConfigSchema, ReactionsSchema, ReactionDispatchSchema, ReleaseBlock, NetworkIsolationSchema, profileFields, ProfileSchema, _omitExtends, defaultsFields, AgentDefaultsSchema, DEFAULT_PROFILE = "default", AgentSchema, TelegramConfigSchema, MemoryBackendConfigSchema, VaultConfigSchema, QuotaConfigSchema, AutoReleaseCheckSchema, HostControlConfigSchema, WebServiceConfigSchema, HostdConfigSchema, CronEgressSchema, CronConfigSchema, SwitchroomConfigSchema;
+var CodeRepoEntrySchema, AgentBindMountSchema, HttpDiffPollSchema, PollSpecSchema, TelegramMessageActionSchema, WebhookActionSchema, ActionSpecSchema, ScheduleEntrySchema, AgentSoulSchema, AgentToolsSchema, AgentMemorySchema, HookEntrySchema, AgentHooksSchema, SubagentSchema, SessionSchema, SessionContinuitySchema, webhookDispatchRule, TelegramChannelSchema, ChannelsSchema, TIMEZONE_REGEX, ApproverIdSchema, GoogleWorkspaceTierSchema, GoogleWorkspaceConfigSchema, MicrosoftWorkspaceConfigSchema, NotionWorkspaceConfigSchema, AgentGoogleWorkspaceConfigSchema, AgentMicrosoftWorkspaceConfigSchema, AgentNotionWorkspaceConfigSchema, ReactionsSchema, ReactionDispatchSchema, ReleaseBlock, NetworkIsolationSchema, servesField, knowsField, profileFields, ProfileSchema, _omitExtends, defaultsFields, AgentDefaultsSchema, DEFAULT_PROFILE = "default", AgentSchema, TelegramConfigSchema, MemoryBackendConfigSchema, VaultConfigSchema, QuotaConfigSchema, AutoReleaseCheckSchema, HostControlConfigSchema, WebServiceConfigSchema, HostdConfigSchema, CronEgressSchema, CronConfigSchema, UserSchema, SwitchroomConfigSchema;
 var init_schema = __esm(() => {
   init_zod();
   CodeRepoEntrySchema = exports_external.object({
@@ -13641,6 +13641,8 @@ var init_schema = __esm(() => {
       cache_ttl_secs: exports_external.number().int().min(0).optional().describe("Per-session recall cache TTL in seconds. When > 0, identical " + "(prompt, bank) within the same session reuse the cached recall " + "result instead of round-tripping to Hindsight. 0 disables. " + "Default is 600 (10 min) for switchroom-managed agents."),
       min_overlap: exports_external.number().min(0).max(1).optional().describe("Minimum Jaccard token overlap [0.0\u20131.0] between the user " + "prompt and a memory's text for the memory to be injected. " + "Drops low-relevance matches before the count cap so weak hits " + "don't fill the slot on real queries. 0.0 disables (default \u2014 " + "current behaviour). Try 0.10\u20130.20 to start; observe the " + "`overlap_dropped` field via `switchroom memory recall-log`."),
       types: exports_external.array(exports_external.string()).optional().describe("Hindsight fact types to recall. Switchroom default is " + '["world", "experience", "observation"] \u2014 the synthesized ' + "`observation` tier is on by default. Set to " + '["world", "experience"] to opt out of observation-backed ' + "recall for this agent (or fleet-wide under defaults)."),
+      additional_banks: exports_external.array(exports_external.string()).optional().describe("Extra Hindsight banks to recall from on every turn, merged into " + "the agent's own bank results \u2014 e.g. a shared operator/household " + "profile bank authored via `switchroom memory profile`. Each is " + "recalled with an 8s timeout and is non-fatal on failure. Stays " + "within the single tenant: all banks are the operator's data, in " + "the operator's Hindsight instance (see the `single-tenant` " + "invariant). Defaults to [] (no extra banks)."),
+      sender_banks: exports_external.record(exports_external.string(), exports_external.string()).optional().describe("Per-speaker recall routing: a map of Telegram sender \u2192 extra " + "recall bank. When a message arrives, the agent also recalls the " + "speaker's bank (matched by Telegram username \u2014 a leading @ is " + "optional \u2014 or numeric user_id), merged " + "into its own results \u2014 so each trusted user gets their own " + "profile context. Additive recall scoping within the single " + "tenant: never an access boundary (who may drive an agent stays " + "the per-agent user assignment in `access.allowFrom`). Author the " + "banks via `switchroom memory profile`."),
       skip_trivial: exports_external.boolean().optional().describe("Skip recall on plausibly-stateless trivial turns (time/date/" + "greeting). Switchroom default true \u2014 saves the recall arm + " + "injected tokens on turns that never need memory, guarded so it " + "never skips a turn that references user/project/session state. " + "Set false to always run recall."),
       topic_filter_mode: exports_external.enum(["soft-preamble", "hard-filter"]).optional().describe("Supergroup-mode cross-topic memory behaviour. Default " + "(unset) \u2192 soft-preamble: recall returns memories from all " + "topics, and a 'Current topic: \u2026' preamble tells the model " + "to self-scope. hard-filter: drop any recalled memory whose " + "metadata.thread_id differs from the active inbound's topic. " + "Flip to hard-filter when the recall_log shows binding " + "failures (model surfacing the right memory but applying " + "it to the wrong topic).")
