diff --git a/frontend/src/proxy.ts b/frontend/src/proxy.ts
index 29c99a5a..dc3a8635 100644
--- a/frontend/src/proxy.ts
+++ b/frontend/src/proxy.ts
@@ -12,12 +12,11 @@ const isClerkEnabled = () =>
 const isPublicRoute = createRouteMatcher(["/sign-in(.*)"]);
 
 export default isClerkEnabled()
-  ? clerkMiddleware((auth, req) => {
+  ? clerkMiddleware(async (auth, req) => {
       if (isPublicRoute(req)) return NextResponse.next();
 
-      // Clerk typings in App Router return SessionAuthWithRedirect.
-      // Use redirectToSignIn() instead of protect(). Keep middleware callback sync.
-      const { userId, redirectToSignIn } = auth();
+      // Clerk typings in App Router return a Promise; keep middleware callback async.
+      const { userId, redirectToSignIn } = await auth();
       if (!userId) {
         return redirectToSignIn({ returnBackUrl: req.url });
       }