# ElizaOS Developer Update - Week of November 24-26, 2025

## 1. Core Framework

### Entity-Level Row Level Security (RLS)
We've implemented PostgreSQL-based row-level security policies for fine-grained data isolation at the entity level. This three-layer security model works across:

- **Server Level**: Isolating between different ElizaOS deployments
- **Entity Level**: Providing privacy between users/agents within a server
- **Application Level**: Standard authorization checks 

```sql
-- New entity isolation functions
CREATE OR REPLACE FUNCTION current_entity_id() RETURNS UUID AS $$
  SELECT current_setting('app.entity_id')::UUID;
$$ LANGUAGE SQL STABLE;

-- Example RLS policy
CREATE POLICY entity_isolation_policy ON memories
  USING (entityId = current_entity_id());
```

The system automatically detects appropriate isolation strategies for each table based on schema. PR [#6167](https://github.com/elizaOS/eliza/pull/6167) is currently under review.

### Plugin Name Normalization
We've enhanced plugin dependency resolution to handle both fully-qualified and shorthand plugin names. This improvement enables developers to reference plugins more flexibly:

```typescript
// All formats now accepted:
'@elizaos/plugin-discord'  // Full scoped name
'plugin-discord'           // Short name with prefix
'discord'                  // Short name without prefix
```

This change ensures consistent dependency resolution regardless of the format used and includes deduplication to prevent repeated loading. Merged in PR [#6164](https://github.com/elizaOS/eliza/pull/6164).

### Runtime Enhancements
We've added `skipMigrations` option to `runtime.initialize()`, providing developers control over database migrations during initialization. This is especially useful in scenarios where multiple runtimes connect to the same database, preventing migration conflicts. Merged in PR [#6132](https://github.com/elizaOS/eliza/pull/6132).

## 2. New Features

### OpenAI-Compatible API
A new issue ([#6168](https://github.com/elizaOS/eliza/issues/6168)) has been opened to implement an OpenAI-compatible API layer. This will allow ElizaOS to be used as a drop-in replacement for OpenAI in existing applications.

### Standardized Logging
We're refactoring our logging system to maintain consistent behavior across Core, CLI, and Server components. This work (PR [#6169](https://github.com/elizaOS/eliza/pull/6169)) will unify log formatting, levels, and filtering capabilities.

### x402 Payment Protection
A middleware system for implementing x402 payment-protected routes is in development. This will enable both EVM and Solana payment verification for API endpoints. The implementation (PR [#6114](https://github.com/elizaOS/eliza/pull/6114)) includes:

```typescript
// Example of protected route definition
app.get('/api/premium-data', 
  x402({
    chains: ['ethereum', 'base', 'solana'],
    token: 'USDC',
    amount: 0.1,
    currency: 'USD'
  }), 
  (req, res) => {
    // Handler only executes after payment verification
    res.json({ data: 'premium content' });
  }
);
```

## 3. Bug Fixes

### Migration from LangChain v0.3 to @langchain/textsplitters v1.0
We've completed the migration away from the deprecated LangChain v0.3, replacing it with the modern `@langchain/textsplitters` package. This resolves issue [#6145](https://github.com/elizaOS/eliza/issues/6145) and ensures long-term stability. Key changes:

```typescript
// Before:
import { RecursiveCharacterTextSplitter } from 'langchain/text_splitter';

// After:
import { RecursiveCharacterTextSplitter } from '@langchain/textsplitters';
```

All related dependencies and resolutions have been updated in plugin starter packages. PR [#6152](https://github.com/elizaOS/eliza/pull/6152) has been merged.

### Agent Settings Persistence
Fixed a critical bug where agent settings weren't persisting across restarts, causing runtime-generated configurations to be lost. The fix ([#6106](https://github.com/elizaOS/eliza/pull/6106)) ensures consistent agent behavior between sessions.

### Entity Names Array Serialization
Resolved an issue where entity creation was failing due to improper handling of the `names` field. The fix normalizes Set objects to arrays before database operations. PR [#6133](https://github.com/elizaOS/eliza/pull/6133) has been merged.

