Releases
All PEAC Protocol releases follow semantic versioning. Every release is published to npm under the @peac scope, and all packages in the monorepo share the same version number.
v0.16.1 (June 28, 2026)
CLI Metadata Alignment
Aligns CLI metadata with the package version. CLI observation and record metadata now source platform.peac_cli_version from package metadata through the canonical getVersion(), replacing a hardcoded fallback.
- No wire-format, schema, signing, registry, or verification behavior change.
- Public API, wire format (0.2), public schema, extension groups (19), receipt types (61), conformance sections (32), and requirement IDs (290) unchanged.
- 36 published packages, 107 build targets, 19 extension groups, 61 receipt types, 11,975 tests, 290 conformance requirement IDs, 32 sections
v0.16.0 (June 28, 2026)
Deterministic Verification for Portable Records
Aligns record verification across the TypeScript and Go implementations and tightens raw input validation, with no change to the wire format or public schema.
- PEAC Ed25519 verification profile: cofactorless verification with a shared small-order denylist and a fixed-width scalar comparison, aligned across the TypeScript and Go implementations.
- I-JSON (RFC 7493) input validation: the JWS protected header and payload are validated as I-JSON before parsing; duplicate object member names, out-of-range numbers, and invalid strings are rejected.
- Three new validation error codes:
E_IJSON_DUPLICATE_MEMBER_NAME,E_IJSON_NUMBER_OUT_OF_RANGE, andE_IJSON_INVALID_STRING(error registry grows from 186 to 189). createReplayGuard: an optional, composable bounded replay guard for online consumers of already-verified records (classifies a record as fresh, replayed, or outside-window); not wired into stateless verification.- Supported Node floor raised to
>=22.13.0for stable WebCrypto Ed25519. - Wire format unchanged (0.2). Public schema, extension groups (19), receipt types (61), conformance sections (32), and requirement IDs (290) unchanged.
- 36 published packages, 107 build targets, 19 extension groups, 61 receipt types, 11,974 tests, 290 conformance requirement IDs, 32 sections
v0.15.3 (June 26, 2026)
Integration and verifier pack
Adds an example and two informative documents that make portable signed records easier to find and reason about, with no change to wire format, schema, registries, public API, or signing.
- New example
open-model-inference-records: issues a signed record for an open-model inference call and verifies it offline, reusing the existing agent-action record and binding an inference observation manifest digest. - Portable signed records crosswalk: maps existing examples to evaluation, audit, and transparency contexts.
- Evidence-primitive note: a standards-facing note defining the portable signed interaction record as an evidence primitive.
- Public API, wire format (0.2), and public schema unchanged. Extension groups (19), receipt types (61), conformance sections (32), and requirement IDs (290) unchanged.
- 36 published packages, 107 build targets, 19 extension groups, 61 receipt types, 11,863 tests, 290 conformance requirement IDs, 32 sections
v0.15.2 (June 22, 2026)
Verification and signing hardening
Hardens receipt verification and signing-related surfaces, aligns UCP HTTP Message Signature verification with RFC 9421 and RFC 9530, and keeps the README quickstart truthful against the shipped CLI.
- UCP HTTP Message Signature verifier:
@peac/mappings-ucpverifyUcpHttpSignature(RFC 9421) reusing@peac/http-signatures, with RFC 9530Content-Digestverification over raw body bytes andUCP-Agentprofile binding. The legacy detached-JWS webhook path is retained and deprecated with no silent fallback. - TAP security: the issuer is derived strictly from the
keyidand fails closed when thekeyidis not an absolutehttpsURL; key-to-issuer derivation is centralized in@peac/mappings-tap(issuerFromKeyid). - Receipt verification hardened: generic unexpected-error messages and deterministic rejection of wrong-length Ed25519 signatures.
- Structured Field parsing (RFC 9651 / RFC 4648) tightened: valid unpadded base64 is accepted; base64url and malformed padding are rejected.
