pairing: enforce strict account-scoped state

2026-04-19 12:08:37 +00:00 · 2026-02-26 00:31:24 -05:00
parent d9b19e5970
commit 91a3f0a3fe
6 changed files with 152 additions and 19 deletions
--- a/docs/channels/pairing.md
+++ b/docs/channels/pairing.md
@@ -43,7 +43,14 @@ Supported channels: `telegram`, `whatsapp`, `signal`, `imessage`, `discord`, `sl
 Stored under `~/.openclaw/credentials/`:

 - Pending requests: `<channel>-pairing.json`
- Approved allowlist store: `<channel>-allowFrom.json`
+- Approved allowlist store:
+  - Default account: `<channel>-allowFrom.json`
+  - Non-default account: `<channel>-<accountId>-allowFrom.json`
+
+Account scoping behavior:
+
+- Non-default accounts read/write only their scoped allowlist file.
+- Default account uses the channel-scoped unscoped allowlist file.

 Treat these as sensitive (they gate access to your assistant).