     }).optional().describe("Auto-recall tuning knobs")
@@ -13854,8 +13856,12 @@ var init_schema = __esm(() => {
     message: "release.channel and release.pin are mutually exclusive"
   });
   NetworkIsolationSchema = exports_external.enum(["host", "strict"]).optional().describe("Container network mode (sec WS6-F1 #1390 / feature #1413). " + "'host' (DEFAULT when unset): `network_mode: host` \u2014 the agent " + "shares the host network stack; hindsight 127.0.0.1:18888 and " + "operator-LAN devices are reachable, but there is NO network " + "isolation from sibling agents or host services (the documented, " + "deliberate shared-host tradeoff). 'strict': the agent joins its " + "OWN dedicated docker bridge network instead \u2014 it cannot reach " + "sibling agents; host services are reached via " + "`host.docker.internal`. OPT-IN: validate hindsight / operator-" + "LAN / cron / boot-self-test paths for your deployment before " + "adopting fleet-wide (default-flip is deferred to that validation " + "cycle, #1413). Cascades override (agent \u2192 profile \u2192 defaults).");
+  servesField = exports_external.array(exports_external.string()).optional().describe("Users (keys in the top-level `users:` block) this agent works for. When " + "a served user messages this agent, their profile_bank is recalled " + "(speaker routing \u2192 memory.recall.sender_banks). Unions with any explicit " + "memory.recall.sender_banks. NOTE: this does not yet generate access " + "(allowFrom) \u2014 pair agent access as today; allowFrom generation is a " + "later phase.");
+  knowsField = exports_external.array(exports_external.string()).optional().describe("Users or banks this agent always knows as subjects \u2014 recalled and " + "recall-ranked even when that person is not the speaker (\u2192 " + "memory.recall.additional_banks). A `users:` key resolves to that user's " + "profile_bank; any other string is used as a raw bank name (e.g. a `kids` " + "profile bank with no Telegram identity). Unions with any explicit " + "memory.recall.additional_banks.");
   profileFields = {
     extends: exports_external.string().optional(),
+    serves: servesField,
+    knows: knowsField,
     bot_token: exports_external.string().optional(),
     release: ReleaseBlock.optional().describe("Release-channel pin / pointer. Either `channel` (dev|rc|latest) or " + "`pin` (sha-<hex>|v<semver>) \u2014 mutually exclusive. Per-agent value " + "REPLACES the root entirely (no field merge)."),
     timezone: exports_external.string().regex(TIMEZONE_REGEX, "timezone must be an IANA zone name like 'Australia/Melbourne' or 'UTC' " + "(three-letter aliases like EST/PST and bare offsets like UTC+10 are not accepted)").optional().describe("IANA timezone name (e.g. 'Australia/Melbourne', 'America/New_York', " + "'UTC'). Used to generate the per-turn local-time hint the agent's " + "UserPromptSubmit timezone hook emits, and baked into the agent " + "container's `environment.TZ` in compose so subprocess `date`/" + "`Date.now()` are correct. If unset at every cascade layer, switchroom " + "auto-detects from /etc/timezone and warns on `reconcile` when the " + "detected zone is UTC."),
@@ -13876,7 +13882,9 @@ var init_schema = __esm(() => {
       recall: exports_external.object({
         max_memories: exports_external.number().int().min(0).optional(),
         cache_ttl_secs: exports_external.number().int().min(0).optional(),
-        min_overlap: exports_external.number().min(0).max(1).optional()
+        min_overlap: exports_external.number().min(0).max(1).optional(),
+        additional_banks: exports_external.array(exports_external.string()).optional(),
+        sender_banks: exports_external.record(exports_external.string(), exports_external.string()).optional()
       }).optional()
     }).optional(),
     schedule: exports_external.array(ScheduleEntrySchema).optional(),
@@ -13921,6 +13929,8 @@ var init_schema = __esm(() => {
   AgentDefaultsSchema = exports_external.object(defaultsFields).optional();
   AgentSchema = exports_external.object({
     extends: exports_external.string().optional().describe("Name of a profile to inherit from (e.g., 'coding', 'health-coach'). " + "Profiles may be defined inline under switchroom.yaml `profiles:` or as a " + "filesystem directory `profiles/<name>/`. Defaults to DEFAULT_PROFILE " + "('default') when unset."),
+    serves: servesField,
+    knows: knowsField,
     bot_token: exports_external.string().optional().describe("Per-agent Telegram bot token or vault reference (overrides global telegram.bot_token)"),
     release: ReleaseBlock.optional().describe("Per-agent release-channel pin / pointer. REPLACES the root " + "`release` block entirely (no field merge) \u2014 a pinned agent does " + "not inherit the fleet channel, and vice versa."),
     bot_username: exports_external.string().optional().describe("Per-agent Telegram bot username (without leading @) when it doesn't " + "contain the agent slug. Replaces the default 'username includes slug' " + "preflight check with an exact (case-insensitive) match. Use when an " + "agent and its bot have intentionally divergent names (e.g. agent " + "'lawgpt' paired with bot '@meken_law_bot')."),
@@ -14094,6 +14104,11 @@ var init_schema = __esm(() => {
   CronConfigSchema = exports_external.object({
     egress: CronEgressSchema.optional().describe("SSRF/exfil fence for http-diff polls.")
   });
+  UserSchema = exports_external.object({
+    name: exports_external.string().optional().describe("Display name for the user."),
+    telegram_ids: exports_external.array(exports_external.string()).min(1).describe("Telegram username(s) and/or numeric user id(s) identifying this user " + "(a leading @ is optional). Matched against the message sender for " + "per-speaker memory routing."),
+    profile_bank: exports_external.string().describe("Hindsight bank holding this user's memory profile (author via " + "`switchroom memory profile add <bank> ...`).")
+  });
   SwitchroomConfigSchema = exports_external.object({
     switchroom: exports_external.object({
       version: exports_external.literal(1).describe("Config schema version"),
@@ -14140,10 +14155,31 @@ var init_schema = __esm(() => {
     })).optional().describe("RFC #1873: per-Microsoft-account ACL. Maps account email \u2192 list of " + "agents permitted to use that account's broker credentials. Written " + "by `switchroom auth microsoft enable|disable`; read by the broker " + "on get-credentials with provider=microsoft."),
     defaults: AgentDefaultsSchema.describe("Implicit bottom-of-cascade profile applied to every agent before " + "per-agent config and `extends:` resolution. Tools, mcp_servers, and " + "schedule are unioned/concatenated; scalars and nested objects are " + "shallow-merged with per-agent values winning."),
     profiles: exports_external.record(exports_external.string(), ProfileSchema).optional().describe("Named profile definitions. Agents reference via `extends: <name>`. " + "Inline profiles declared here take priority over filesystem " + "profiles/<name>/ directories when both exist."),
+    users: exports_external.record(exports_external.string(), UserSchema).optional().describe("Trusted users the fleet serves \u2014 each a Telegram identity plus a " + "memory profile bank. Assigned to agents via `serves` / `knows`. The " + "operator's own trusted people (single-tenant), not multi-tenant. See " + "reference/rfcs/user-concept.md."),
     agents: exports_external.record(exports_external.string().regex(/^[a-z0-9][a-z0-9_-]{0,50}$/, {
       message: "Agent name must start with a letter/digit, contain only lowercase letters/digits/hyphens/underscores, and be at most 51 characters (Telegram callback_data byte limit)"
     }), AgentSchema).describe("Map of agent name to agent configuration"),
     cron: CronConfigSchema.optional().describe("Cheap-cron settings (reference/rfcs/cheap-cron-sessions.md). Operator-owned " + "egress allowlist + host-pinned secret bindings for Tier-0 http-diff " + "polls (\u00a76.1). Required to enable any http-diff poll; not agent-writable.")