- README quickstart verification: a tooling check that the documented offline quickstart runs against the shipped
@peac/cliand fails closed on a tampered record. - Internal helper exports hidden from the
@peac/mappings-tapand@peac/rails-x402package barrels; UCP base64url and JCS encoding consolidated onto@peac/crypto. - Public API additive (
verifyUcpHttpSignature). Wire format unchanged (0.2). Schema, extension groups (19), receipt types (61), and conformance sections (32) unchanged. - 36 published packages, 106 build targets, 19 extension groups, 61 receipt types, 11,813 tests, 290 conformance requirement IDs, 32 sections
v0.15.1
Samples and offline verification
Makes the local verification path self-contained: generated samples pass local verification out of the box, and peac verify accepts a local public key for fully offline verification.
- Offline verification:
peac verify --public-key <file>verifies a receipt with a local Ed25519 public JWK or single-key JWKS; rejects private keys, multi-key sets, and non-Ed25519 keys. The network JWKS path is unchanged when the flag is omitted. peac samples generateissues valid samples through the canonical issuance path, so every generated record passes local verification; sample inputs are validated before any write.examples/mcp-gateway-receipts: gateway-mediated MCP tool calls with a signed tool-definition manifest, allow and deny decision records, deterministic content digests, redaction recorded as a fact, and tamper checks.- MCP Streamable HTTP quickstart refreshed: session header capture and reuse, current protocol version, modern
_metacarrier demo with tamper checks. - Workspace package boundary gate and release-process gates (split-stage closeout, audit-exception expiry, OpenTelemetry version-currency).
- Public API additive only (
peac verify --public-key). Wire format unchanged (0.2). Extension groups (19) and receipt types (61) unchanged.
v0.15.0
Interoperability for portable signed records
Strengthens PEAC's records-first public surface and the interoperability and composition surfaces around portable signed interaction records.
- Records-first front door: README, the Start Here page, and the developer guide lead with portable signed interaction records and a records-first quickstart path.
- Signed-records interoperability matrix: documents how PEAC composes with adjacent signed-record formats (AP2, ERC-8126 with ERC-8004, x402, MCP, SCITT), with per-row upstream source, status, PEAC artifact, composition, and boundary. See Interoperability.
- Interoperability conformance vectors: ERC-8126 attestation-format and AP2 open-mandate-hash vectors (positive and negative), resolved by a repository-scoped interop verifier.
- COSE-Sign1 carrier design note (informative): describes a future COSE-Sign1 receipt carrier alongside the current compact JWS carrier (RFC 9052, RFC 9053, RFC 8949). No runtime, dependency, export, or version change.
- Ecosystem record-carrier classification and verification-artifact conventions.
- MCP distribution metadata refreshed (
server.json,manifest.json,smithery.yaml) to the current server and package versions. @peac/mappings-tappackage description uses "interaction evidence" for boundary-accurate wording.- Workspace archiving:
surfaces/analyticsand thetransport/httpandtransport/wspackages move underarchive/; the build graph drops from 107 to 104 targets. Published package count unchanged at 36. - Public API unchanged. Wire format unchanged (0.2). Public schema unchanged. Extension groups unchanged (19). Receipt types unchanged (61). Conformance requirement IDs unchanged (290). Sections unchanged (32).
- 36 published packages, 104 build targets, 19 extension groups, 61 receipt types, 10,838 tests, 290 conformance requirement IDs, 32 sections
v0.14.5
Verification documentation
Aligns PEAC's public verification, security, stability, compatibility, and machine-readable documentation with the v0.14.4 release state.
- Public verification, security, stability, and compatibility documentation aligned with the release state.
- Stale forward-looking language removed; supported versions clarified.
- Measured local SLO baselines recorded.
- Deprecated and archived package status updated.
- Protocol-boundary wording tightened.
