You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
cesr-rs is published and consumers pin it, but the stability promise lives in tribal knowledge ("the API was re-frozen post-extraction", M3). Before 1.0, write down what pinning cesr-rs 1.x actually guarantees — bombay (M4), agency, and external KERI-ecosystem users will all read this page before depending.
Write STABILITY.md covering
Semver surface: public API = the prelude + module paths preserved at M3; what's explicitly out (fuzz targets, keripy_diff internals, bench code)
Feature-tier guarantees: the support matrix (std / alloc+no_std / wasm32) and which tiers are CI-gated promises vs best-effort; features are additive-forever
Crypto-bump policy: how major bumps of ed25519-dalek/k256/p256/blake3 are handled (this is P3.1 · Evaluate deferred major crypto bumps #34's recurring question — answer it once as policy: crypto major bump = cesr minor IF no public-type leakage, which is why sealing re-exports matters; audit that no dalek/RustCrypto types leak through the public API TODAY, pre-freeze)
keripy-parity promise: what "parity" means versioned (parity as-of keripy X.Y, watcher-fed §P3.2 · Track new algorithms keripy adopts #35–38), so a keripy table addition isn't read as a cesr-rs breakage
Wire/encoding stability: qb64/qb2 output is spec-pinned (CESR spec + keripy differential) — distinguish "encoding bytes never change" (spec promise) from "Rust API may evolve" (semver promise)
Unsafe/security posture: zero-unsafe, zeroization, fuzz cadence — stated as maintained invariants (this is marketing-grade material for the B3 safety-researcher audience too)
Why pre-freeze
Same as the nexus twin card: writing it audits the freeze. The crypto-leakage clause in particular is a real pre-1.0 action item, not just prose.
Acceptance
STABILITY.md merged + linked from README/crates.io page; re-export leakage audit done (any leaked crypto type fixed or consciously documented); #34/#35 watchers reference the policy instead of re-deciding.
From the 2026-07-05 cross-repo roadmap review (twin of the nexus stability-policy card).
Problem
cesr-rs is published and consumers pin it, but the stability promise lives in tribal knowledge ("the API was re-frozen post-extraction", M3). Before 1.0, write down what pinning
cesr-rs 1.xactually guarantees — bombay (M4), agency, and external KERI-ecosystem users will all read this page before depending.Write STABILITY.md covering
Why pre-freeze
Same as the nexus twin card: writing it audits the freeze. The crypto-leakage clause in particular is a real pre-1.0 action item, not just prose.
Acceptance
STABILITY.md merged + linked from README/crates.io page; re-export leakage audit done (any leaked crypto type fixed or consciously documented); #34/#35 watchers reference the policy instead of re-deciding.
From the 2026-07-05 cross-repo roadmap review (twin of the nexus stability-policy card).