Skip to content

v0.3.0

Pre-release
Pre-release

Choose a tag to compare

View all tags
@github-actions github-actions released this 09 Jun 20:50
· 31 commits to main since this release
v0.3.0
This tag was signed with the committer’s verified signature.
jasonodoom Jason Odoom
GPG key ID: A46573671D50E3D8
Verified
Learn about vigilant mode.
fa8e7a2
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

extractPublicKeyFromAgentId now accepts either the canonical tulpa: prefix or the ink: alias introduced in ink/0.4. Both carry the identical multibase Ed25519 key, so the bootstrap verification key is byte-identical and a signature made with that key verifies regardless of which accepted prefix carried it. The prefix is identity syntax, not signing authority.

Emission is unchanged: deriveAgentId still returns tulpa: (accept both, emit one). The new AGENT_ID_KEY_PREFIXES export is frozen so a consumer cannot widen the accepted set at runtime. The change is additive and backward compatible. Existing tulpa: inputs behave exactly as before, and every previously rejected prefix other than ink: is still rejected. The wire protocol version is unchanged.

A receiver that keys per-sender security state (blocks, rate limits, duplicate-payload checks, cached verification keys, connection identity) MUST collapse the two spellings to one prefix-independent principal so a sender cannot switch prefix to dodge a block or split a rate-limit window. See Identity.

Per the pre-1.0 policy this release publishes under the next dist-tag.

Assets 2
Loading