Skip to content

Releases: alex-jb/shadow-mentor

Shadow v1.5.15 — cross-vertical trader-pack live

Choose a tag to compare

@alex-jb alex-jb released this 07 Jul 14:34

Shadow v1.5.15 — the "one engine, three verticals" release

Bundles the 2026-07-06 evening → 2026-07-07 morning autonomous shipping burst. Delivers the strategic claim from docs/strategy/roadmap-2026-2028.md: banking + trading share one attestation key, one signing payload, one MCP tool namespace, one SBOM manifest.

v1.5.15 (2026-07-07) — Trader-pack MCP tool + Ed25519 on trading verdicts

  • shadow_size_position = 8th MCP tool. Bank analysts inside Cursor / Claude Desktop / OpenCode can size trades from natural language: "Size a $10k long on this thesis, medium vol, 55% p_win, 4%/2% avg win/loss." Returns a signed, Kelly-cap-respecting, drawdown-adjusted position in <5ms. Never emits a direction (FinPos Contract #1 — Judge owns direction).
  • POST /api/deliberate with {"mode": "trading", "trade": {...}} — dispatch to trader-pack Risk Sizer before banking-mode validation. Same endpoint, two verticals.
  • Ed25519 attestation on trading verdicts — same signing key + payload format as banking (modelId = "shadow/trader-pack-risk-sizer@v0.2"). Bank counsel who reads a banking attestation reads a trading attestation with zero context switch.
  • Cross-language contract — 7 pure-JS tests parallel to Orallexa tests/test_risk_sizer_contract.py. Any drift breaks both sides.

v1.5.14 (2026-07-06) — Persona professionalization

Every loan-council voice rationale now speaks in the register of a real Fed / CFPB examiner. Compliance cites Reg B §1002.6 + CFPB Circular 2022-03. Risk cites SR 26-2 materiality + effective challenge. Fair Lending cites the FFIEC three-step. Customer Advocate cites CFPB Bulletin 2024-09. Macro Contrarian cites historical stress episodes (2008 CMBS, 2020 SVB, 2023 Signature).

v1.5.13 (2026-07-06) — POST /api/spatial-render for Flow ingestion

3D scene descriptor with 4 render modes (full / reduced / focus / tethered) that any WebXR client can consume. Powers the Ambient Council HUD demo path. Layout math server-side so bandwidth-constrained mobile / XREAL clients don't have to.

v1.5.12 (2026-07-06) — Batch attestation + GET /api/mcp-manifest SBOM

  • lib/attestation-batch.js — batch Ed25519 signing over a SHA-256 root hash of concatenated per-decision hashes. SIEM verifies O(1) instead of O(N). Closes the Holistic AI Guardian Agents throughput gap.
  • GET /api/mcp-manifest — 8 MCP tools published as an SBOM with per-tool + envelope SHA-256 hashes. Bank counsel pins manifest_hash_sha256 in procurement contracts. Closes the Comply.ai MCP-native discoverability gap.

Why one bundle?

Because to procurement, this is one story: cross-vertical + tamper-evident + discoverable. Splitting it into 4 tiny releases dilutes the pitch. The v1.5.12 → v1.5.15 chain proves shipping velocity on a compressed timeline.

Tests

706/707 → 727/728 (+21 across the burst, zero regressions on banking tests, 1 skipped is OCR live smoke on billing envelope). GitHub Actions CI green throughout.

Cross-vertical evidence chain

  • Bank pitch shows POST /api/deliberate with loan council + risk council + attestation.
  • Trading desk pitch shows POST /api/deliberate with mode=trading + Risk Sizer + attestation.
  • Same key, same payload, same MCP surface. If the bank believes the audit chain, the trading desk gets it for free.

Upstream refs

  • FinPos: arXiv 2510.27251
  • Orallexa v1.2.0 engine/risk_sizer.py (Python counterpart of lib/personas/trader-pack/risk-sizer.js)
  • CFPB Circular 2022-03; Reg B §1002.6; FFIEC three-step; SR 26-2

🤖 Generated with Claude Code

v1.5.14 — Persona professionalization + Strategic roadmap 2026-2028

Choose a tag to compare

@alex-jb alex-jb released this 07 Jul 04:21

Post 4-agent full-web deep research burst.