+  }).superRefine((cfg, ctx) => {
+    const userKeys = new Set(Object.keys(cfg.users ?? {}));
+    const checkServes = (serves, path) => {
+      (serves ?? []).forEach((s, i) => {
+        if (!userKeys.has(s)) {
+          ctx.addIssue({
+            code: exports_external.ZodIssueCode.custom,
+            message: `serves references unknown user "${s}" \u2014 add it to the top-level ` + "`users:` block (or did you mean `knows` for a raw bank name?)",
+            path: [...path, i]
+          });
+        }
+      });
+    };
+    checkServes(cfg.defaults?.serves, ["defaults", "serves"]);
+    for (const [name, p] of Object.entries(cfg.profiles ?? {})) {
+      checkServes(p.serves, ["profiles", name, "serves"]);
+    }
+    for (const [name, a] of Object.entries(cfg.agents ?? {})) {
+      checkServes(a.serves, ["agents", name, "serves"]);
+    }
   });
 });
 
@@ -50767,8 +50803,8 @@ import { existsSync, readFileSync } from "node:fs";
 import { dirname, join } from "node:path";
 
 // src/build-info.ts
-var VERSION = "0.15.42";
-var COMMIT_SHA = "2c7e12da";
+var VERSION = "0.15.44";
+var COMMIT_SHA = "a375378f";
 
 // src/cli/resolve-version.ts
 function readPackageVersion() {
@@ -50899,6 +50935,40 @@ var LEGACY_CRON_SCRIPT_BASENAME_RE = /^cron-(\d+)\.sh$/;
 init_schema();
 init_cron_routing();
 init_tier_selector();
+
+// src/config/users.ts
+init_merge();
+function resolveUsers(config, agentName) {
+  const users = config.users ?? {};
+  const agentRaw = config.agents?.[agentName];
+  const agentConfig = agentRaw ? resolveAgentConfig(config.defaults, config.profiles, agentRaw) : undefined;
+  const uniq = (xs) => [...new Set(xs)];
+  const serves = uniq([
+    ...config.defaults?.serves ?? [],
+    ...agentConfig?.serves ?? []
+  ]);
+  const knows = uniq([
+    ...config.defaults?.knows ?? [],
+    ...agentConfig?.knows ?? []
+  ]);
+  const senderBanks = {};
+  for (const userName of serves) {
+    const u = users[userName];
+    if (!u)
+      continue;
+    for (const id of u.telegram_ids) {
+      senderBanks[id] = u.profile_bank;
+    }
+  }
+  Object.assign(senderBanks, agentConfig?.memory?.recall?.sender_banks ?? {});
+  const additionalBanks = uniq([
+    ...knows.map((entry) => users[entry]?.profile_bank ?? entry),
+    ...agentConfig?.memory?.recall?.additional_banks ?? []
+  ]);
+  return { senderBanks, additionalBanks };
+}
+
+// src/agents/scaffold.ts
 init_merge();
 init_timezone();
 
@@ -52920,13 +52990,14 @@ function installHindsightPlugin(agentName, agentDir, switchroomConfig) {
     rmSync3(destPath, { recursive: true, force: true });
   }
   copyDirRecursive2(sourcePath, destPath);
-  applyHindsightSettingsOverrides(destPath);
+  const additionalBanks = resolveUsers(switchroomConfig, agentName).additionalBanks;
+  applyHindsightSettingsOverrides(destPath, additionalBanks);
   const bankId = agentMemory?.collection ?? agentName;
   const mcpUrl = memory.config?.url ?? "http://127.0.0.1:8888/mcp/";
   const apiBaseUrl = mcpUrl.replace(/\/mcp\/?$/, "").replace(/\/$/, "");
   return { pluginDir: destPath, apiBaseUrl, bankId };
 }
-function applyHindsightSettingsOverrides(pluginDestPath) {
+function applyHindsightSettingsOverrides(pluginDestPath, additionalBanks) {
   const settingsPath = join10(pluginDestPath, "settings.json");
   if (!existsSync15(settingsPath))
     return;
@@ -52947,6 +53018,9 @@ function applyHindsightSettingsOverrides(pluginDestPath) {
   settings.recallMinOverlap = 0.1;
   settings.recallTypes = ["world", "experience", "observation"];
   settings.recallSkipTrivial = true;
+  if (additionalBanks.length > 0) {
+    settings.recallAdditionalBanks = [...additionalBanks];
+  }
   writeFileSync5(settingsPath, JSON.stringify(settings, null, 2) + `
 `, "utf-8");
 }
@@ -52972,6 +53046,7 @@ function buildWorkspaceContext(args) {
     hindsightRecallTypes,
     hindsightRecallSkipTrivial,
     hindsightTopicAliasesJson,
+    hindsightSenderBanksJson,
     hindsightTopicFilterMode
   } = args;
   return {
@@ -53015,6 +53090,7 @@ function buildWorkspaceContext(args) {
     hindsightRecallTypes,
     hindsightRecallSkipTrivial,
     hindsightTopicAliasesJsonQ: hindsightTopicAliasesJson ? shellSingleQuote(hindsightTopicAliasesJson) : undefined,
+    hindsightSenderBanksJsonQ: hindsightSenderBanksJson ? shellSingleQuote(hindsightSenderBanksJson) : undefined,
     hindsightTopicFilterMode,
     switchroomConfigPathQ: switchroomConfigPath ? shellSingleQuote(resolve11(switchroomConfigPath)) : undefined,
     hostHomeQ: hostHomeQForBake(),
@@ -53224,6 +53300,8 @@ function scaffoldAgent(name, agentConfigRaw, agentsDir, telegramConfig, switchro
   const hindsightRecallSkipTrivial = agentConfig.memory?.recall?.skip_trivial === undefined ? undefined : String(agentConfig.memory.recall.skip_trivial);
   const topicAliases = agentConfig.channels?.telegram?.topic_aliases;
   const hindsightTopicAliasesJson = topicAliases && Object.keys(topicAliases).length > 0 ? JSON.stringify(topicAliases) : undefined;
+  const senderBanks = switchroomConfig ? resolveUsers(switchroomConfig, name).senderBanks : agentConfig.memory?.recall?.sender_banks ?? {};
+  const hindsightSenderBanksJson = senderBanks && Object.keys(senderBanks).length > 0 ? JSON.stringify(senderBanks) : undefined;
   const hindsightTopicFilterMode = agentConfig.memory?.recall?.topic_filter_mode;
   const context = buildWorkspaceContext({
     name,
@@ -53247,6 +53325,7 @@ function scaffoldAgent(name, agentConfigRaw, agentsDir, telegramConfig, switchro
     hindsightRecallTypes,
     hindsightRecallSkipTrivial,
     hindsightTopicAliasesJson,
+    hindsightSenderBanksJson,
     hindsightTopicFilterMode
   });
   const dirs = [
@@ -54081,6 +54160,8 @@ function reconcileAgent(name, agentConfigRaw, agentsDir, telegramConfig, switchr
   const hindsightRecallSkipTrivial = agentConfig.memory?.recall?.skip_trivial === undefined ? undefined : String(agentConfig.memory.recall.skip_trivial);
   const topicAliases = agentConfig.channels?.telegram?.topic_aliases;
   const hindsightTopicAliasesJson = topicAliases && Object.keys(topicAliases).length > 0 ? JSON.stringify(topicAliases) : undefined;
