🗺️Phases (A / B / C / D)
The journey: Route C → Phase B v2 → Phase C (SIP, pre on-device test) → June handoff → July hardening → Phase D (not started).
The overall timeline of the development phases. Source: INVENTORY.md (PR history) and REVIEW_PHASE_C.md.
2026-05-09
Established a call path with a direct browser ↔ OpenAI WebRTC connection.
- RealtimeSessionAdapter
- Ephemeral key issuance
- Shared tools_core
- /api/realtime/*
Related: aegis-platform #1
2026-05-09 to 05-11
Full implementation of observability, recording, retention, live dashboard updates, and more.
- B1' dashboard live updates (SSE)
- B4 duration_seconds
- B6 retention sweeper (dry-run)
- B7 event-trace endpoint
- B3 AES-256-GCM recording encryption
- B10 WebRTC session recovery v2.5
Related: aegis-platform #2〜#11, #12〜#20
2026-05 to 07 (in progress)
The path that routes inbound calls on real phone numbers into Aegis. The main line is voice-edge A22 (Pi 3B / Bookworm 64-bit / Asterisk 22 + chan_pjsip) co-located with the SIP bridge (AudioSocket ↔ OpenAI Realtime). The 1st gate (route-decision) routes to block/human/ai; the 2nd gate has the bridge actively hang up spam via AMI Hangup (plan B, with a termination safety valve). In July, resilience and a first line of toll-fraud defense were implemented. The earlier v2 standalone (Ubuntu 24.04 / Asterisk 20) is frozen. On-device testing has not been done yet (site wiring values and real-hardware behavior are still ahead).
- 1st gate: route-decision API (block / human / ai routing)
- 2nd gate: the bridge hangs up spam via AMI Hangup (plan B; termination safety valve)
- AudioSocket ↔ OpenAI Realtime bridge + transcript-final retry
- Resilience: whole-call timeout / watchdog / cooperative pump shutdown / AI-continue when AMI is unset
- Toll-fraud first line: outbound-dial flags / recording-name sanitization / source ACL / security log
Related: aegis-sip-bridge #8〜#16, voice-edge #3, #7〜#12
Not started
A call-intent firewall (14 classifications × 8 actions). Note: the design doc CALL_INTENT_FIREWALL_DESIGN.md is not present in the repo, so the detailed spec is undetermined.
- 14 classifications × 8 actions (from this site's source prompt; the repo design doc is undetermined)
For Phase C we created a dedicated repo, aegis-sip-bridge, and prepared a v2 standalone stack (new Pi / Ubuntu 24.04 /
Asterisk 20 / chan_audiosocket / bridge.py). It will merge once on-device testing passes (the PRs are Drafts).
The deploy approach is to keep the wiring package and the bridge separable so each can be carved out independently (not yet built).
This standalone stack is now frozen; the main line for real phone numbers has moved to voice-edge A22 (Asterisk 22 + chan_pjsip).
In June, a review handoff to Namzak Labs (Chris). In July we worked through their findings plus self-reviews (aegis-platform #32-64, bridge #8-16, voice-edge #3, #7-12). Highlights:
- AI-side (Route C) verdict pipeline + an opener-floor guardrail
- Unifying time to UTC / preventing call-log loss / assigning retention windows
- A notification-channel abstraction (app first; Slack / LINE / email are interface-only, default OFF)
- Usage metering (engine canonicalization → usage_events → an aggregation API)
- Stage-4 hardening: idempotent double-billing / effective 4-eyes / cross-tenant lockdown / SIP signature verification / approval TOCTOU closure / webhook input validation
- Atomic Redis state: E1 observe → E2 Lua merge → E3 threadpool
- Bridge / voice-edge resilience and toll-fraud first line (see the Phase C card)
⚑ The hardening is all behind default-OFF, reversible flags. On-device testing is still ahead; the “can / cannot” spec will be finalized after hardware verification.
A call-intent firewall (14 classifications × 8 actions). However, the design doc
CALL_INTENT_FIREWALL_DESIGN.md was confirmed during the INVENTORY survey to be absent from the repo, so the
detailed spec is undetermined.