Persona professionalization

Rewrote all 5 core persona rationale strings in real regulatory examiner voice:

  • Credit Fundamentals — Reg B §1002.6 + CFPB Circular 2022-03 principal reasons
  • Risk Officer — SR 26-2 materiality + effective challenge framing
  • Fair Lending Compliance — FFIEC three-step disparate-impact framework
  • Customer Advocate — CFPB Bulletin 2024-09 model traceability + Circular 2022-03
  • Macro Contrarian — historical stress episodes (2008 CMBS, 2020 SVB, 2023 Signature CRE) + SR 26-2 conservatism

Voice sounds like a Fed / CFPB examiner. 706/707 tests pass, zero regressions.

Strategic roadmap

docs/strategy/roadmap-2026-2028.md + PDF. 18-month plan covering voice+AR stack, hardware bet, three-vertical opportunity (Bank/Trading/Data-Science), design references, and path to $1M ARR by 2028-Q1.

Test surface

707 tests / 13 previous releases + this = 14 GitHub Releases live.

v1.5.13 — POST /api/spatial-render for Flow Immersive

Choose a tag to compare

@alex-jb alex-jb released this 07 Jul 02:54

XREAL One Pro integration path shipped. Third 2026-07-06 competitor-audit gap closed.

What ships

lib/spatial-render.js + POST /api/spatial-render — deterministic Flow-shaped scene JSON from a Shadow /api/deliberate response.

Every persona becomes a spatial card in a semicircle around a reviewer standing at (0, 1.6, 1), looking toward -Z. Positions are pre-computed and returned in the response so the Flow scene template consumes a one-line JSON.parse instead of re-deriving positions.

Four render modes for XREAL One Pro FPS pressure

Mode Personas visible Ambient background Tethered hint When to use
full All 3DGS webcam capture No Default; laptop + XREAL good FPS
reduced All None No X1 chip standalone under FPS pressure
focus 2 (configurable) None No Reviewer summon-on-demand pattern
tethered All 3DGS Yes Hint client to plug XREAL into laptop

Ownership context

XREAL One Pro arrives at Loredana Levitchi 2026-07-11 (Amazon max Saturday). Test protocol lives at docs/xreal-one-pro-test-protocol/ (shipped 2026-07-06). This endpoint feeds that test protocol.

Backward compatibility

  • No existing endpoint changed
  • /api/spatial-render is a new POST endpoint; /api/deliberate response shape is unchanged
  • Layout is deterministic: same council response always renders to the same scene

Test surface

  • 690 → 707 (+17, 706 pass / 0 fail / 1 skip)
  • New: test/spatial-render.test.js — 17 tests covering deterministic layout, mode switches, focus hiding, audit-chain object placement, and loan_council.voices fallback path

v1.5.12 — Batch Ed25519 attestation signing + MCP manifest SBOM

Choose a tag to compare

@alex-jb alex-jb released this 07 Jul 02:46

Two 2026-07-06 competitor-audit gaps closed by direct API surface additions. No breaking changes; both additions are opt-in for consumers.

1. Batch Ed25519 attestation signing — lib/attestation-batch.js

Banks processing 10,000+ loan files per day were paying O(N) Ed25519 verifications to walk the full per-decision hash chain from an audit SIEM. Batch signing summarizes the per-decision chain into one Ed25519 signature over a SHA-256 root hash of concatenated per-decision hashes.

  • Per-decision integrity is unchangedprevious_hash chain (v1.5.10) + dictionary_hash binding (v1.5.8) still hold.
  • Batch signature is an aggregate — a SIEM running an hourly integrity sweep now verifies 10K decisions in one Ed25519 op instead of 10K.
  • New API: computeBatchRootHash, batchSignAttestations({privateKey, keyId, batchId?}), batchVerifyAttestations(batchRecord, attestations, {publicKey}).
  • Tamper detection retained: reordering, count mismatch, signature tamper all detected in the batch verification pass.