+  const senderBanks = switchroomConfig ? resolveUsers(switchroomConfig, name).senderBanks : agentConfig.memory?.recall?.sender_banks ?? {};
+  const hindsightSenderBanksJson = senderBanks && Object.keys(senderBanks).length > 0 ? JSON.stringify(senderBanks) : undefined;
   const hindsightTopicFilterMode = agentConfig.memory?.recall?.topic_filter_mode;
   if (agentConfig.repos) {
     for (const [slug, entry] of Object.entries(agentConfig.repos)) {
@@ -54117,6 +54198,7 @@ function reconcileAgent(name, agentConfigRaw, agentsDir, telegramConfig, switchr
       hindsightRecallTypes,
       hindsightRecallSkipTrivial,
       hindsightTopicAliasesJsonQ: hindsightTopicAliasesJson ? shellSingleQuote(hindsightTopicAliasesJson) : undefined,
+      hindsightSenderBanksJsonQ: hindsightSenderBanksJson ? shellSingleQuote(hindsightSenderBanksJson) : undefined,
       hindsightTopicFilterMode,
       hostHomeQ: hostHomeQForBake(),
       modelQ: shellSingleQuote(resolveMainModel(agentConfig.model)),
@@ -54506,6 +54588,7 @@ ${body}
       hindsightRecallTypes,
       hindsightRecallSkipTrivial,
       hindsightTopicAliasesJson,
+      hindsightSenderBanksJson,
       hindsightTopicFilterMode
     });
     mkdirSync10(reconcileWorkspaceDir, { recursive: true });
@@ -68892,8 +68975,13 @@ var HINDSIGHT_DEFAULT_RERANKER_BUCKET_BATCHING = "true";
 var HINDSIGHT_DEFAULT_RERANKER_MAX_CANDIDATES = 150;
 var HINDSIGHT_DEFAULT_RERANKER_LOCAL_MAX_CONCURRENT = 4;
 var HINDSIGHT_DEFAULT_RECALL_MAX_CONCURRENT = 8;
-var HINDSIGHT_DEFAULT_MEM_LIMIT = "4g";
-var HINDSIGHT_DEFAULT_MEM_RESERVATION = "2g";
+var HINDSIGHT_DEFAULT_REFLECT_WALL_TIMEOUT_S = 600;
+var HINDSIGHT_DEFAULT_CONSOLIDATION_LLM_BATCH_SIZE = 12;
+var HINDSIGHT_DEFAULT_CONSOLIDATION_MAX_SLOTS = 3;
+var HINDSIGHT_DEFAULT_CONSOLIDATION_LLM_PARALLELISM = 6;
+var HINDSIGHT_DEFAULT_CONSOLIDATION_MAX_MEMORIES_PER_ROUND = 300;
+var HINDSIGHT_DEFAULT_MEM_LIMIT = "8g";
+var HINDSIGHT_DEFAULT_MEM_RESERVATION = "4g";
 var HINDSIGHT_DEFAULT_PIDS_LIMIT = 1000;
 var HINDSIGHT_DEFAULT_SHM_SIZE = "2g";
 var HINDSIGHT_HEALTHCHECK_PY = 'import urllib.request,sys; sys.exit(0 if urllib.request.urlopen("http://localhost:8888/health",timeout=4).getcode()==200 else 1)';
@@ -68976,7 +69064,17 @@ function startHindsight(ports) {
     "-e",
     `HINDSIGHT_API_RERANKER_LOCAL_MAX_CONCURRENT=${HINDSIGHT_DEFAULT_RERANKER_LOCAL_MAX_CONCURRENT}`,
     "-e",
-    `HINDSIGHT_API_RECALL_MAX_CONCURRENT=${HINDSIGHT_DEFAULT_RECALL_MAX_CONCURRENT}`
+    `HINDSIGHT_API_RECALL_MAX_CONCURRENT=${HINDSIGHT_DEFAULT_RECALL_MAX_CONCURRENT}`,
+    "-e",
+    `HINDSIGHT_API_REFLECT_WALL_TIMEOUT=${HINDSIGHT_DEFAULT_REFLECT_WALL_TIMEOUT_S}`,
+    "-e",
+    `HINDSIGHT_API_CONSOLIDATION_LLM_BATCH_SIZE=${HINDSIGHT_DEFAULT_CONSOLIDATION_LLM_BATCH_SIZE}`,
+    "-e",
+    `HINDSIGHT_API_WORKER_CONSOLIDATION_MAX_SLOTS=${HINDSIGHT_DEFAULT_CONSOLIDATION_MAX_SLOTS}`,
+    "-e",
+    `HINDSIGHT_API_CONSOLIDATION_LLM_PARALLELISM=${HINDSIGHT_DEFAULT_CONSOLIDATION_LLM_PARALLELISM}`,
+    "-e",
+    `HINDSIGHT_API_CONSOLIDATION_MAX_MEMORIES_PER_ROUND=${HINDSIGHT_DEFAULT_CONSOLIDATION_MAX_MEMORIES_PER_ROUND}`
   ];
   const args = [
     "run",
@@ -69074,6 +69172,11 @@ function generateHindsightComposeSnippet() {
     `      - HINDSIGHT_API_RERANKER_MAX_CANDIDATES=${HINDSIGHT_DEFAULT_RERANKER_MAX_CANDIDATES}`,
     `      - HINDSIGHT_API_RERANKER_LOCAL_MAX_CONCURRENT=${HINDSIGHT_DEFAULT_RERANKER_LOCAL_MAX_CONCURRENT}`,
     `      - HINDSIGHT_API_RECALL_MAX_CONCURRENT=${HINDSIGHT_DEFAULT_RECALL_MAX_CONCURRENT}`,
+    `      - HINDSIGHT_API_REFLECT_WALL_TIMEOUT=${HINDSIGHT_DEFAULT_REFLECT_WALL_TIMEOUT_S}`,
+    `      - HINDSIGHT_API_CONSOLIDATION_LLM_BATCH_SIZE=${HINDSIGHT_DEFAULT_CONSOLIDATION_LLM_BATCH_SIZE}`,
+    `      - HINDSIGHT_API_WORKER_CONSOLIDATION_MAX_SLOTS=${HINDSIGHT_DEFAULT_CONSOLIDATION_MAX_SLOTS}`,
+    `      - HINDSIGHT_API_CONSOLIDATION_LLM_PARALLELISM=${HINDSIGHT_DEFAULT_CONSOLIDATION_LLM_PARALLELISM}`,
+    `      - HINDSIGHT_API_CONSOLIDATION_MAX_MEMORIES_PER_ROUND=${HINDSIGHT_DEFAULT_CONSOLIDATION_MAX_MEMORIES_PER_ROUND}`,
     `    mem_limit: ${HINDSIGHT_DEFAULT_MEM_LIMIT}`,
     `    mem_reservation: ${HINDSIGHT_DEFAULT_MEM_RESERVATION}`,
     `    pids_limit: ${HINDSIGHT_DEFAULT_PIDS_LIMIT}`,
@@ -69475,6 +69578,88 @@ Demoting memory ${source_default.cyan(memoryId)}`));
     console.error(source_default.gray("  The Hindsight MCP `update_memory` tool may not be exposed by your deployment, or the memory ID may be wrong. Try `switchroom memory recall-log " + agent + " --json` to confirm the ID surfaced recently."));
     process.exit(1);
   }));
+  const restBase = (url) => (url ?? "http://127.0.0.1:8888/mcp/").replace(/\/mcp\/?$/, "").replace(/\/$/, "");
+  const VALID_BANK = /^[a-zA-Z0-9_.-]+$/;
+  const profile = memory.command("profile").description("Author + inspect operator profile banks (shared/per-user memory; wire via memory.recall.additional_banks)");
+  profile.command("add <bank> <fact...>").description("Add an operator-authored fact to a profile bank (creates the bank on first write)").option("--timeout <ms>", "HTTP timeout in milliseconds (retain runs synchronously; default: 60000)", "60000").action(withConfigError(async (bank, factWords, opts) => {
+    const config = getConfig(program3);
+    if (!bank || !VALID_BANK.test(bank)) {
+      console.error(source_default.red("Bank name must be non-empty and contain only letters, digits, '.', '_', or '-'."));
+      process.exit(1);
+    }
+    const content = factWords.join(" ").trim();
+    if (content.length === 0) {
+      console.error(source_default.red("A non-empty fact is required."));
+      process.exit(1);
+    }
+    const base = restBase(config.memory?.config?.url);
+    const url = `${base}/v1/default/banks/${encodeURIComponent(bank)}/memories`;
+    const timeoutMs = Math.max(1000, parseInt(opts.timeout, 10) || 60000);
+    const ctrl = new AbortController;
+    const t = setTimeout(() => ctrl.abort(), timeoutMs);
+    try {
+      const res = await fetch(url, {
+        method: "POST",
+        headers: { "Content-Type": "application/json" },
+        body: JSON.stringify({
+          items: [{ content, tags: ["operator-authored", "profile"] }],
+          async: false
+        }),
+        signal: ctrl.signal
