v1.2.0

What's new

• Crate renaming: removed agentauth- prefix from all crates — now core, registry, sdk, py, schema (#12)
• k6 load test suite: token-verify, token-issue, grant-request, plus composite scenarios (full-flow, mixed-traffic, 30-min soak) (#15)
• README improvements: fixed clone URL, added Bun/cargo-nextest prerequisites, CI/license/MSRV badges (#13, #14)
• Environment config: updated .env.example with correct docker-compose ports and approval UI variables (#11)

v1.1.0

What's new

• Compliance test suite: 64 tests across 6 modules covering security invariants — token security, behavioral envelope enforcement, DPoP binding, capability boundaries, nonce replay prevention, and audit log integrity
• Approval UI redesign: Industrial dark theme with Tailwind CSS, skeleton loading states, staggered animations, and improved UX for capability review and two-step confirmation flows

v1.0.0

AgentAuth v1.0.0

Initial release of AgentAuth - a capability-based authentication system for AI agents.

Features

• Core Library - Protocol types, Ed25519 cryptography, capability schemas
• Registry Service - Token issuance, grant management, agent registration
• Verifier Service - High-performance token verification with Redis caching
• Approval UI - React frontend for human capability approvals with WebAuthn
• Rust SDK - Full-featured client with DPoP, rate limiting, token caching
• Python Bindings - PyO3 bindings with LangChain and AutoGen integrations

Security

• HSM key storage (AWS KMS, GCP Cloud KMS, Vault Transit)
• DPoP sender-constraint for token binding
• Nonce-based replay prevention
• Immutable audit log with hash chain integrity
• Constant-time cryptographic comparisons

Performance

• Sub-5ms p99 token verification (Redis warm)
• 10,000 verifications/second throughput target

Documentation

• Threat model covering 13 attack vectors
• Operations runbook for all alerts
• Capacity planning guide