### Environment Variable Loading
Fixed a bug where environment variables defined via `export` weren't being correctly recognized by `runtime.getSetting()`. This issue was causing agents to use incorrect configuration values. PR [#6141](https://github.com/elizaOS/eliza/pull/6141) has been merged.

### Row-Level Security Validation
Fixed an issue where RLS server_id validation checks were incorrectly blocking all users when RLS isolation was disabled. PR [#6139](https://github.com/elizaOS/eliza/pull/6139) has been merged.

## 4. API Changes

### Semantic Clarity: `messageServerId` vs `serverId`
We're improving naming clarity by renaming the ambiguous `serverId` to `messageServerId` in messaging-related contexts. This change maintains backward compatibility while distinguishing between:

- `server_id` - The ElizaOS server instance (for tenant isolation)
- `messageServerId` - External messaging platforms (Discord, Telegram, etc.)

This is part of PR [#6167](https://github.com/elizaOS/eliza/pull/6167), currently under review.

### Optimized Participant Checking
New database-efficient methods have been added for checking participant status:

```typescript
// Before: O(n) complexity - loads all participants into memory
const participants = await runtime.getParticipantsForRoom(roomId);
const isParticipant = participants.some(p => p.entityId === entityId);

// After: O(1) complexity - direct database check
const isParticipant = await runtime.isRoomParticipant(entityId, roomId);
```

These optimizations significantly improve performance for rooms with many participants.

### ElizaOS Reference in Runtime
Added a direct ElizaOS reference to the runtime object, allowing more intuitive access to framework capabilities. This change supports the upcoming unified messaging API. PR [#6111](https://github.com/elizaOS/eliza/pull/6111) has been merged.

## 5. Social Media Integrations

### Discord Plugin
Work is ongoing to improve Discord plugin reliability. PR [#6166](https://github.com/elizaOS/eliza/pull/6166) addresses issues with empty message handling and ensures consistent behavior with the Discord API.

### Farcaster Support
Issue [#6161](https://github.com/elizaOS/eliza/issues/6161) has been opened to request support for Farcaster and Base applications, indicating future expansion of our social media integration capabilities.

## 6. Model Provider Updates

### OpenRouter Integration
Added native embedding support for OpenRouter in the CLI, eliminating the need for users to configure a separate embedding provider when using OpenRouter. PR [#6142](https://github.com/elizaOS/eliza/pull/6142) has been merged.

### Anthropic Parameter Support
PR [#6166](https://github.com/elizaOS/eliza/pull/6166) adds support for the `topP` parameter in Anthropic API calls, providing developers with more control over response randomness.

### DeepSeek API Integration
Issue [#6156](https://github.com/elizaOS/eliza/issues/6156) has been opened to request integration with the DeepSeek API, potentially expanding our model provider options.

## 7. Breaking Changes

### AI16Z to ELIZAOS Token Migration
The snapshot for AI16Z to ELIZAOS token migration was taken on November 11th, establishing a 1:6 migration ratio. Several issues have been reported with exchange support:

- Korean exchanges (particularly Bithumb) users report confusion about migration support
- Kraken users are experiencing similar issues
- Only tokens purchased before the snapshot date are eligible for migration
- A 90-day migration window is in place
- Users who held tokens before the snapshot but on exchanges should keep them there for automatic migration or submit manual migration requests with proof of pre-snapshot ownership

The team is actively working with exchanges to resolve these issues and provide clarity to users.

### V1 to V2 Migration Path
When updating to ElizaOS V2, be aware of these potential migration issues:

1. **Plugin Naming**: With our new plugin name normalization, check your dependencies to ensure they're properly resolved
2. **Database Changes**: The RLS implementation adds new columns and policies to database tables
3. **Environment Variables**: Review your environment setup to ensure variables are correctly loaded

All changes are designed to maintain backward compatibility, but we recommend testing before upgrading production environments.