+      });
+      if (!res.ok) {
+        console.error(source_default.red(`\u2717 Retain failed: HTTP ${res.status}`), source_default.gray(await res.text().catch(() => "")));
+        process.exit(1);
+      }
+      console.log(source_default.green(`\u2713 Added to profile bank "${bank}"`));
+      console.log(source_default.gray(`  ${content}`));
+      console.log(source_default.gray("  (fact extraction runs in the background \u2014 `profile list` may lag a few seconds)"));
+      console.log(source_default.gray(`
+  Wire it into agents via memory.recall.additional_banks: ["${bank}"] in switchroom.yaml,
+  then \`switchroom apply\` + restart the agent(s).`));
+    } catch (e) {
+      console.error(source_default.red("\u2717 Retain failed:"), source_default.gray(e instanceof Error ? e.message : String(e)));
+      process.exit(1);
+    } finally {
+      clearTimeout(t);
+    }
+  }));
+  profile.command("list <bank>").description("List the memory units in a profile bank").option("--limit <n>", "Max units to show (default: 50)", "50").option("--timeout <ms>", "HTTP timeout in milliseconds (default: 10000)", "10000").action(withConfigError(async (bank, opts) => {
+    const config = getConfig(program3);
+    if (!bank || !VALID_BANK.test(bank)) {
+      console.error(source_default.red("Bank name must contain only letters, digits, '.', '_', or '-'."));
+      process.exit(1);
+    }
+    const base = restBase(config.memory?.config?.url);
+    const limit = Math.max(1, parseInt(opts.limit, 10) || 50);
+    const url = `${base}/v1/default/banks/${encodeURIComponent(bank)}/memories/list?limit=${limit}`;
+    const timeoutMs = Math.max(1000, parseInt(opts.timeout, 10) || 1e4);
+    const ctrl = new AbortController;
+    const t = setTimeout(() => ctrl.abort(), timeoutMs);
+    try {
+      const res = await fetch(url, { signal: ctrl.signal });
+      if (!res.ok) {
+        console.error(source_default.red(`\u2717 List failed: HTTP ${res.status}`), source_default.gray(await res.text().catch(() => "")));
+        process.exit(1);
+      }
+      const data = await res.json();
+      const units = data.results ?? data.memories ?? data.units ?? [];
+      console.log(source_default.bold(`
+  Profile bank "${bank}" \u2014 ${units.length} unit(s)
+`));
+      for (const u of units) {
+        const ft = (u.fact_type ?? "?").padEnd(11);
+        const text = String(u.content ?? u.text ?? "").replace(/\s+/g, " ").slice(0, 100);
+        console.log(`  ${source_default.gray(ft)} ${text}`);
+      }
+      console.log();
+    } catch (e) {
+      console.error(source_default.red("\u2717 List failed:"), source_default.gray(e instanceof Error ? e.message : String(e)));
+      process.exit(1);
+    } finally {
+      clearTimeout(t);
+    }
+  }));
 }
 
 // src/cli/web.ts

package/dist/host-control/main.js

@@ -13812,6 +13812,8 @@ var AgentMemorySchema = exports_external.object({
     cache_ttl_secs: exports_external.number().int().min(0).optional().describe("Per-session recall cache TTL in seconds. When > 0, identical " + "(prompt, bank) within the same session reuse the cached recall " + "result instead of round-tripping to Hindsight. 0 disables. " + "Default is 600 (10 min) for switchroom-managed agents."),
     min_overlap: exports_external.number().min(0).max(1).optional().describe("Minimum Jaccard token overlap [0.0–1.0] between the user " + "prompt and a memory's text for the memory to be injected. " + "Drops low-relevance matches before the count cap so weak hits " + "don't fill the slot on real queries. 0.0 disables (default — " + "current behaviour). Try 0.10–0.20 to start; observe the " + "`overlap_dropped` field via `switchroom memory recall-log`."),
     types: exports_external.array(exports_external.string()).optional().describe("Hindsight fact types to recall. Switchroom default is " + '["world", "experience", "observation"] — the synthesized ' + "`observation` tier is on by default. Set to " + '["world", "experience"] to opt out of observation-backed ' + "recall for this agent (or fleet-wide under defaults)."),
+    additional_banks: exports_external.array(exports_external.string()).optional().describe("Extra Hindsight banks to recall from on every turn, merged into " + "the agent's own bank results — e.g. a shared operator/household " + "profile bank authored via `switchroom memory profile`. Each is " + "recalled with an 8s timeout and is non-fatal on failure. Stays " + "within the single tenant: all banks are the operator's data, in " + "the operator's Hindsight instance (see the `single-tenant` " + "invariant). Defaults to [] (no extra banks)."),
+    sender_banks: exports_external.record(exports_external.string(), exports_external.string()).optional().describe("Per-speaker recall routing: a map of Telegram sender → extra " + "recall bank. When a message arrives, the agent also recalls the " + "speaker's bank (matched by Telegram username — a leading @ is " + "optional — or numeric user_id), merged " + "into its own results — so each trusted user gets their own " + "profile context. Additive recall scoping within the single " + "tenant: never an access boundary (who may drive an agent stays " + "the per-agent user assignment in `access.allowFrom`). Author the " + "banks via `switchroom memory profile`."),
     skip_trivial: exports_external.boolean().optional().describe("Skip recall on plausibly-stateless trivial turns (time/date/" + "greeting). Switchroom default true — saves the recall arm + " + "injected tokens on turns that never need memory, guarded so it " + "never skips a turn that references user/project/session state. " + "Set false to always run recall."),
     topic_filter_mode: exports_external.enum(["soft-preamble", "hard-filter"]).optional().describe("Supergroup-mode cross-topic memory behaviour. Default " + "(unset) → soft-preamble: recall returns memories from all " + "topics, and a 'Current topic: …' preamble tells the model " + "to self-scope. hard-filter: drop any recalled memory whose " + "metadata.thread_id differs from the active inbound's topic. " + "Flip to hard-filter when the recall_log shows binding " + "failures (model surfacing the right memory but applying " + "it to the wrong topic).")