- Public API unchanged. Wire format unchanged. Public schema unchanged. Published package count unchanged at 36 (extension groups 19, receipt types 61, conformance requirement IDs 290, sections 32).
v0.14.4
Composition Surfaces
- Runtime governance composition recipe:
docs/SOLUTIONS/agt-peac-composition.md— genericnormalizeRuntimeGovernanceEventAPI, vendor-neutral (not tied to one platform); canonical line "Harnesses control execution. PEAC records bounded work. Logs stay local; PEAC records travel." - Runnable runtime-composition-records example: end-to-end vendor-neutral demo using
@peac/adapter-runtime-governance; smoke test verifies round-trip - Edge verification recipe:
docs/SOLUTIONS/verify-at-the-edge.md— generic pattern first, Cloudflare + Docker in stability-class table; citesdocs/specs/RESOURCE-LIMITS.mdfor 256 KiB body cap, 5,000 ms JWKS timeout, 100 keys cap, TTL bounds 60..86,400 s - Evaluation and harness record recipes:
docs/SOLUTIONS/eval-platform-records.md+docs/SOLUTIONS/harness-records-quickstart.md— three recipe commands verified exit 0 with validinteraction-record+jwtJWS - MCP composition guide:
docs/SOLUTIONS/mcp-composition.md— cites merged SEPs 2468, 2484, 2577, 2106; 30 doc-truth assertions; explicit "PEAC does NOT" boundary block (8 items) - .NET quickstart verifier: committed-fixture offline verifier for Ed25519 records (
net10.0, NSec.Cryptography); NOT a .NET SDK or NuGet package - Go middleware chi adapter parity:
sdks/go/middleware/chi/chi_test.go+README.md— brings chi to parity with echo/gin/nethttp adapters - 36 published packages, 107 build targets, 19 extension groups, 61 receipt types, 10,838 tests, 290 conformance requirement IDs, 32 sections
v0.14.3
Agent Action, Commerce Mandate, and Gateway Export Records
- Agent Action Records:
org.peacprotocol/agent-action(17th extension group) — 6 type URIs for agent decision and action evidence; Section 32 (AGENT-ACT series) - Commerce Mandate Records:
org.peacprotocol/commerce-mandate(18th extension group) — 7 type URIs covering mandate-grant and 6 lifecycle states (authorization, capture, void, refund, settlement, budget); 16 stable error codes incommerce.mandate.*namespace; Section 33 (COMM-MAN-001..010) - Gateway Export Records:
org.peacprotocol/gateway-export(19th extension group) — 8gateway-*-observedtype URIs covering x402 payment-settlement state machine; Section 34 (GATE-EXP-001..010) - ACP mapper boundary fix: enforces
amount_minor: stringand explicit finality (assertExplicitFinalitydoctrine) in@peac/mappings-acp - protobufjs override: workspace override to 8.0.2 +
@protobufjs/utf81.1.1 closes 8 Dependabot alerts (private-example reachability only) NonNegativeAmountMinorStringSchemarefine wrapper for mandate scope (preservesAmountMinorStringSchemasemantics elsewhere)- 36 published packages, 106 build targets, 19 extension groups, 61 receipt types, 10,635 tests, 290 conformance requirement IDs, 32 sections
v0.14.2
Provisioning Lifecycle Records
- New extension group:
org.peacprotocol/provisioning-lifecycle(16th extension group) - 10
*-observedtype URIs covering credential issuance, secret rotation, service authorization, key lifecycle, access grants and revocations, service binding, and lifecycle completion validateProvisioningLifecycle()in@peac/schemawith recursive credential-material scanner that rejects inline secrets at any nesting depth- 21 stable error codes in the
provisioning.*family - Conformance Section 31 (PROV-LIFE-001..010) -- 260 total conformance requirement IDs across 29 sections
- Opaque reference grammar required for all
*_reffields (urn:, ref:, did:, sha256:, https:) storage_surfaceobject with 7 abstract kind values (no vendor-specific enums in core)- Standards Ledger Section J: RFC 9700 BCP 240 / RFC 6749 / draft-ietf-oauth-v2-1-15 / draft-ietf-oauth-security-topics-update
