AI Agent Memory Deserialization — Tampered State Triggers Code Path Switch

StateBot persists its agent state to a JSON blob in client storage. On each request, the server reloads the JSON and uses a 'role' field to decide which code path to take ('user' = normal, 'admin' = elevated). The state JSON is signed but the signature only covers the message history, not the role field. Tamper with the role field to escalate privileges.