   }).optional().describe("Auto-recall tuning knobs")
@@ -14025,8 +14027,12 @@ var ReleaseBlock = exports_external.object({
   message: "release.channel and release.pin are mutually exclusive"
 });
 var NetworkIsolationSchema = exports_external.enum(["host", "strict"]).optional().describe("Container network mode (sec WS6-F1 #1390 / feature #1413). " + "'host' (DEFAULT when unset): `network_mode: host` — the agent " + "shares the host network stack; hindsight 127.0.0.1:18888 and " + "operator-LAN devices are reachable, but there is NO network " + "isolation from sibling agents or host services (the documented, " + "deliberate shared-host tradeoff). 'strict': the agent joins its " + "OWN dedicated docker bridge network instead — it cannot reach " + "sibling agents; host services are reached via " + "`host.docker.internal`. OPT-IN: validate hindsight / operator-" + "LAN / cron / boot-self-test paths for your deployment before " + "adopting fleet-wide (default-flip is deferred to that validation " + "cycle, #1413). Cascades override (agent → profile → defaults).");
+var servesField = exports_external.array(exports_external.string()).optional().describe("Users (keys in the top-level `users:` block) this agent works for. When " + "a served user messages this agent, their profile_bank is recalled " + "(speaker routing → memory.recall.sender_banks). Unions with any explicit " + "memory.recall.sender_banks. NOTE: this does not yet generate access " + "(allowFrom) — pair agent access as today; allowFrom generation is a " + "later phase.");
+var knowsField = exports_external.array(exports_external.string()).optional().describe("Users or banks this agent always knows as subjects — recalled and " + "recall-ranked even when that person is not the speaker (→ " + "memory.recall.additional_banks). A `users:` key resolves to that user's " + "profile_bank; any other string is used as a raw bank name (e.g. a `kids` " + "profile bank with no Telegram identity). Unions with any explicit " + "memory.recall.additional_banks.");
 var profileFields = {
   extends: exports_external.string().optional(),
+  serves: servesField,
+  knows: knowsField,
   bot_token: exports_external.string().optional(),
   release: ReleaseBlock.optional().describe("Release-channel pin / pointer. Either `channel` (dev|rc|latest) or " + "`pin` (sha-<hex>|v<semver>) — mutually exclusive. Per-agent value " + "REPLACES the root entirely (no field merge)."),
   timezone: exports_external.string().regex(TIMEZONE_REGEX, "timezone must be an IANA zone name like 'Australia/Melbourne' or 'UTC' " + "(three-letter aliases like EST/PST and bare offsets like UTC+10 are not accepted)").optional().describe("IANA timezone name (e.g. 'Australia/Melbourne', 'America/New_York', " + "'UTC'). Used to generate the per-turn local-time hint the agent's " + "UserPromptSubmit timezone hook emits, and baked into the agent " + "container's `environment.TZ` in compose so subprocess `date`/" + "`Date.now()` are correct. If unset at every cascade layer, switchroom " + "auto-detects from /etc/timezone and warns on `reconcile` when the " + "detected zone is UTC."),
@@ -14047,7 +14053,9 @@ var profileFields = {
     recall: exports_external.object({
       max_memories: exports_external.number().int().min(0).optional(),
       cache_ttl_secs: exports_external.number().int().min(0).optional(),
-      min_overlap: exports_external.number().min(0).max(1).optional()
+      min_overlap: exports_external.number().min(0).max(1).optional(),
+      additional_banks: exports_external.array(exports_external.string()).optional(),
+      sender_banks: exports_external.record(exports_external.string(), exports_external.string()).optional()
     }).optional()
   }).optional(),
   schedule: exports_external.array(ScheduleEntrySchema).optional(),
@@ -14092,6 +14100,8 @@ var { extends: _omitExtends, ...defaultsFields } = profileFields;
 var AgentDefaultsSchema = exports_external.object(defaultsFields).optional();
 var AgentSchema = exports_external.object({
   extends: exports_external.string().optional().describe("Name of a profile to inherit from (e.g., 'coding', 'health-coach'). " + "Profiles may be defined inline under switchroom.yaml `profiles:` or as a " + "filesystem directory `profiles/<name>/`. Defaults to DEFAULT_PROFILE " + "('default') when unset."),
+  serves: servesField,
+  knows: knowsField,
   bot_token: exports_external.string().optional().describe("Per-agent Telegram bot token or vault reference (overrides global telegram.bot_token)"),
   release: ReleaseBlock.optional().describe("Per-agent release-channel pin / pointer. REPLACES the root " + "`release` block entirely (no field merge) — a pinned agent does " + "not inherit the fleet channel, and vice versa."),
   bot_username: exports_external.string().optional().describe("Per-agent Telegram bot username (without leading @) when it doesn't " + "contain the agent slug. Replaces the default 'username includes slug' " + "preflight check with an exact (case-insensitive) match. Use when an " + "agent and its bot have intentionally divergent names (e.g. agent " + "'lawgpt' paired with bot '@meken_law_bot')."),
@@ -14265,6 +14275,11 @@ var CronEgressSchema = exports_external.object({
 var CronConfigSchema = exports_external.object({
   egress: CronEgressSchema.optional().describe("SSRF/exfil fence for http-diff polls.")
 });
+var UserSchema = exports_external.object({
+  name: exports_external.string().optional().describe("Display name for the user."),
+  telegram_ids: exports_external.array(exports_external.string()).min(1).describe("Telegram username(s) and/or numeric user id(s) identifying this user " + "(a leading @ is optional). Matched against the message sender for " + "per-speaker memory routing."),
+  profile_bank: exports_external.string().describe("Hindsight bank holding this user's memory profile (author via " + "`switchroom memory profile add <bank> ...`).")
+});
 var SwitchroomConfigSchema = exports_external.object({
   switchroom: exports_external.object({
     version: exports_external.literal(1).describe("Config schema version"),
@@ -14311,10 +14326,31 @@ var SwitchroomConfigSchema = exports_external.object({
   })).optional().describe("RFC #1873: per-Microsoft-account ACL. Maps account email → list of " + "agents permitted to use that account's broker credentials. Written " + "by `switchroom auth microsoft enable|disable`; read by the broker " + "on get-credentials with provider=microsoft."),
   defaults: AgentDefaultsSchema.describe("Implicit bottom-of-cascade profile applied to every agent before " + "per-agent config and `extends:` resolution. Tools, mcp_servers, and " + "schedule are unioned/concatenated; scalars and nested objects are " + "shallow-merged with per-agent values winning."),
   profiles: exports_external.record(exports_external.string(), ProfileSchema).optional().describe("Named profile definitions. Agents reference via `extends: <name>`. " + "Inline profiles declared here take priority over filesystem " + "profiles/<name>/ directories when both exist."),
+  users: exports_external.record(exports_external.string(), UserSchema).optional().describe("Trusted users the fleet serves — each a Telegram identity plus a " + "memory profile bank. Assigned to agents via `serves` / `knows`. The " + "operator's own trusted people (single-tenant), not multi-tenant. See " + "reference/rfcs/user-concept.md."),
   agents: exports_external.record(exports_external.string().regex(/^[a-z0-9][a-z0-9_-]{0,50}$/, {
     message: "Agent name must start with a letter/digit, contain only lowercase letters/digits/hyphens/underscores, and be at most 51 characters (Telegram callback_data byte limit)"
   }), AgentSchema).describe("Map of agent name to agent configuration"),
   cron: CronConfigSchema.optional().describe("Cheap-cron settings (reference/rfcs/cheap-cron-sessions.md). Operator-owned " + "egress allowlist + host-pinned secret bindings for Tier-0 http-diff " + "polls (§6.1). Required to enable any http-diff poll; not agent-writable.")