- 36 published packages, 103 build targets, 16 extension groups, 40 receipt types, 10,078 tests
v0.14.1
Agent Execution and Lifecycle Records
- CLI Execution Records:
peac observe command(unsigned JSON observation) andpeac record command(signed Wire 0.2 execution record) --org.peacprotocol/cli-executionextension group - Lifecycle Observation Records:
peac emit lifecyclefor approval, evaluation, experiment, and workflow transition events --org.peacprotocol/lifecycle-observationextension group (9 type URIs) - A2A Handoff Records: Signed handoff observation records for Agent-to-Agent Protocol v1.0 task delegation events --
org.peacprotocol/a2a-handoffextension group (10 type URIs); Microsoft AGT and AAIF compatible - CLI security defaults: argv hashed by default, stdin none by default, raw capture requires explicit double opt-in
- Lifecycle no-inline-value invariant: 20 forbidden top-level keys, opaque reference grammar for all
*_reffields - A2A v0.3.0 support removed; v1.0 only
- First npm
latestflip in the v0.13.x-v0.14.x window (npmlatestwas stuck at 0.13.0 since April 2026) - 36 published packages, 102 build targets, 15 extension groups, 30 receipt types, 9,782 tests, 250 conformance IDs
v0.14.0
Bounded Validation Gate
- Wire 0.2 issuance (
issue()) and local verification (verifyLocal()) now route through the bounded validation gate by default - Internal rollback flag (
PEAC_INTERNAL_LEGACY_PATH) is now meaningful: both flag values exercise different internal admission paths with byte-equivalent public outputs - 4-cell rollback-path matrix verified at publish time (Node 22 + 24 LTS x rollback flag 0/1)
- New production wrapper
runBoundedValidationGateatpackages/protocol/src/_internal/record-core/validation-gate.ts;runBoundedValidatorShadowreserved for shadow/corpus/parity-harness only - Operator runbook at
docs/diagnostics/ROLLBACK-v0.14.0.md; release-neutral runbook atdocs/diagnostics/ROLLBACK-PATH.md - Public API: unchanged. Wire format: unchanged. Package surface: unchanged. Extension keys: unchanged. Default observable behavior: unchanged.
- 36 packages on npm
next, 9,214 tests, 224 conformance requirement IDs, 102 build targets
v0.13.4
Validation Readiness and Runtime Invariants
- Seven canonical-composed validators added to shadow mode: schema-parse, jose-typ-strictness, iat-not-yet-valid, policy-binding, unknown-extension-grammar, type-extension-enforcement, signature
- Canonical-vs-candidate differential test against 230 fixtures with byte-equality assertions
- Rollback-path matrix promoted to a release gate: 4-cell CI (Node 22 + 24 LTS x rollback flag 0/1)
publish.ymlrelease_gate_rollback_matrixpreflight hard-blocks publish on any failurescripts/verify-trust-artifacts.mjsextended to cover alldocs/specs/RESOURCE-LIMITS.mdinvariant tablesdocs/STABILITY-CONTRACT.mdinternal-only flags table gains row for the rollback flag- 36 packages, 9,197 tests, 224 conformance requirement IDs
v0.13.3
Diagnostic Readiness and Release Validation
- Internal rollback-path flag plumbed:
PEAC_INTERNAL_LEGACY_PATHenv andoptions._internal.legacyPathprogrammatic option (behavior-preserving: both flag values use the same protocol path in this release) - Operator runbook at
docs/diagnostics/ROLLBACK-PATH.md docs/specs/RESOURCE-LIMITS.mdclarified: Layered network limits subsection, Timeout classes subsection (5,000 ms verifier / 10,000 ms issuer-config / 30,000 ms unrestricted), Header-carrier surfaces clarification- Stale documentation citations corrected to current kernel constants
- Diagnostic parity taxonomy:
