diff --git a/app/api/items/[id]/reorder/route.ts b/app/api/items/[id]/reorder/route.ts
index 0d038e7..f1e5e60 100644
--- a/app/api/items/[id]/reorder/route.ts
+++ b/app/api/items/[id]/reorder/route.ts
@@ -90,24 +90,25 @@ export async function POST(
     allItems.splice(newSortOrder, 0, movingItem);
 
     // Update all sortOrders in a transaction for atomicity
-    const updatedItem = await db.transaction(async (tx) => {
-      // Update all sortOrders
+    // Note: better-sqlite3 is synchronous, so no async/await in transaction
+    const updatedItem = db.transaction((tx) => {
       for (let i = 0; i < allItems.length; i++) {
-        await tx
-          .update(wishlistItems)
+        tx.update(wishlistItems)
           .set({
             sortOrder: i,
             updatedAt: new Date(),
           })
-          .where(eq(wishlistItems.id, allItems[i].id));
+          .where(eq(wishlistItems.id, allItems[i].id))
+          .run();
       }
 
       // Get the updated moving item
-      const result = await tx
+      const result = tx
         .select()
         .from(wishlistItems)
         .where(eq(wishlistItems.id, id))
-        .limit(1);
+        .limit(1)
+        .all();
 
       return result[0];
     });
diff --git a/app/page.tsx b/app/page.tsx
index 8b505a9..acf4660 100644
--- a/app/page.tsx
+++ b/app/page.tsx
@@ -37,7 +37,11 @@ export default function HomePage() {
           }
           return;
         }
-        // Unauthenticated — show a simple landing
+        // Unauthenticated — redirect to wishlist anyway (GuestGuard will block them there)
+        const lists = await wishlistsApi.getAllPublic();
+        if (!cancelled && lists.length > 0) {
+          router.replace(`/${lists[0].slug}`);
+        }
       } catch {
         // ignore
       }