> ## Documentation Index
> Fetch the complete documentation index at: https://docs.hiroshios.xyz/llms.txt
> Use this file to discover all available pages before exploring further.

# Gateway Channels Overview

> Learn how Hiroshi normalizes incoming message envelopes and secures chat gateways against spoofing.

Hiroshi utilizes a platform-agnostic, normalized gateway pipeline to handle external incoming events.

### ✉️ The `ChannelMessage` Contract

Every event received from Slack, Discord, Telegram, or WebSockets is deserialized into an immutable `ChannelMessage` layout:

```rust theme={null}
pub struct ChannelMessage {
    pub origin: ChannelOrigin,     // Telegram | Discord | Slack | Terminal | Web
    pub chat_type: ChatType,       // Direct | Group | Thread
    pub sender_id: String,         // Immutable network ID
    pub display_name: Option<String>,
    pub session_key: String,       // Compound lookup: agent:channel:chat_type:peer_id
    pub text: String,
    pub attachments: Vec<Attachment>,
    pub timestamp: i64,
    pub is_bot: bool,              // Identifies and blocks potential feedback loops
}
```

***

### 🛡️ Spoofing Protection: The `AllowlistEngine`

To secure the gateway interfaces, Hiroshi implements an allowlist gating filter (`AllowlistEngine`):

* **Network ID Verification**: Ingress packets are evaluated exclusively against unalterable platform network IDs (`sender_id`), never user-controlled display names, neutralizing display-name forgery vectors.
* **Automatic Bot Filtering**: Any message marked with `is_bot = true` is discarded unconditionally to prevent cascading agent loop feedbacks.
* **Open Mode Fallback**: If the `allowed_senders` config variable is left empty, the engine operates in open mode, permitting all non-bot participants.