verdictKeyErrorClasserror-class multiset comparator inparity-corpus.ts - 36 packages, 8,930 tests, 224 conformance requirement IDs
v0.13.2
Diagnostic Foundations and Compatibility Contracts
- Workspace-private
@peac/resolver-httpcomposition layer over published primitives (@peac/net-node,@peac/jwks-cache,@peac/kernel,@peac/crypto) - Shadow-mode pointer-fetch foundation in
apps/api(internal only, default OFF;PEAC_INTERNAL_SHADOW_RESOLVERflag) - Hosted Verify body-size boundary coverage: exact-byte tests at
MAX_BODY_SIZE(256 KiB) on/v1/verifyand/v1/issue - Workspace-private compat reader, writer, and validator finalized;
serializeArchivalBundlereturns deterministic JSON - Release validation diagnostics:
docs/diagnostics/SHADOW-MISMATCHES.mdanddocs/diagnostics/RELEASE-EXERCISE-v0.13.2.md - All 16 open Dependabot alerts closed
- 36 packages, 8,889 tests, 224 conformance requirement IDs
v0.13.1
Validation Assurance Foundations
@peac/discretired toarchive/discovery/; publish-manifest count 37 to 36@peac/registriesworkspace-private facade;@peac/kernelcompat barrel preserves every previously public import path- Internal validator parity foundation with observation-only scheduler alongside the canonical Zod path
- Adversarial redaction coverage for all registered secret classes (compact JWS, PEM, Bearer, Authorization, Cookie, API key, AWS access key, email, phone)
- Deterministic mutation oracle: every byte-level mutation of a valid Wire 0.2 JWS rejected with a registered
E_*error code - Resource-limit tests pinned at-bound-pass and at-bound-plus-one-fail vectors per
docs/specs/RESOURCE-LIMITS.md docs/STABILITY-CONTRACT.mdgains Internal-only flags section and Shadow-mode timeout guarantee class section- 36 packages, 7,721 tests, 224 conformance requirement IDs
v0.13.0
Public Surface Stabilization
- Records-first doctrine across all active front-door surfaces; "receipt" preserved as the per-artifact noun and
PEAC-Receiptheader name ProofMethodSchemaandPROOF_METHODSremoved from@peac/schema; transport-binding values inlined onAgentProofSchema.method- A2A v0.3.0 compatibility removed from
@peac/mappings-a2a; v1.0.0supportedInterfaces[]is required @peac/corearchived toarchive/0.9.0-0.9.14/packages-core/; historical npm versions<=0.9.14remain installable@peac/prefarchived toarchive/pref/; migration target:@peac/mappings-content-signals- Legacy
POST /verifyremoved from active OpenAPI contract; runtime alias continues toPOST /v1/verifythrough Sunset2026-11-01withDeprecation,Sunset, andLinkheaders - New
docs/specs/RESOURCE-LIMITS.mdnormative invariant table - New
docs/STANDARDS_LEDGER.mdRFC/FIPS/W3C/ISO catalogue docs/baselines/BASELINE-v0.13.0.mdreleased-package surface snapshot- 37 packages on npm
latest, 7,672 tests, 224 conformance requirement IDs, 99 build targets
ProofMethodSchemaandPROOF_METHODSremoved from@peac/schema- A2A v0.3.0 compatibility removed from
@peac/mappings-a2a POST /verifyremoved from active OpenAPI contract (runtime alias continues through Sunset)@peac/coreno longer in active publish manifest
v0.12.14
Policy Binding and Privacy-Aware Verification
computeJsonDocumentDigestJcs,computeTextDocumentDigestUtf8,computeDocumentDigestfor document binding (docs/specs/DOCUMENT-BINDING.mdnormative)- Verifier report
bindingsshape (report-only, not stamped into emitted record) - Five privacy docs under
docs/privacy/: DATA-CLASSIFICATION, RETENTION-AND-DELETION, DEPLOYMENT-ROLES, DATA-SUBJECT-RIGHTS, DPIA-STARTER - Configurable retention caps, deletion hooks,
no_raw_personal_datareport mode, pseudonymous-ID fixtures - Runnable
examples/cf-policy-x402-terms/demo anddocs/SOLUTIONS/cloudflare-x402-peac.mdoperator recipe docs/specs/AIPREF-COMPOSITION.mdanddocs/specs/SCITT-COMPOSITION.mdinformative specsscripts/verify-no-semantic-widening.mjs11-check hard gate- 37 packages, 7,680 tests, 224 conformance requirement IDs, 106 build targets
