From 4f554a1e31e51eba839dd4c948e25270a2dd4bac Mon Sep 17 00:00:00 2001
From: tewatia <tewatia.ankur92@gmail.com>
Date: Wed, 28 Jan 2026 00:35:03 +0530
Subject: [PATCH 1/2] docs(whatsapp): clarify self-message dmPolicy bypass Self
 messages from the linked WhatsApp number bypass dmPolicy and allowFrom checks
 automatically. Clarified that users don't need to add their own number to the
 allowlist.

Self messages from the linked WhatsApp number bypass dmPolicy checks
entirely (via isSamePhone check in access-control.ts)...
---
 docs/channels/whatsapp.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/channels/whatsapp.md b/docs/channels/whatsapp.md
index 6fd30c751..16ec47a65 100644
--- a/docs/channels/whatsapp.md
+++ b/docs/channels/whatsapp.md
@@ -125,7 +125,7 @@ the prefix (use `""` to remove it).
 - **DM policy**: `channels.whatsapp.dmPolicy` controls direct chat access (default: `pairing`).
   - Pairing: unknown senders get a pairing code (approve via `moltbot pairing approve whatsapp <code>`; codes expire after 1 hour).
   - Open: requires `channels.whatsapp.allowFrom` to include `"*"`.
-  - Self messages are always allowed; “self-chat mode” still requires `channels.whatsapp.allowFrom` to include your own number.
+  - Self messages (from the linked WhatsApp number) automatically bypass `channels.whatsapp.dmPolicy` and `channels.whatsapp.allowFrom` checks — your own number is implicitly trusted.
 
 ### Personal-number mode (fallback)
 If you run Moltbot on your **personal WhatsApp number**, enable `channels.whatsapp.selfChatMode` (see sample above).

From a109b7f1a9453823faf9ec27466ed998657519e2 Mon Sep 17 00:00:00 2001
From: Gustavo Madeira Santana <gumadeiras@users.noreply.github.com>
Date: Wed, 28 Jan 2026 20:30:57 -0500
Subject: [PATCH 2/2] Update self message trust policy in WhatsApp docs

Clarified that self messages from the linked WhatsApp number bypass DM policy and allowFrom checks.
---
 docs/channels/whatsapp.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/channels/whatsapp.md b/docs/channels/whatsapp.md
index 16ec47a65..b6ae260ce 100644
--- a/docs/channels/whatsapp.md
+++ b/docs/channels/whatsapp.md
@@ -125,7 +125,7 @@ the prefix (use `""` to remove it).
 - **DM policy**: `channels.whatsapp.dmPolicy` controls direct chat access (default: `pairing`).
   - Pairing: unknown senders get a pairing code (approve via `moltbot pairing approve whatsapp <code>`; codes expire after 1 hour).
   - Open: requires `channels.whatsapp.allowFrom` to include `"*"`.
-  - Self messages (from the linked WhatsApp number) automatically bypass `channels.whatsapp.dmPolicy` and `channels.whatsapp.allowFrom` checks — your own number is implicitly trusted.
+  - Your linked WhatsApp number is implicitly trusted, so self messages skip ⁠`channels.whatsapp.dmPolicy` and `channels.whatsapp.allowFrom` checks.
 
 ### Personal-number mode (fallback)
 If you run Moltbot on your **personal WhatsApp number**, enable `channels.whatsapp.selfChatMode` (see sample above).