# Issue Triage — 2026-01-01 ## 1) Agent share-link chat fails / errors when chatting via shared agent URL (Discord-reported) - **Issue Title & ID:** Agent chat via share link returns errors (ID: DISCORD-2025-12-29-SHARELINK-CHAT) - **Current Status:** Reported by users; error details not captured; no linked GitHub issue found. - **Impact Assessment:** - **User Impact:** High (affects new-user onboarding and “try this agent” flow) - **Functional Impact:** Yes (blocks core “chat with agent” use case for share links) - **Brand Impact:** High (public-facing flow appears broken) - **Technical Classification:** - **Issue Category:** Bug / UX - **Component Affected:** Cloud/Agent Sharing, API, Frontend chat (exact layer unknown) - **Complexity:** Moderate effort (needs repro + logging + targeted fix) - **Resource Requirements:** - **Required Expertise:** Full-stack (Cloud/API + frontend), observability/logging - **Dependencies:** Need reproducible steps + error payload; may depend on auth/session handling - **Estimated Effort:** 3/5 - **Recommended Priority:** **P0** - **Specific Actionable Next Steps:** 1. Create a GitHub issue in `elizaos/eliza` (or Cloud repo if separate) with a required repro template. 2. Add instrumentation: capture request IDs + API error codes on share-link chat initiation. 3. Attempt repro across: logged-out vs logged-in, desktop vs mobile, different browsers. 4. Identify whether failure is: agentId parsing, permissions, expired share tokens, or backend routing. 5. Add an automated smoke test for share-link chat in CI (basic “open share link → send message → receive response”). - **Potential Assignees:** **Stan (standujar)** (core/platform), **Shaw** (Cloud/infrastructure), plus a frontend owner if available. --- ## 2) Jeju OAuth3 testnet site demo login not working - **Issue Title & ID:** OAuth3 testnet “demo login” broken on oauth3.testnet.jejunetwork.org (ID: DISCORD-2025-12-31-JEJU-OAUTH3-DEMOLOGIN) - **Current Status:** Acknowledged in core-devs: “It doesn’t work, but otherwise looks good.” Not tracked in GitHub. - **Impact Assessment:** - **User Impact:** Medium→High (partners/devs testing Jeju) - **Functional Impact:** Partial (blocks demo/auth path; rest of site may load) - **Brand Impact:** High (demo login failures undermine readiness for public launch) - **Technical Classification:** - **Issue Category:** Bug - **Component Affected:** Jeju Backend, OAuth3/Auth, possibly session/callback handling - **Complexity:** Moderate effort - **Resource Requirements:** - **Required Expertise:** Auth/OAuth flows, backend + frontend integration, infra DNS/callback config - **Dependencies:** Correct redirect URIs, client config, environment secrets, on-chain registry routing assumptions - **Estimated Effort:** 3/5 - **Recommended Priority:** **P0** - **Specific Actionable Next Steps:** 1. Open a GitHub issue in the Jeju backend repo (if private, create an internal ticket + public placeholder). 2. Capture failing step: login click → redirect → callback; collect HTTP status + console/network logs. 3. Validate OAuth client configuration: redirect URI allowlist, cookie/domain settings, PKCE/state handling. 4. Add a basic end-to-end auth test for the testnet environment. - **Potential Assignees:** **Shaw** (Jeju backend/infrastructure), support from **Stan** for auth patterns if shared with Cloud. --- ## 3) Token migration support gaps (unsupported wallets) + role verification mismatch (Collabland still reflecting AI16Z) - **Issue Title & ID:** Migration friction for unsupported wallets + verification tooling not updated (ID: docs#6211 + DISCORD-2025-12-30-COLLABLAND-VERIFY) - **Current Status:** Known ongoing support burden; docs issue exists; Discord indicates Collabland/verification needs updating to reflect ElizaOS holdings. - **Impact Assessment:** - **User Impact:** Critical (migration ends in February; many users affected) - **Functional Impact:** Partial (not framework runtime, but blocks access/gating and ecosystem participation) - **Brand Impact:** High (users perceive migration as confusing/broken) - **Technical Classification:** - **Issue Category:** Documentation / UX / Bug (tooling integration) - **Component Affected:** Docs, wallet verification, Collabland integration, token gating - **Complexity:** Moderate effort (coordination + config + docs + support automation) - **Resource Requirements:** - **Required Expertise:** Web3 token ops, verification systems (Collabland), documentation - **Dependencies:** Canonical contract addresses per chain; migration rules; verification provider capabilities - **Estimated Effort:** 4/5 - **Recommended Priority:** **P0** - **Specific Actionable Next Steps:** 1. Consolidate “source of truth” token page (CA per chain, bridges, migration timeline, common pitfalls) and prominently link it from website footer/header. 