BisonDB v1.2.0

TLS transport encryption

With --tls, the authentication handshake and all data now travel inside an encrypted
session — completing the security story: an encrypted, authenticated transport for
single-node use. See the Security page.

Highlights

• TLS 1.2 (ECDHE + AES-GCM) via Mbed-TLS 3.6, vendored through FetchContent so the
  binaries stay dependency-free. (TLS 1.3 is deferred behind a config wrinkle.)
• Server: bisond --tls --tls-cert <pem> --tls-key <pem>, or --tls-self-signed (prints
  a SHA-256 fingerprint to pin). The handshake runs in a worker thread under a timeout, so a
  stalled/malicious handshake can't block accepting.
• Clients: bisonsh and bisonc gain --tls / --tls-ca / --tls-pin /
  --tls-insecure; verification is secure by default (OS trust store + hostname). The shell
  shows a transport indicator (verified / ENCRYPTED-but-UNVERIFIED / not-encrypted).
• Tooling: bisonc tls gen-cert --out-dir <dir> writes cert.pem + a 0600 key.pem.
• Private keys are never logged; a plaintext↔TLS mismatch fails fast with a guiding message.

Secure quickstart

bisonc tls gen-cert --out-dir ./tls --cn localhost
BISONDB_ADMIN_PASSWORD=secret bisond --dir data/db --tls \
    --tls-cert ./tls/cert.pem --tls-key ./tls/key.pem --init-admin admin
bisonsh --connect localhost:27027 --tls-ca ./tls/cert.pem --username admin

Download

bisondb-1.2.0-windows-x64.zip — statically linked bisond / bisonsh / bisonc (only
Windows system DLLs; no runtime to install).

The wire protocol stays v2 (TLS is transport-layer). Without --tls the socket is plain TCP.

BisonDB v1.1.0

Authentication (wire protocol v2)

BisonDB now requires every connection to authenticate before any data command.

⚠️ No TLS yet — the transport is UNENCRYPTED. Credentials and data travel in clear text. Use only on loopback or a trusted LAN until the TLS phase ships.

Highlights

• Users & roles — read / readWrite / admin, enforced by a central capability guard.
• Argon2id password hashing (memory-hard, via Monocypher) with per-user salts; plaintext is never stored. 256-bit session tokens; only a BLAKE2b-256 hash is kept in memory.
• Wire protocol → v2: authenticate, authenticateToken, logout, createUser, dropUser, changePassword, listUsers; new AuthRequired / AuthFailed / Forbidden / TokenExpired codes; serverStatus.security block. Breaking for v1 clients.
• First-run bootstrap: bisond --init-admin <user> (password from $BISONDB_ADMIN_PASSWORD), a one-time stderr bootstrap token, or the offline bisonc auth create-admin.
• Clients: bisonsh gains --username/--token and auth ... meta-commands; bisonc remote commands accept --username/--token.

See docs/protocol.md and the Security page.

Download

bisondb-1.1.0-windows-x64.zip — statically linked bisond / bisonsh / bisonc (only Windows system DLLs; no runtime to install).

BisonDB v1.0.0

First stable release: BSON storage engine, on-disk B+Tree indexes, query engine, bisond server (wire protocol v1), bisonsh shell. Windows x64 binaries are fully static (no runtime DLLs needed). See docs/protocol.md for the wire protocol.