v3.1.1 - the audited content milestone, hardened

The audited content milestone, hardened — five release-audit rounds closed by hand.

Builds on v3.1.0 and locks it down:

• Ruleset AST v2 — deterministic homebrew as DATA: a strict closed-grammar interpreter, byte-identical across TypeScript / Python / Rust, NFC-guarded at every name boundary.
• 5e Action Pack — event-sourced spell slots + concentration + the RAW condition table, all replay-stable.
• Forge-proof persistence — the signed .loom bundle gains a v3 length-prefixed signature + ownership-binding digest, so a save cannot be re-pointed at another world or truncated undetected (rejected on all three surfaces).
• delve-mini headless proof — a full multi-room run reconstructed from the tape, the TileMap stage folded into the fingerprint.

Hardening (audit rounds 4–8, hand-closed): NFC parity on the seal, every seed digest, and the AST name guard across all three surfaces; the bundle-binding fork shut everywhere; every version surface (package.json, the TS constant, both pyproject/Cargo pairs, the runtime constants) now test-locked to one string so a future bump that misses a file fails CI before it can reach a tag.

4,270 tests pass. Published to npm (loom-engine), PyPI (loom-engine-rpg + loom-engine-native), and crates.io (core crates 0.1.2). Determinism gate green across TS, Python, and Rust at the same commit.

v3.1.0 - AST v2 + 5e Action Pack + forge-proof persistence

AST v2 + the 5e Action Pack + forge-proof persistence + delve-mini — the audited content milestone.

Brought 5e/PF2e content depth onto the deterministic core:

• 5e Action Pack — leveled spell slots, concentration, and the full RAW condition set, each an event-sourced, replay-verifiable primitive.
• Ruleset AST v2 — the homebrew interpreter graduated to a richer closed grammar (PbtA-style 2d6 moves, d100 roll-under), still no untrusted code, still fail-closed before any RNG draw.
• delve-mini — a multi-room dungeon run reconstructed from the tape as a headless determinism proof.

Codex release-audit round 4 found and fixed a cross-surface persistence fork — a Rust producer could sign a non-NFC worldId the TypeScript and Python surfaces rejected — before this tag.

Superseded the same day by v3.1.1, which hardens this milestone across audit rounds 5–8. Install 3.1.1.

v3.0.0 - Living Persistent World + cross-language surfaces + multiplayer core

Deterministic server-authoritative world engine: Any-System ruleset AST, world snapshot+replay, offline Epoch tick, fail-closed suspend/resume, and the real-time multiplayer core (command frames + rollback reconciliation + region hashing). One Rust core, byte-identical across TypeScript (npm), WASM, PyO3, and a C ABI.

v2.3.0 - deterministic TTRPG core, every language

Loom Engine v2.3.0 - deterministic TTRPG core, every language

Extracts the deterministic tabletop primitives into a cross-language core that runs byte-identically in TypeScript, Python, and Rust - the basis for replay, server-authoritative anti-cheat, and honest AI narration.

• Rules modules: grid-free range bands, the per-round reaction economy, the narration contract (findInventedNumber), and 5e / Pathfinder 2e ruleset adapters (action economy, initiative with a numeric-aware tiebreak, conditions).
• One core, every surface: a Rust core (loom_math, loom_combat, loom_events) bound to WASM (wasm-bindgen), a native Python wheel (PyO3), and a C ABI (cbindgen) for C#/Unity, Godot, and Go.
• Companion packages: pip install loom-engine-rpg (then import loom_engine); Rust crates on crates.io.
• Cross-language byte-parity enforced by a shared golden-vector suite the TS, Python, and Rust harnesses all assert against.
• Hardened by a full external security + cross-language determinism audit. 4131 / 4131 tests pass.