2. Update Collabland (or replacement) to verify **ElizaOS** holdings (not AI16Z) and validate cross-chain logic (SOL/Base/ETH/BSC). 3. Add a “migration troubleshooting decision tree” to docs (wallet type → steps → known errors). 4. Create a pinned Discord message + status page note; reduce repeated support load. - **Potential Assignees:** **Kenk** (community ops/docs tokenomics), **Broccolex** (docs/navigation), **coinfucius.eth** (raised Collabland mismatch), plus a web3 engineer aligned with verification tooling. --- ## 4) Phantom wallet connection issues on desktop (user-facing) - **Issue Title & ID:** Phantom desktop wallet connect issues (ID: DISCORD-2025-12-31-PHANTOM-DESKTOP-CONNECT) - **Current Status:** Reported; troubleshooting started (“desktop app or Chrome app?”). No formal tracking. - **Impact Assessment:** - **User Impact:** Medium (subset of users, but common wallet) - **Functional Impact:** Partial (blocks transfers/verification for affected users) - **Brand Impact:** Medium→High (users blame ElizaOS experience) - **Technical Classification:** - **Issue Category:** Bug / UX - **Component Affected:** Wallet connect integration (dApp), verification flow - **Complexity:** Simple fix → Moderate effort (depending on root cause; often provider-detection/DEEPLINK issues) - **Resource Requirements:** - **Required Expertise:** Web3 frontend, wallet adapter/provider APIs (Phantom) - **Dependencies:** Browser vs desktop app behavior; WalletConnect/Solana adapter versions - **Estimated Effort:** 2/5 - **Recommended Priority:** **P1** - **Specific Actionable Next Steps:** 1. Collect environment matrix from users: OS, Phantom version, browser, extension vs app. 2. Add a diagnostics panel/log for wallet detection and connection errors. 3. Confirm adapter/library versions; test fallback paths (extension first, then deep link). 4. Publish a short workaround doc (e.g., import EOA into Phantom, use extension) while fixing. - **Potential Assignees:** Web3 frontend maintainer; **Kenk** for coordinated support + repro collection. --- ## 5) Unified hooks multi-transport (HTTP/SSE/WS) and duplicate event handling - **Issue Title & ID:** Unified hooks with multi-transport; prevent duplicate events (ID: elizaos/eliza PR **#6300**) - **Current Status:** In progress per Discord; duplicate events were being addressed. - **Impact Assessment:** - **User Impact:** High (affects integrations and real-time workflows) - **Functional Impact:** Yes (duplicates can break downstream automation, billing, or state) - **Brand Impact:** High (event reliability is a platform trust issue) - **Technical Classification:** - **Issue Category:** Bug / Architecture - **Component Affected:** Core Framework / Hooks / Eventing / Transports - **Complexity:** Complex solution (needs correctness across transports + idempotency guarantees) - **Resource Requirements:** - **Required Expertise:** Backend eventing, concurrency, protocol behavior (SSE/WS), testing - **Dependencies:** Clear event semantics; possibly related to messaging refactor discussions (see #6298) - **Estimated Effort:** 4/5 - **Recommended Priority:** **P1** - **Specific Actionable Next Steps:** 1. Define event idempotency model (event IDs, replay rules, at-least-once vs exactly-once expectations). 2. Add integration tests for each transport ensuring no duplicates under reconnect/retry. 3. Ensure dedupe is server-side (preferred) with optional client-side safeguards. 4. Document hook delivery guarantees for plugin authors. - **Potential Assignees:** **Stan (standujar)** --- ## 6) Action call log type registration / streaming call logging correctness - **Issue Title & ID:** Ensure streaming LLM/action calls reliably log to DB (ID: elizaos/eliza PR **#6296**) - **Current Status:** Reported as fixed/merged previously; still listed as an action item—needs verification in production/staging. - **Impact Assessment:** - **User Impact:** Medium→High (devs rely on logs for debugging; ops rely on auditability) - **Functional Impact:** Partial (core runs, but observability/debugging impaired) - **Brand Impact:** Medium (quality perception when logs are missing/wrong) - **Technical Classification:** - **Issue Category:** Bug / Observability - **Component Affected:** Core Framework / Logging / DB schema/type registration - **Complexity:** Simple fix (already merged) + verification work - **Resource Requirements:** - **Required Expertise:** Backend, DB, telemetry/monitoring - **Dependencies:** Deployment status; DB migrations - **Estimated Effort:** 1/5 - **Recommended Priority:** **P1** (verify + close the loop) - **Specific Actionable Next Steps:** 1. Confirm deployed version includes #6296 in Cloud/staging. 