+}).superRefine((cfg, ctx) => {
+  const userKeys = new Set(Object.keys(cfg.users ?? {}));
+  const checkServes = (serves, path) => {
+    (serves ?? []).forEach((s, i) => {
+      if (!userKeys.has(s)) {
+        ctx.addIssue({
+          code: exports_external.ZodIssueCode.custom,
+          message: `serves references unknown user "${s}" — add it to the top-level ` + "`users:` block (or did you mean `knows` for a raw bank name?)",
+          path: [...path, i]
+        });
+      }
+    });
+  };
+  checkServes(cfg.defaults?.serves, ["defaults", "serves"]);
+  for (const [name, p] of Object.entries(cfg.profiles ?? {})) {
+    checkServes(p.serves, ["profiles", name, "serves"]);
+  }
+  for (const [name, a] of Object.entries(cfg.agents ?? {})) {
+    checkServes(a.serves, ["agents", name, "serves"]);
+  }
 });
 
 // src/config/paths.ts

package/dist/vault/approvals/kernel-server.js

@@ -11299,7 +11299,7 @@ var init_dist = __esm(() => {
 });
 
 // src/config/schema.ts
-var CodeRepoEntrySchema, AgentBindMountSchema, HttpDiffPollSchema, PollSpecSchema, TelegramMessageActionSchema, WebhookActionSchema, ActionSpecSchema, ScheduleEntrySchema, AgentSoulSchema, AgentToolsSchema, AgentMemorySchema, HookEntrySchema, AgentHooksSchema, SubagentSchema, SessionSchema, SessionContinuitySchema, webhookDispatchRule, TelegramChannelSchema, ChannelsSchema, TIMEZONE_REGEX, ApproverIdSchema, GoogleWorkspaceTierSchema, GoogleWorkspaceConfigSchema, MicrosoftWorkspaceConfigSchema, NotionWorkspaceConfigSchema, AgentGoogleWorkspaceConfigSchema, AgentMicrosoftWorkspaceConfigSchema, AgentNotionWorkspaceConfigSchema, ReactionsSchema, ReactionDispatchSchema, ReleaseBlock, NetworkIsolationSchema, profileFields, ProfileSchema, _omitExtends, defaultsFields, AgentDefaultsSchema, AgentSchema, TelegramConfigSchema, MemoryBackendConfigSchema, VaultConfigSchema, QuotaConfigSchema, AutoReleaseCheckSchema, HostControlConfigSchema, WebServiceConfigSchema, HostdConfigSchema, CronEgressSchema, CronConfigSchema, SwitchroomConfigSchema;
+var CodeRepoEntrySchema, AgentBindMountSchema, HttpDiffPollSchema, PollSpecSchema, TelegramMessageActionSchema, WebhookActionSchema, ActionSpecSchema, ScheduleEntrySchema, AgentSoulSchema, AgentToolsSchema, AgentMemorySchema, HookEntrySchema, AgentHooksSchema, SubagentSchema, SessionSchema, SessionContinuitySchema, webhookDispatchRule, TelegramChannelSchema, ChannelsSchema, TIMEZONE_REGEX, ApproverIdSchema, GoogleWorkspaceTierSchema, GoogleWorkspaceConfigSchema, MicrosoftWorkspaceConfigSchema, NotionWorkspaceConfigSchema, AgentGoogleWorkspaceConfigSchema, AgentMicrosoftWorkspaceConfigSchema, AgentNotionWorkspaceConfigSchema, ReactionsSchema, ReactionDispatchSchema, ReleaseBlock, NetworkIsolationSchema, servesField, knowsField, profileFields, ProfileSchema, _omitExtends, defaultsFields, AgentDefaultsSchema, AgentSchema, TelegramConfigSchema, MemoryBackendConfigSchema, VaultConfigSchema, QuotaConfigSchema, AutoReleaseCheckSchema, HostControlConfigSchema, WebServiceConfigSchema, HostdConfigSchema, CronEgressSchema, CronConfigSchema, UserSchema, SwitchroomConfigSchema;
 var init_schema = __esm(() => {
   init_zod();
   CodeRepoEntrySchema = exports_external.object({
@@ -11420,6 +11420,8 @@ var init_schema = __esm(() => {
       cache_ttl_secs: exports_external.number().int().min(0).optional().describe("Per-session recall cache TTL in seconds. When > 0, identical " + "(prompt, bank) within the same session reuse the cached recall " + "result instead of round-tripping to Hindsight. 0 disables. " + "Default is 600 (10 min) for switchroom-managed agents."),
       min_overlap: exports_external.number().min(0).max(1).optional().describe("Minimum Jaccard token overlap [0.0–1.0] between the user " + "prompt and a memory's text for the memory to be injected. " + "Drops low-relevance matches before the count cap so weak hits " + "don't fill the slot on real queries. 0.0 disables (default — " + "current behaviour). Try 0.10–0.20 to start; observe the " + "`overlap_dropped` field via `switchroom memory recall-log`."),
       types: exports_external.array(exports_external.string()).optional().describe("Hindsight fact types to recall. Switchroom default is " + '["world", "experience", "observation"] — the synthesized ' + "`observation` tier is on by default. Set to " + '["world", "experience"] to opt out of observation-backed ' + "recall for this agent (or fleet-wide under defaults)."),
+      additional_banks: exports_external.array(exports_external.string()).optional().describe("Extra Hindsight banks to recall from on every turn, merged into " + "the agent's own bank results — e.g. a shared operator/household " + "profile bank authored via `switchroom memory profile`. Each is " + "recalled with an 8s timeout and is non-fatal on failure. Stays " + "within the single tenant: all banks are the operator's data, in " + "the operator's Hindsight instance (see the `single-tenant` " + "invariant). Defaults to [] (no extra banks)."),
+      sender_banks: exports_external.record(exports_external.string(), exports_external.string()).optional().describe("Per-speaker recall routing: a map of Telegram sender → extra " + "recall bank. When a message arrives, the agent also recalls the " + "speaker's bank (matched by Telegram username — a leading @ is " + "optional — or numeric user_id), merged " + "into its own results — so each trusted user gets their own " + "profile context. Additive recall scoping within the single " + "tenant: never an access boundary (who may drive an agent stays " + "the per-agent user assignment in `access.allowFrom`). Author the " + "banks via `switchroom memory profile`."),
       skip_trivial: exports_external.boolean().optional().describe("Skip recall on plausibly-stateless trivial turns (time/date/" + "greeting). Switchroom default true — saves the recall arm + " + "injected tokens on turns that never need memory, guarded so it " + "never skips a turn that references user/project/session state. " + "Set false to always run recall."),
       topic_filter_mode: exports_external.enum(["soft-preamble", "hard-filter"]).optional().describe("Supergroup-mode cross-topic memory behaviour. Default " + "(unset) → soft-preamble: recall returns memories from all " + "topics, and a 'Current topic: …' preamble tells the model " + "to self-scope. hard-filter: drop any recalled memory whose " + "metadata.thread_id differs from the active inbound's topic. " + "Flip to hard-filter when the recall_log shows binding " + "failures (model surfacing the right memory but applying " + "it to the wrong topic).")
