[Bug]: Discord DM pairing identity mismatch breaks PluralKit users; extractDiscordSessionKind regex missing "direct" peer kind

[r0c1n4nte]

Bug type

Logic error (behaviour inconsistent between two code paths in the same function)

Summary

Two DM-handling bugs in the Discord plugin:

1. PluralKit DM pairing infinite loop. When PluralKit transforms the sender identity, the DM preflight passes the raw gateway author to handleDiscordDmCommandDecision (which stores the pairing key) but the access check above it uses the resolved sender identity from resolveDiscordSenderIdentity. These two identities differ for PK users: the pairing is stored under a Discord user/webhook ID while the ingress resolver looks it up under the PK member UUID. Every inbound DM triggers a fresh pairing challenge — the previously-completed one is never found.

2. extractDiscordSessionKind regex doesn't match the direct peer kind. The regex /discord:(channel|group|dm):/ in conversation-identity.ts doesn't match discord:direct:, which is the canonical peer kind used for DM session keys throughout the plugin. Works by coincidence today because downstream === "dm" checks treat the resulting null the same as an unrecognised kind, but a latent fragility.

---

Environment

• OpenClaw version: 2026.5.22 (installed via npm @openclaw/discord)
• Files affected:
  • extensions/discord/src/monitor/message-handler.preflight.ts — resolveDiscordDmPreflightAccess
  • extensions/discord/src/conversation-identity.ts — extractDiscordSessionKind
• Requires PluralKit: Bug 1 yes, Bug 2 no

---

Steps to Reproduce (Bug 1)

1. Configure Discord with dmPolicy: "pairing" and PluralKit integration enabled
2. Have a PluralKit-proxied user send a DM to the bot
3. Bot issues a pairing challenge (expected)
4. Complete the pairing via /pair <code>
5. Same PK user sends another DM
6. Bug: bot issues a fresh pairing challenge instead of recognising the paired user

Steps to Reproduce (Bug 2)

Not user-visible today — verify by inspecting extractDiscordSessionKind("agent:agentId:discord:direct:123456") returns null instead of "direct".

---

Root Cause (Bug 1)

In resolveDiscordDmPreflightAccess:

// line ~55 — access check uses the resolved PK-aware identity
const dmAccess = await resolveDiscordDmCommandAccess({
  sender: {
    id: params.sender.id,      // PK member UUID
    name: params.sender.name,
    tag: params.sender.tag
  },
  ...
});

// line ~69 — pairing handler receives the raw gateway author instead
await handleDiscordDmCommandDecision({
  senderAccess: dmAccess.senderAccess,
  sender: {
    id: params.author.id,      // ← Discord user/webhook ID (should be params.sender)
    tag: formatDiscordUserTag(params.author),
    name: params.author.username ?? void 0
  },
  onPairingCreated: async (code) => {
    await sendMessageDiscord(`user:${params.author.id}`, ...);
  },
});

resolveDiscordDmCommandAccess resolves the ingress subject via createDiscordDmIngressSubject(params.sender), which sets stableId = sender.id (the PK member UUID). The ingress resolver stores pairing records keyed by that stableId. But handleDiscordDmCommandDecision creates the pairing record using params.author.id (the Discord user/webhook ID). On the next inbound message the ingress resolver looks up the PK member UUID and finds nothing.

When PluralKit is not active params.sender.id === params.author.id, so the bug is invisible.

Root Cause (Bug 2)

function extractDiscordSessionKind(sessionKey) {
  if (!sessionKey) return null;
  const match = sessionKey.match(/discord:(channel|group|dm):/);
  //                                               ^^^^^^^^^^^^^^^^
  //                                               missing |direct
  if (!match) return null;
  return match[1];
}

DM session keys use the direct peer kind (agent:<id>:discord:direct:<userId>), normalised from legacy dm in session-key-normalization.ts. The regex only matches channel, group, and dm. It doesn't match direct.

The three callers of extractDiscordSessionKind all check for === "dm" and treat null the same way (return null / skip), so there's no visible breakage today. The fix is still worth making to prevent a future code path from treating null differently.

---

Impact

• Bug 1: PluralKit users cannot use DMs with dmPolicy: "pairing". Every message triggers a new challenge. Allowlist users may also be affected if PK transforms the identity before the ingress check.
• Bug 2: No user-visible impact today. Latent risk if approval-native resolution ever adds a null-specific branch.

Related

• PR fix(discord): canonicalize PluralKit inbound ids #55413 ("canonicalize PluralKit inbound ids") — touched the same preflight area for message-ID dedup, closed without merging
• PR feat(discord): resolve trusted principals via identity links #70944 ("resolve trusted principals via identity links") — open, touches sender identity resolution in the same files but doesn't address this mismatch
• Issue Discord DMs: inbound messages silently dropped (outbound works) #48641 ("Discord DMs: inbound messages silently dropped") — different root cause (allowFrom merge semantics) but similar symptoms

[clawsweeper]

Codex review: keeping this open for maintainer follow-up; there is still a little grit to resolve. Reviewed May 25, 2026, 12:58 AM ET / 04:58 UTC.

Summary
Keep open: current main and the latest release still show the Discord DM pairing identity mismatch, and the native approval session-kind parser still ignores canonical direct Discord DM session keys.

Reproducibility: yes. via source inspection rather than a live Discord run: PluralKit makes sender.id the PK member id, DM access resolves that id, then pairing creation writes author.id, so the next inbound lookup checks a different key.

Next step
The bug is narrow, but the repair changes Discord DM pairing authorization identity semantics and should get maintainer or security-aware direction before an automated fix PR.

Security
Needs attention: The issue is access-control sensitive because it changes which Discord or PluralKit identity a DM pairing approval authorizes.

