openclaw
diff --git a/‎docs/channels/channel-routing.md‎
Lines changed: 13 additions & 0 deletions b/‎docs/channels/channel-routing.md‎
Lines changed: 13 additions & 0 deletions
diff --git a/‎src/channels/session.test.ts‎
Lines changed: 28 additions & 0 deletions b/‎src/channels/session.test.ts‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎src/channels/session.ts‎
Lines changed: 23 additions & 0 deletions b/‎src/channels/session.ts‎
Lines changed: 23 additions & 0 deletions
@@ -41,6 +41,19 @@ Examples:
 - `agent:main:telegram:group:-1001234567890:topic:42`
 - `agent:main:discord:channel:123456:thread:987654`
 
+## Main DM route pinning
+
+When `session.dmScope` is `main`, direct messages may share one main session.
+To prevent the session’s `lastRoute` from being overwritten by non-owner DMs,
+OpenClaw infers a pinned owner from `allowFrom` when all of these are true:
+
+- `allowFrom` has exactly one non-wildcard entry.
+- The entry can be normalized to a concrete sender ID for that channel.
+- The inbound DM sender does not match that pinned owner.
+
+In that mismatch case, OpenClaw still records inbound session metadata, but it
+skips updating the main session `lastRoute`.
+
 ## Routing rules (how an agent is chosen)
 
 Routing picks **one agent** for each inbound message:
 
@@ -103,4 +103,32 @@ describe("recordInboundSession", () => {
       }),
     );
   });
+
+  it("skips last-route updates when main DM owner pin mismatches sender", async () => {
+    const { recordInboundSession } = await import("./session.js");
+    const onSkip = vi.fn();
+
+    await recordInboundSession({
+      storePath: "/tmp/openclaw-session-store.json",
+      sessionKey: "agent:main:telegram:1234:thread:42",
+      ctx,
+      updateLastRoute: {
+        sessionKey: "agent:main:main",
+        channel: "telegram",
+        to: "telegram:1234",
+        mainDmOwnerPin: {
+          ownerRecipient: "1234",
+          senderRecipient: "9999",
+          onSkip,
+        },
+      },
+      onRecordError: vi.fn(),
+    });
+
+    expect(updateLastRouteMock).not.toHaveBeenCalled();
+    expect(onSkip).toHaveBeenCalledWith({
+      ownerRecipient: "1234",
+      senderRecipient: "9999",
+    });
+  });
 });
@@ -16,8 +16,28 @@ export type InboundLastRouteUpdate = {
   to: string;
   accountId?: string;
   threadId?: string | number;
+  mainDmOwnerPin?: {
+    ownerRecipient: string;
+    senderRecipient: string;
+    onSkip?: (params: { ownerRecipient: string; senderRecipient: string }) => void;
+  };
 };
 
+function shouldSkipPinnedMainDmRouteUpdate(
+  pin: InboundLastRouteUpdate["mainDmOwnerPin"] | undefined,
+): boolean {
+  if (!pin) {
+    return false;
+  }
+  const owner = pin.ownerRecipient.trim().toLowerCase();
+  const sender = pin.senderRecipient.trim().toLowerCase();
+  if (!owner || !sender || owner === sender) {
+    return false;
+  }
+  pin.onSkip?.({ ownerRecipient: pin.ownerRecipient, senderRecipient: pin.senderRecipient });
+  return true;
+}
+
 export async function recordInboundSession(params: {
   storePath: string;
   sessionKey: string;
@@ -41,6 +61,9 @@ export async function recordInboundSession(params: {
   if (!update) {
     return;
   }
+  if (shouldSkipPinnedMainDmRouteUpdate(update.mainDmOwnerPin)) {
+    return;
+  }
   const targetSessionKey = normalizeSessionStoreKey(update.sessionKey);
   await updateLastRoute({
     storePath,