     }).optional().describe("Auto-recall tuning knobs")
@@ -11633,8 +11635,12 @@ var init_schema = __esm(() => {
     message: "release.channel and release.pin are mutually exclusive"
   });
   NetworkIsolationSchema = exports_external.enum(["host", "strict"]).optional().describe("Container network mode (sec WS6-F1 #1390 / feature #1413). " + "'host' (DEFAULT when unset): `network_mode: host` — the agent " + "shares the host network stack; hindsight 127.0.0.1:18888 and " + "operator-LAN devices are reachable, but there is NO network " + "isolation from sibling agents or host services (the documented, " + "deliberate shared-host tradeoff). 'strict': the agent joins its " + "OWN dedicated docker bridge network instead — it cannot reach " + "sibling agents; host services are reached via " + "`host.docker.internal`. OPT-IN: validate hindsight / operator-" + "LAN / cron / boot-self-test paths for your deployment before " + "adopting fleet-wide (default-flip is deferred to that validation " + "cycle, #1413). Cascades override (agent → profile → defaults).");
+  servesField = exports_external.array(exports_external.string()).optional().describe("Users (keys in the top-level `users:` block) this agent works for. When " + "a served user messages this agent, their profile_bank is recalled " + "(speaker routing → memory.recall.sender_banks). Unions with any explicit " + "memory.recall.sender_banks. NOTE: this does not yet generate access " + "(allowFrom) — pair agent access as today; allowFrom generation is a " + "later phase.");
+  knowsField = exports_external.array(exports_external.string()).optional().describe("Users or banks this agent always knows as subjects — recalled and " + "recall-ranked even when that person is not the speaker (→ " + "memory.recall.additional_banks). A `users:` key resolves to that user's " + "profile_bank; any other string is used as a raw bank name (e.g. a `kids` " + "profile bank with no Telegram identity). Unions with any explicit " + "memory.recall.additional_banks.");
   profileFields = {
     extends: exports_external.string().optional(),
+    serves: servesField,
+    knows: knowsField,
     bot_token: exports_external.string().optional(),
     release: ReleaseBlock.optional().describe("Release-channel pin / pointer. Either `channel` (dev|rc|latest) or " + "`pin` (sha-<hex>|v<semver>) — mutually exclusive. Per-agent value " + "REPLACES the root entirely (no field merge)."),
     timezone: exports_external.string().regex(TIMEZONE_REGEX, "timezone must be an IANA zone name like 'Australia/Melbourne' or 'UTC' " + "(three-letter aliases like EST/PST and bare offsets like UTC+10 are not accepted)").optional().describe("IANA timezone name (e.g. 'Australia/Melbourne', 'America/New_York', " + "'UTC'). Used to generate the per-turn local-time hint the agent's " + "UserPromptSubmit timezone hook emits, and baked into the agent " + "container's `environment.TZ` in compose so subprocess `date`/" + "`Date.now()` are correct. If unset at every cascade layer, switchroom " + "auto-detects from /etc/timezone and warns on `reconcile` when the " + "detected zone is UTC."),
@@ -11655,7 +11661,9 @@ var init_schema = __esm(() => {
       recall: exports_external.object({
         max_memories: exports_external.number().int().min(0).optional(),
         cache_ttl_secs: exports_external.number().int().min(0).optional(),
-        min_overlap: exports_external.number().min(0).max(1).optional()
+        min_overlap: exports_external.number().min(0).max(1).optional(),
+        additional_banks: exports_external.array(exports_external.string()).optional(),
+        sender_banks: exports_external.record(exports_external.string(), exports_external.string()).optional()
       }).optional()
     }).optional(),
     schedule: exports_external.array(ScheduleEntrySchema).optional(),
@@ -11700,6 +11708,8 @@ var init_schema = __esm(() => {
   AgentDefaultsSchema = exports_external.object(defaultsFields).optional();
   AgentSchema = exports_external.object({
     extends: exports_external.string().optional().describe("Name of a profile to inherit from (e.g., 'coding', 'health-coach'). " + "Profiles may be defined inline under switchroom.yaml `profiles:` or as a " + "filesystem directory `profiles/<name>/`. Defaults to DEFAULT_PROFILE " + "('default') when unset."),
+    serves: servesField,
+    knows: knowsField,
     bot_token: exports_external.string().optional().describe("Per-agent Telegram bot token or vault reference (overrides global telegram.bot_token)"),
     release: ReleaseBlock.optional().describe("Per-agent release-channel pin / pointer. REPLACES the root " + "`release` block entirely (no field merge) — a pinned agent does " + "not inherit the fleet channel, and vice versa."),
     bot_username: exports_external.string().optional().describe("Per-agent Telegram bot username (without leading @) when it doesn't " + "contain the agent slug. Replaces the default 'username includes slug' " + "preflight check with an exact (case-insensitive) match. Use when an " + "agent and its bot have intentionally divergent names (e.g. agent " + "'lawgpt' paired with bot '@meken_law_bot')."),
@@ -11873,6 +11883,11 @@ var init_schema = __esm(() => {
   CronConfigSchema = exports_external.object({
     egress: CronEgressSchema.optional().describe("SSRF/exfil fence for http-diff polls.")
   });
+  UserSchema = exports_external.object({
+    name: exports_external.string().optional().describe("Display name for the user."),
+    telegram_ids: exports_external.array(exports_external.string()).min(1).describe("Telegram username(s) and/or numeric user id(s) identifying this user " + "(a leading @ is optional). Matched against the message sender for " + "per-speaker memory routing."),
+    profile_bank: exports_external.string().describe("Hindsight bank holding this user's memory profile (author via " + "`switchroom memory profile add <bank> ...`).")
+  });
   SwitchroomConfigSchema = exports_external.object({
     switchroom: exports_external.object({
       version: exports_external.literal(1).describe("Config schema version"),
@@ -11919,10 +11934,31 @@ var init_schema = __esm(() => {
     })).optional().describe("RFC #1873: per-Microsoft-account ACL. Maps account email → list of " + "agents permitted to use that account's broker credentials. Written " + "by `switchroom auth microsoft enable|disable`; read by the broker " + "on get-credentials with provider=microsoft."),
     defaults: AgentDefaultsSchema.describe("Implicit bottom-of-cascade profile applied to every agent before " + "per-agent config and `extends:` resolution. Tools, mcp_servers, and " + "schedule are unioned/concatenated; scalars and nested objects are " + "shallow-merged with per-agent values winning."),
     profiles: exports_external.record(exports_external.string(), ProfileSchema).optional().describe("Named profile definitions. Agents reference via `extends: <name>`. " + "Inline profiles declared here take priority over filesystem " + "profiles/<name>/ directories when both exist."),
+    users: exports_external.record(exports_external.string(), UserSchema).optional().describe("Trusted users the fleet serves — each a Telegram identity plus a " + "memory profile bank. Assigned to agents via `serves` / `knows`. The " + "operator's own trusted people (single-tenant), not multi-tenant. See " + "reference/rfcs/user-concept.md."),
     agents: exports_external.record(exports_external.string().regex(/^[a-z0-9][a-z0-9_-]{0,50}$/, {
       message: "Agent name must start with a letter/digit, contain only lowercase letters/digits/hyphens/underscores, and be at most 51 characters (Telegram callback_data byte limit)"
     }), AgentSchema).describe("Map of agent name to agent configuration"),
     cron: CronConfigSchema.optional().describe("Cheap-cron settings (reference/rfcs/cheap-cron-sessions.md). Operator-owned " + "egress allowlist + host-pinned secret bindings for Tier-0 http-diff " + "polls (§6.1). Required to enable any http-diff poll; not agent-writable.")
+  }).superRefine((cfg, ctx) => {
+    const userKeys = new Set(Object.keys(cfg.users ?? {}));
+    const checkServes = (serves, path) => {
+      (serves ?? []).forEach((s, i) => {
+        if (!userKeys.has(s)) {
+          ctx.addIssue({
+            code: exports_external.ZodIssueCode.custom,
+            message: `serves references unknown user "${s}" — add it to the top-level ` + "`users:` block (or did you mean `knows` for a raw bank name?)",
+            path: [...path, i]
+          });
+        }
+      });
+    };
+    checkServes(cfg.defaults?.serves, ["defaults", "serves"]);
+    for (const [name, p] of Object.entries(cfg.profiles ?? {})) {
+      checkServes(p.serves, ["profiles", name, "serves"]);
+    }
+    for (const [name, a] of Object.entries(cfg.agents ?? {})) {
+      checkServes(a.serves, ["agents", name, "serves"]);
+    }
   });
 });