v0.12.13
Compliance Mappings and Verifier Contract Alignment
- ISO 42001 Clause 8 and EU AI Act Annex IV compliance mapping docs with
scripts/verify-compliance-mappings.mjs - Canonical contract alignment for reference verifier with
scripts/verify-openapi-drift.mjsextended over 5 downstream surfaces docs/HOSTED_VERIFY_CONTRACT.mdauthority statement- Echo and
net/httpGo middleware adapters; sharedsdks/go/middleware/paritytest/harness - Observational
groupByLifecycle()export in@peac/audit - Regression-aware Go benchmark gate; 6-vector extended JCS parity corpus (TypeScript + Go byte-identical)
scripts/verify-release-closeout.mjs7-row post-release truth reconciler- 37 packages, 7,600 tests, 224 conformance requirement IDs
v0.12.12
SLOs, Threat Model, and Stability Contract
docs/SLO.mdwith release-prep baseline stamps forissue(),verifyLocal(), reference-verifier/v1/verify, MCP tool-call round-tripdocs/STABILITY-CONTRACT.mdand consolidateddocs/THREAT_MODEL.mdwith per-threat test-coverage linksdocs/TRUST-ARTIFACTS.mdtrust artifact index- Operator mental-model docs:
HOW-IT-WORKS.md,ARTIFACTS.md,WHERE-IT-FITS.md,WHAT-PEAC-STANDARDIZES.md - Five
docs/SOLUTIONS/recipes and reference-verifier deployment recipes undersurfaces/reference-verifier/ docs/RELEASING.mdtwo-mode release policy (Mode 1 single-steplatest/ Mode 2 two-stepnexttolatest)- OpenAPI 3.1.1 with
application/interaction-record+jwtexamples, RFC 9457 Problem Details, RFC 9745Deprecation, RFC 8594Sunseton legacy/verify scripts/verify-trust-artifacts.mjsandscripts/verify-public-surface-names.mjswired in CI- 37 packages on npm
latest, 224 conformance requirement IDs
v0.12.11
Commerce Evidence and Deployment Surfaces
- Mapper-boundary finality guard:
assertExplicitFinality,MapperBoundaryError, stable codecommerce.finality_synthesis_blocked - ACP delegated-payment observation mapper with
artifact_kinddiscriminator - MPP payment-attempt and settlement mappers (
fromMPPPaymentAttempt,fromMPPSettlement) - x402 settlement proof extractor with dual-header precedence (
PEAC-Receipt>PAYMENT-RESPONSE>X-PAYMENT-RESPONSE) - Go middleware production hardening: panic recovery, bounded token-bucket rate limiter,
Logger/Metricsinterfaces, saferDefaultConfig - IDE plugin packs: Cursor, Codex, Claude Code, VS Code (pinned
@peac/mcp-server@0.12.11) - Canonical Smithery config at
packages/mcp-server/smithery.yaml peac doctoroffline-default CLI with opt-in--online --issuer <url>- Single-file offline verify dashboard (
tools/verify-dashboard/index.html, no CDN, no telemetry) - Conformance Section 26: 20 commerce fixtures
- 37 packages on npm, 7,392 tests, 224 conformance requirement IDs, 105 build targets
v0.12.10
Managed Runtime Evidence Floor
- Generic
@peac/adapter-runtime-governancesurface with AGT as first mapper - 6 observation-specific type URIs with discriminated union payloads
- Hosted verify record profile detection (registry-driven)
- Conformance Section 27: RTGOV-001 through RTGOV-007
- Benchmark SLO publication with regression-based gate for
verifyLocal - 37 packages on npm, 7,392 tests, 224 conformance requirement IDs
v0.12.9
Reference Deployments
@peac/adapter-managed-agents: Claude Managed Agents session evidence adapter- MCP Streamable HTTP transport reference deployment
- Content negotiation:
Accept: application/peac-receipt+jwtsupport - Pilot kit: self-contained onboarding archive
- Release-state stamping discipline:
scripts/stamp-release-state.mjs - 217 conformance requirement IDs across 24 sections
v0.12.8
Hosted Issue, Go SDK, Python API-First Proof
- Hosted Issue alpha: BYO-key provisional issuance (disabled by default)