Closes the Holistic AI Guardian Agents throughput gap identified in the 2026-07-06 competitor audit.

2. MCP manifest SBOM endpoint — GET /api/mcp-manifest

Bank SIEM + compliance-oversight teams asked: 'what MCP tools are actually in my LLM session with Shadow?' Now answered with a JSON manifest listing every tool Shadow's MCP server exposes.

Response shape:

{
  "shadow_version": "v1.5.12",
  "mcp_protocol_version": "2024-11-05",
  "tool_count": 7,
  "tools": [
    {
      "name": "shadow_loan_council",
      "description": "...",
      "regulatoryScope": ["SR 26-2 Tier 3 companion", "ECOA/Reg B (12 CFR 1002)", "CFPB Bulletin 2024-09"],
      "determinismClaim": "no-llm-inside-tool",
      "latencyPercentiles": {"p50_ms": 2, "p95_ms": 5},
      "hash_sha256": "<64-char hex>"
    },
    ...6 more tools
  ],
  "manifest_hash_sha256": "<64-char hex over the whole envelope>",
  "generated_at_utc": "..."
}
  • Bank counsel can pin manifest_hash_sha256 in the procurement contract to detect silent tool-set changes across Shadow version bumps.
  • Every tool carries regulatoryScope + determinismClaim + latencyPercentiles so a compliance oversight officer can audit each tool without reading source.
  • Cache-safe 5 minutes.
  • Cross-file parity: contract test asserts the manifest tool list matches mcp/server.js TOOLS. Adding a tool without updating both fails CI.

Closes the Comply.ai MCP-native discoverability gap identified in the 2026-07-06 competitor audit.

Test surface

  • 668 → 690 (+22 new tests, 689 pass / 0 fail / 1 skip)
  • New: test/attestation-batch.test.js (10 tests) — batch signing + verification + tamper detection
  • New: test/mcp-manifest.test.js (11 tests) — endpoint shape + cross-file parity + hash determinism

Not shipping in this release

The third competitor-audit gap (POST /api/integrate-rating-service for Moody's/S&P/Fitch attestation binding) is deferred to v1.5.13 next week. The binding needs a partner rating vendor API to test against; not blocking the two upgrades above.

Backward compatibility

  • buildAttestation API is unchanged.
  • Existing v1.5.7 through v1.5.11 attestations verify unchanged (no wire format change).
  • Batch signing is a separate module that consumers opt into.
  • GET /api/mcp-manifest is a new endpoint; no existing endpoint changed.

v1.5.11 — Schema↔runtime coherence drift gates

Choose a tag to compare

@alex-jb alex-jb released this 05 Jul 22:29

48 tests fired every npm test: L3 threshold values must match LOAN_DEFAULTS, every PERSONA_PROMPTS × seniority must contain 5 required clauses + persona anchor + MAX cap in 250-360 range. Structural pins catch benchmark-affecting drift at PR time without live Anthropic credits. Not shipped: actual benchmark rerun (blocked on credit topup). Tests 620 → 668 (+48).

v1.5.10 — Hash-chain integrity verifier

Choose a tag to compare

@alex-jb alex-jb released this 05 Jul 22:29

previous_hash was populated in every attestation but never exercised. This ships the exercise: lib/attestation-chain.js primitive + POST /api/verify-chain + bin/verify-chain.mjs CLI over JSONL logs. Attack detection covered: truncation, reordering, mid-chain insertion, post-hoc edit cascades. Chain verification is separate from signature verification — run both. Tests 598 → 620 (+22).

v1.5.9 — AML/KYC adversarial hardening (32 tests)

Choose a tag to compare

@alex-jb alex-jb released this 05 Jul 22:29

ACAMS 2026 procurement lane hardening. 32 new tests: every AML flag + KYC status fires independently with correct citation; block wins over escalate; kyc_status × aml_flags cross-dimension; unknown-flag escalate fail-safe (never silent drop); tipping-off compliance (rationale must NOT contain raw flag key string, AA06 label must NOT name OFAC/SDN); confidence tiering 0.95/0.75/0.60; policy tables frozen. Bank compliance procurement teams read the test file. Tests 566 → 598 (+32).