2. Add a regression test: streaming call → action call → assert DB rows written with correct types. 3. Add dashboard/alert for “streaming responses without log rows.” - **Potential Assignees:** **Stan (standujar)**, with ops support from **Shaw**. --- ## 7) Twitter plugin authentication security upgrade (OAuth2 PKCE) - **Issue Title & ID:** Implement OAuth2 PKCE for Twitter plugin auth (ID: elizaos-plugins/plugin-twitter PR **#46**) - **Current Status:** Initiated; not confirmed merged. - **Impact Assessment:** - **User Impact:** Medium (users relying on Twitter automation) - **Functional Impact:** Partial (current auth may work but is less secure/less robust) - **Brand Impact:** High (security posture matters; Twitter integrations are visible) - **Technical Classification:** - **Issue Category:** Security - **Component Affected:** Plugin System / Twitter integration - **Complexity:** Moderate effort - **Resource Requirements:** - **Required Expertise:** OAuth2, PKCE flows, secrets management, plugin integration testing - **Dependencies:** Twitter developer app settings; redirect URIs; CLI/cloud secret injection - **Estimated Effort:** 3/5 - **Recommended Priority:** **P1** - **Specific Actionable Next Steps:** 1. Complete PKCE flow + token refresh handling; remove legacy auth paths where possible. 2. Add docs + example config; provide migration steps for existing users. 3. Add integration test stub/mocked Twitter auth flow to prevent regressions. - **Potential Assignees:** Twitter plugin maintainers; coordinate with **Stan** if shared auth utilities exist. --- ## 8) OpenAI plugin: image generation fix + caching to prevent redundant media processing - **Issue Title & ID:** Fix OpenAI plugin image generation; add caching for media handlers (ID: elizaos-plugins/plugin-openai PR **#23**) - **Current Status:** Open PR; reported implemented in Discord. - **Impact Assessment:** - **User Impact:** Medium (users generating images/audio at scale benefit) - **Functional Impact:** Partial (feature degradation without fix; performance/cost issues) - **Brand Impact:** Medium (media features are user-visible; failures look low-quality) - **Technical Classification:** - **Issue Category:** Bug / Performance - **Component Affected:** Model Integration / OpenAI plugin / Media pipeline - **Complexity:** Moderate effort - **Resource Requirements:** - **Required Expertise:** Node/TS, caching strategy, media processing - **Dependencies:** Align with streaming support and any shared cache utilities - **Estimated Effort:** 2/5 - **Recommended Priority:** **P2** - **Specific Actionable Next Steps:** 1. Review PR for cache correctness (keying, TTL, memory growth) and concurrency safety. 2. Add tests: repeated media inputs should not reprocess; ensure cache invalidation doesn’t break outputs. 3. Benchmark cost/perf improvements and document expected behavior. - **Potential Assignees:** **Odilitime** (author/area familiarity), plugin maintainers, reviewer **Stan**. --- ## 9) Database portability: restore first-class SQLite support (vs PGLite debate) - **Issue Title & ID:** Restore first-class SQLite support (ID: TBD-GH-ISSUE-SQLITE-SUPPORT) - **Current Status:** Discussed; no concrete issue/PR linked in provided data. - **Impact Assessment:** - **User Impact:** Medium (local dev, embedded/portable deployments) - **Functional Impact:** Partial (blocks certain deployment styles; not all users) - **Brand Impact:** Medium (developer experience and “it just works” perception) - **Technical Classification:** - **Issue Category:** Feature Request / Architecture - **Component Affected:** Core Framework / Persistence layer - **Complexity:** Architectural change (abstraction + testing across DB backends) - **Resource Requirements:** - **Required Expertise:** DB abstractions, migrations, testing - **Dependencies:** ORM/query layer constraints; existing PGLite assumptions - **Estimated Effort:** 5/5 - **Recommended Priority:** **P2** - **Specific Actionable Next Steps:** 1. Open a GitHub issue with scope: supported SQLite modes, migration strategy, feature parity requirements. 