v1.5.12 — Batch Ed25519 attestation signing + MCP manifest SBOM
Two 2026-07-06 competitor-audit gaps closed by direct API surface additions. No breaking changes; both additions are opt-in for consumers.
1. Batch Ed25519 attestation signing — lib/attestation-batch.js
Banks processing 10,000+ loan files per day were paying O(N) Ed25519 verifications to walk the full per-decision hash chain from an audit SIEM. Batch signing summarizes the per-decision chain into one Ed25519 signature over a SHA-256 root hash of concatenated per-decision hashes.
- Per-decision integrity is unchanged —
previous_hashchain (v1.5.10) +dictionary_hashbinding (v1.5.8) still hold. - Batch signature is an aggregate — a SIEM running an hourly integrity sweep now verifies 10K decisions in one Ed25519 op instead of 10K.
- New API:
computeBatchRootHash,batchSignAttestations({privateKey, keyId, batchId?}),batchVerifyAttestations(batchRecord, attestations, {publicKey}). - Tamper detection retained: reordering, count mismatch, signature tamper all detected in the batch verification pass.
Closes the Holistic AI Guardian Agents throughput gap identified in the 2026-07-06 competitor audit.
2. MCP manifest SBOM endpoint — GET /api/mcp-manifest
Bank SIEM + compliance-oversight teams asked: 'what MCP tools are actually in my LLM session with Shadow?' Now answered with a JSON manifest listing every tool Shadow's MCP server exposes.
Response shape:
{
"shadow_version": "v1.5.12",
"mcp_protocol_version": "2024-11-05",
"tool_count": 7,
"tools": [
{
"name": "shadow_loan_council",
"description": "...",
"regulatoryScope": ["SR 26-2 Tier 3 companion", "ECOA/Reg B (12 CFR 1002)", "CFPB Bulletin 2024-09"],
"determinismClaim": "no-llm-inside-tool",
"latencyPercentiles": {"p50_ms": 2, "p95_ms": 5},
"hash_sha256": "<64-char hex>"
},
...6 more tools
],
"manifest_hash_sha256": "<64-char hex over the whole envelope>",
"generated_at_utc": "..."
}- Bank counsel can pin
manifest_hash_sha256in the procurement contract to detect silent tool-set changes across Shadow version bumps. - Every tool carries regulatoryScope + determinismClaim + latencyPercentiles so a compliance oversight officer can audit each tool without reading source.
- Cache-safe 5 minutes.
- Cross-file parity: contract test asserts the manifest tool list matches
mcp/server.jsTOOLS. Adding a tool without updating both fails CI.
Closes the Comply.ai MCP-native discoverability gap identified in the 2026-07-06 competitor audit.
Test surface
- 668 → 690 (+22 new tests, 689 pass / 0 fail / 1 skip)
- New:
test/attestation-batch.test.js(10 tests) — batch signing + verification + tamper detection - New:
test/mcp-manifest.test.js(11 tests) — endpoint shape + cross-file parity + hash determinism
Not shipping in this release
The third competitor-audit gap (POST /api/integrate-rating-service for Moody's/S&P/Fitch attestation binding) is deferred to v1.5.13 next week. The binding needs a partner rating vendor API to test against; not blocking the two upgrades above.
Backward compatibility
buildAttestationAPI is unchanged.- Existing v1.5.7 through v1.5.11 attestations verify unchanged (no wire format change).
- Batch signing is a separate module that consumers opt into.
GET /api/mcp-manifestis a new endpoint; no existing endpoint changed.