v1.5.8 — dictionary_hash binding attestation (Reg B moat)

Choose a tag to compare

@alex-jb alex-jb released this 05 Jul 22:28

Closes Reg B's highest-stakes control. Bank counsel signs the reason-code dictionary; before v1.5.8 a downstream could swap that file between signature and audit time. Now every attestation binds SHA-256(dictionary bytes) into the signing payload. Post-hoc edit → hash mismatch → signature fails. Wire back-compat: field appended to signing payload ONLY when present, so pre-v1.5.8 attestations verify unchanged. Python side updated to match. Tests 556 → 566 (+10).

v1.5.7 — GET /api/attestation-info discovery + fingerprint

Choose a tag to compare

@alex-jb alex-jb released this 05 Jul 22:28

Bank SIEM pipelines auto-hydrate the verifier's public key by hitting a single endpoint. Ed25519 mode returns public_key_pem + SHA-256 SPKI fingerprint (RFC 5280). HMAC mode exposes only mode + key_id. 5-min cache. Auditors cross-check the endpoint fingerprint against an out-of-band copy from procurement time to detect silent rotation. Tests: 548 → 556 (+8). All green.

v1.5.6 — Python verifier + Node↔Python cross-language proof

Choose a tag to compare

@alex-jb alex-jb released this 05 Jul 04:42

Extends the verifier reach past Node. Banks whose SIEM pipelines are Python-based (Splunk SDK, pandas-based audit tooling, custom compliance harnesses) no longer need Node on the box.

What's new

  • `python/shadow_verify/` — pure-Python verifier. Same wire contract as the Node primitive (pipe-delimited signing payload, sorted-key JSON canonicalization, base64 signature for Ed25519, hex for HMAC). Response shape identical to the Node MCP tool + HTTP endpoint. Stdlib-only for HMAC mode; `cryptography>=41` required only for Ed25519 PEM parsing.
  • `python/pyproject.toml` — `pip install python/` works out of the box. Ready for PyPI publish as `shadow-verify` v0.1.0.
  • `test/python-verify-cross-lang.test.js` — 5 cross-language tests where Node signs and Python verifies. Includes a nested-array-in-nested-object edge case that catches ANY canonicalization drift between the two implementations. Skips gracefully if `python3` or `cryptography` aren't installed on the runner — CI without Python stays green, but Python-equipped environments actively prove compat.

Verifier surface (cross-language complete)

Language Surface Path Best for
Node CLI `bin/verify-attestation.mjs` dev machines, procurement demos
Node MCP tool `shadow_verify_attestation` Claude Desktop / Cursor / OpenCode chat
Node HTTP endpoint `POST /api/verify-attestation` SIEM pipelines, CI, curl from anywhere
Python library `from shadow_verify import verify_attestation` Splunk SDK, pandas audit tooling, Python compliance harnesses

Why this matters

Banks are typically Python shops for compliance work. A Node-only verifier told a bank: "your ops team has to learn Node just to check a signature." That's friction that scuttles procurement conversations. `pip install shadow-verify` removes it.

Use

```python
from shadow_verify import verify_attestation

result = verify_attestation(
attestation=persisted["response"]["attestation"],
original_request=persisted["request"],
original_response={k: v for k, v in persisted["response"].items()
if k != "attestation"},
public_key_pem=open("shadow-public.pem").read(),
)
if result["ok"]:
print(f"verified — model_id: {result['model_id']}, key_id: {result['key_id']}")
```

Response shape identical to the Node MCP tool + HTTP endpoint, so audit-trail comparability holds regardless of language.

Tests

  • Node test suite: 543 → 548 (+5 cross-language). All green.
  • Python test suite: 16/16 passed via `python3 python/tests/test_verify.py`.

Not yet shipped

  • PyPI publish (needs Alex's Trusted Publisher setup at pypi.org)

Full details: CHANGELOG.md