npm install loom-engine

v2.2.5 - EventChain DoS guard + transactional fromSnapshot

Recursion-depth DoS guard (MAX_CANONICAL_DEPTH = 256) on canonicalJson and deepCloneJson, so a hostile deeply-nested payload from an untrusted snapshot is rejected early and fails closed instead of exhausting the stack. Transactional fromSnapshot - a too-deep or throwing row now leaves the instance state intact instead of desyncing. Refreshed README + npm description. Round-5 independent security audit GREEN with no findings. 4,087 tests pass. This is npm latest.

v2.2.4 - EventChain hardening, round-3 audit GREEN

Current latest. Rejects an own proto data key and deep-clones via defineProperty so no clone path can reach the prototype setter. Round-3 independent security audit came back GREEN with no CRITICAL, HIGH, or MED findings. Full test suite 4082 of 4082 passing. Recommended version - this is npm latest.

v2.2.3 - EventChain round-2 audit fixes

Round-2 audit hardening. Closes the remaining canonicalization injectivity gaps: negative zero (stringifies to 0 yet is a distinct value), JSON-erased object and array metadata (symbol keys, non-enumerables, accessors, extra array props), and seal-head lone surrogates - all rejected fail-closed. Stored payloads are deep-cloned at every trust boundary so no external reference can mutate signed chain state.

v2.2.2 - EventChain round-1 crypto audit fixes

Round-1 audit hardening. Length-prefixed and domain-tagged canonical message for an injective encoding (no field-boundary forgery). Strict canonicalization fails closed on non-JSON values instead of collapsing to null. Lone-surrogate rejection on every signed string. Verify-before-mutate snapshot load. Constant-time signature compare.

v2.2.0 - EventChain (tamper-evident HMAC event log)

EventChain - a tamper-evident, HMAC-SHA-256-chained event log. The integrity-bearing sibling of EventLog: every appended record is signed and folds in the previous record signature, so the whole log is a hash chain. Catches field tampering, record deletion, reordering, and (with seal) tail truncation. Ported from the server-authoritative event tape running in the LoomMaster backend.

v2.1.0 - BestiaryKernel + Trinity Wave 2.1

Trinity Wave 2.1: universal creature lifecycle kernel.

BestiaryKernel is one new pure-logic kernel that unifies NPC creature handling: SoA storage at <100 bytes per creature, generational 32-bit handles, per-slot pre-allocated BehaviorTree instances, double-buffered death-FX event ring, zero-allocation hot-loop ticks. Integrates the existing Trinity kernels through one facade so consumers stop writing their own ad-hoc AI / spawn / death pipelines:

• SonicSync perception drained into per-slot blackboards
• LoomPulse mood values pulled into BT context each tick
• InferenceOrchestrator cloud-lane requests submitted for T3+ only
• NarrativeMemory prior-death recall biases initial mood
• BehaviorTree instances drive intent (action, velocity, facing) per tick; the kernel reads intent and writes SoA

Ships with CREATURE_CATALOG: 6 skeleton variants for Wave 2.1 — warrior, archer, caster (T1 fodder), bone reaver, choir skeleton (T2 elite), and First Standing (T3 mini-boss with cloud inference). Each variant declares spec data (sizeScale, palette key, BT id, mood channel, audible signature, perception radius, inference lane, death FX taxonomy, signature behaviors) so adding a new family requires zero kernel code changes.

defaultBehaviorTreeFactory ships authored fallback BTs for all 6 variants — pursue / kite / channel / charge / wail / fallback-selector patterns matching the signatureBehaviors field. Consumers can swap the factory wholesale via setBehaviorTreeFactory for richer per-variant authoring.

Tests

• 4032 / 4032 green (up from 3984 at v2.0.0, +48 BestiaryKernel tests)
• 30 concurrent creatures × 60 ticks under 4ms on desktop V8

Install

```
npm install loom-engine # gets 2.1.0
npm install loom-engine@beta # also 2.1.0
```

Compatibility

Drop-in upgrade from v2.0.x. No breaking changes. BestiaryKernel is additive — existing Trinity Mainframe consumers keep working unchanged.

🤖 Generated with Claude Code