2. Decide “supported” definition: dev-only vs production; concurrency expectations. 3. Create an adapter test suite to validate behavior across SQLite/PGLite/Postgres. - **Potential Assignees:** Core persistence owner (if known), **Stan** to scope, **sayonara** (raised portability angle per summary). --- ## 10) Windows setup friction: Python “no module named src” (Davinci Resolve MCP) - **Issue Title & ID:** Windows batch run fails with `no module named src` (ID: DISCORD-2025-12-29-DAVINCI-MCP-PYTHONPATH) - **Current Status:** Workaround found (set `PYTHONPATH` in PowerShell); needs proper fix/docs. - **Impact Assessment:** - **User Impact:** Medium (Windows users; MCP project subset) - **Functional Impact:** Partial (blocks setup/run for that toolchain) - **Brand Impact:** Medium (onboarding friction) - **Technical Classification:** - **Issue Category:** Bug / Documentation - **Component Affected:** MCP tooling, Windows scripts, packaging/import paths - **Complexity:** Simple fix (packaging) + docs - **Resource Requirements:** - **Required Expertise:** Python packaging, Windows scripting - **Dependencies:** Project structure and how MCP is invoked - **Estimated Effort:** 2/5 - **Recommended Priority:** **P2** - **Specific Actionable Next Steps:** 1. Add a proper entrypoint/module packaging so `src` imports resolve without manual `PYTHONPATH`. 2. Provide a Windows setup guide in docs with verified commands. 3. Add a CI smoke test on Windows if feasible. - **Potential Assignees:** MCP maintainers; contributor **Irie_Rubz** (found workaround) for validation; docs support from **Stan**. --- # Immediate Focus Summary (Top Priority: 5–10) 1. **P0:** Agent share-link chat errors (DISCORD-2025-12-29-SHARELINK-CHAT) — core onboarding flow must work. 2. **P0:** Jeju OAuth3 testnet demo login broken (DISCORD-2025-12-31-JEJU-OAUTH3-DEMOLOGIN) — critical for launch credibility. 3. **P0:** Migration + verification tooling gaps (docs#6211 + Collabland mismatch) — high user volume, time-bound (Feb). 4. **P1:** Unified hooks multi-transport + duplicate events (eliza PR #6300) — platform reliability issue. 5. **P1:** Verify streaming/action logging fix is deployed and regression-tested (eliza PR #6296). 6. **P1:** Twitter plugin OAuth2 PKCE (plugin-twitter PR #46) — security + long-term stability. 7. **P1:** Phantom desktop wallet connect issues — reduce support load and user frustration. 8. **P2:** OpenAI plugin media caching + image generation fix (plugin-openai PR #23). 9. **P2:** Restore SQLite support (TBD issue) — important, but requires deliberate design. 10. **P2:** Windows Python import/setup friction for MCP. --- # Patterns / Themes Indicating Deeper Issues - **Public-facing reliability gaps lack formal tracking:** Multiple production-adjacent problems are reported in Discord without GitHub issues, leading to lost details (no repro steps, no logs, no ownership). - **Eventing correctness is a recurring risk:** Duplicate events (hooks/transports) and messaging API refactor discussions suggest the system needs clearer delivery guarantees and idempotency patterns. - **Onboarding and “first experience” fragility:** Share links, wallet connect, and migration/verification are high-friction touchpoints that strongly influence user perception. - **Auth is a cross-cutting concern:** Twitter OAuth2 PKCE, Jeju OAuth3 demo login, and Cloud login flows indicate the need for shared, tested auth primitives and environment configuration discipline. --- # Process Recommendations (Prevent Recurrence) 1. **Discord → GitHub intake pipeline (mandatory):** Any bug report impacting onboarding/auth/wallets/eventing must be converted into a GitHub issue within 24 hours, including repro template + logs checklist. 2. **“Public demo” smoke tests:** Maintain an automated checklist (or synthetic monitors) for: - Share-link chat send/receive - OAuth demo login (Jeju/Cloud) - Wallet connect (Phantom + one fallback) 3. **Define platform guarantees:** Document hook/event semantics (idempotency, retries, ordering). Require transport-specific integration tests before merging eventing changes. 4. **Release hygiene for user-facing fixes:** For critical fixes (P0/P1), require: - confirmation of deployment target(s) - regression test added - post-deploy verification note/comment to close the loop 5. **Centralize canonical token/migration info:** Single source of truth page, prominently linked; reduce repetitive support and prevent inconsistent third-party verification configs.