Review details

Best possible solution:

Make Discord DM pairing store and lookup use the same resolved sender identity while keeping challenge delivery addressed to the raw Discord DM user, then add focused regression coverage for PluralKit pairing and discord:direct: approval-native session keys.

Do we have a high-confidence way to reproduce the issue?

Yes, via source inspection rather than a live Discord run: PluralKit makes sender.id the PK member id, DM access resolves that id, then pairing creation writes author.id, so the next inbound lookup checks a different key.

Is this the best way to solve the issue?

Yes, the maintainable fix is a narrow Discord plugin repair with regression tests; it should not add a new config option or change core pairing APIs unless maintainer review decides dual-id pairing is required.

Remaining risk / open question:

• The fix touches Discord DM pairing authorization semantics, so maintainers should confirm whether pairing should approve the PK member id, the raw Discord user id, or both.
• No live Discord plus PluralKit repro was run in this read-only pass; the bug is source-reproducible from the current code path and shipped tag.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 5bd5509e06ef.

Label changes

Label changes:

• add P2: This is a normal-priority Discord plugin bug with a clear source path and limited blast radius to DM pairing and PluralKit/direct-session handling.
• add impact:security: The report concerns the Discord DM pairing authorization boundary and which identity is approved for future inbound access.
• add impact:message-loss: After pairing, affected PluralKit DM users keep receiving pairing challenges instead of having messages routed to the agent.
• add impact:session-state: The pairing record is stored under one identity and later looked up under another, causing durable pairing state drift.
• add issue-rating: 🦞 diamond lobster: Current issue advisory state selects this label.
• add clawsweeper:source-repro: Current issue advisory state selects this label.
• add clawsweeper:no-new-fix-pr: Current issue advisory state selects this label.
• add clawsweeper:needs-maintainer-review: Current issue advisory state selects this label.
• add clawsweeper:needs-security-review: Current issue advisory state selects this label.

Label justifications:

• P2: This is a normal-priority Discord plugin bug with a clear source path and limited blast radius to DM pairing and PluralKit/direct-session handling.
• impact:security: The report concerns the Discord DM pairing authorization boundary and which identity is approved for future inbound access.
• impact:message-loss: After pairing, affected PluralKit DM users keep receiving pairing challenges instead of having messages routed to the agent.
• impact:session-state: The pairing record is stored under one identity and later looked up under another, causing durable pairing state drift.

Evidence reviewed

Security concerns:

• [medium] Review pairing identity semantics before patching — extensions/discord/src/monitor/message-handler.dm-preflight.ts:79
  Using the resolved PK member id for pairing appears consistent with PluralKit-as-distinct-sender behavior, but maintainers should confirm whether any raw Discord user id approval should also be preserved or intentionally avoided.
  Confidence: 0.78

What I checked:

• Current source: DM access and pairing use different identities: resolveDiscordDmPreflightAccess resolves DM access with params.sender.id but creates the pairing request with params.author.id, which diverges for PluralKit-resolved senders. (extensions/discord/src/monitor/message-handler.dm-preflight.ts:52, 5bd5509e06ef)
• Current source: pairing lookup key is the sender stable id: createDiscordDmIngressSubject uses sender.id as the stable id, and DM message access uses that subject plus a direct conversation keyed by params.sender.id. (extensions/discord/src/monitor/dm-command-auth.ts:79, 5bd5509e06ef)
• Current source: PluralKit sender ids are PK member ids: resolveDiscordSenderIdentity returns the PluralKit member id as sender.id when PluralKit metadata includes a member id and name. (extensions/discord/src/monitor/sender-identity.ts:46, 5bd5509e06ef)
• Current source: direct session keys are canonical but not parsed here: Discord session-key normalization rewrites legacy dm keys to direct, while extractDiscordSessionKind only matches channel, group, and dm. (extensions/discord/src/approval-native.ts:35, 5bd5509e06ef)
• Shipped behavior: latest release has the same mismatch: The v2026.5.22 tag still passes params.author.id to handleDiscordDmCommandDecision after resolving access with params.sender.id, and its approval-native regex also omits direct. (extensions/discord/src/monitor/message-handler.dm-preflight.ts:79, a374c3a5bfd5)
• Docs contract: approved pairing should add the sender to the local allowlist: The public docs describe DM pairing as creating a code for an unknown sender, then adding that sender to the local allowlist after approval. Public docs: docs/channels/pairing.md. (docs/channels/pairing.md:20, 5bd5509e06ef)

Likely related people:

• vincentkoc: Blame on the current implicated Discord preflight, sender identity, approval-native, and session-key normalization files points to commit 3e275a5, with a later current-main Discord snapshot at 5bd5509. (role: recent area contributor; confidence: medium; commits: 3e275a53dc9e, 5bd5509e06ef; files: extensions/discord/src/monitor/message-handler.dm-preflight.ts, extensions/discord/src/approval-native.ts, extensions/discord/src/monitor/sender-identity.ts)
• thewilloftheshadow: Commit 8e2b17e introduced Discord PluralKit sender identity resolution, the feature whose distinct member id now exposes the pairing key mismatch. (role: feature introducer; confidence: high; commits: 8e2b17e0c519; files: src/discord/monitor/sender-identity.ts, src/discord/pluralkit.ts, src/discord/monitor/message-handler.preflight.ts)
• scoootscooob: Commit 5682ec3 moved Discord channel implementation into extensions/discord, including the preflight and sender identity files now involved. (role: refactor author; confidence: medium; commits: 5682ec37fada; files: extensions/discord/src/monitor/message-handler.preflight.ts, extensions/discord/src/monitor/sender-identity.ts)

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.