- Go 1.26 SDK with Wire 0.2 parity
- Python API-First Proof
- Managed Agents session evidence summary demo
- Pre-release hardening: Hosted Issue, perf SLO, Smithery CI
- 35 packages on npm, 7,241 tests, 219 conformance requirement IDs, 97 build targets
v0.12.7
Coherence, Trust, and Installability
pnpm verify:distribution: distribution surface verification gate (44 checks, tarball packaging smoke)pnpm verify:release: release facts verification gate (22 checks)pnpm verify:docs-examples: documentation code block type-checkingdocs/releases/facts.json: canonical source of truth for release metrics- Enterprise trust posture, security posture, and reference architecture documentation
- Compatibility matrix, migration guide, deprecation policy, standards compliance, supported environments
- Hosted Verify API contract (DD-210): design artifact for
/v1/verifyand/v1/issue REPO_SURFACE_STATUS.json: machine-readable surface classification (74 surfaces)- Coherence gate: 9 blocking checks preventing docs/code divergence
- Legacy Wire 0.1 defaults quarantined across 12 spec and guide files
- RFC 8594 deprecation headers on legacy
/verifyendpoint @peac/sdk(sdk-js) andapps/bridgearchived- GitHub Actions: all tracked workflows pinned to immutable commit SHAs
- Security policy: supported versions updated to >= 0.12.7
- 35 packages on npm, 7,241 tests, 219 conformance requirement IDs, 96 build targets
v0.12.6
x402 V2, DID Resolution, A2A OAuth, gRPC Transport, Supply-Chain Mappings
@peac/adapter-did: did:key and did:web resolution with caching@peac/transport-grpc: gRPC carrier adapter (8 KiB metadata default)@peac/mappings-intoto: in-toto v1.0 provenance mapping@peac/mappings-slsa: SLSA v1.2 provenance mapping- A2A v1.0 OAuth: PKCE S256, Device Code types, auth evidence mapping
- x402 V2 transport: version detection, normalization, mapping, verification
- Receipt URL resolution middleware in
@peac/net-node - 35 packages on npm, 7,241 tests, 219 conformance requirement IDs
v0.12.5
Commerce Hardening + Interop Proofs
- Per-rail conformance parity: 40 execution-backed fixtures across 4 commerce rails
- Cross-rail settlement equivalence tests
AmountMinorStringSchema+isValidAmountMinor()edge-case hardening- 59 package READMEs with kernel template
- 29 packages on npm, 6,915 tests
v0.12.4
Commerce Evidence + Integration Depth
- New package:
@peac/mappings-paymentauth(envelope-first HTTP Payment scheme parsing, carrier adapter, JSON-RPC/MCP helpers) - x402 v2 dual-header read with upstream artifact separation
- ACP session lifecycle evidence: two-function boundary (session vs payment observation)
- Stripe SPT delegation evidence with explicit payment state requirement
- UCP order-vs-payment semantic separation with
payment_state_sourcemarker - Experimental commerce bundle (
peac.commerce-bundle/0.1-experimental) - Commerce pillar profile and 2 normative specifications
- 3 integration kits (paymentauth, ACP, x402) and 6 runnable examples
- 21 cross-boundary commerce conformance tests
- 35 packages on npm at v0.12.6, 219 conformance requirement IDs, 95 build targets
v0.12.3
Truth, Adoption, and A2A v1.0 Readiness
- A2A v1.0 transition normalizer: dual-version Agent Card, TaskState, Parts with backward compatibility (v0.3.0 deprecated, removal at v0.13.0)
- AIPREF version constants export pinned to vocab-05
- MCP Registry published: io.github.peacprotocol/peac v0.12.3
- Canonical Start Here page with 4 evaluator paths
- Persona-specific quickstarts: API Provider, Agent Operator
- A2A and MCP integration kits
- 28 packages on npm at v0.12.3
v0.12.2
Profile-Defined Types + Extension Groups
- 12 typed extension groups: 7 new pillar groups (consent, privacy, safety, compliance, provenance, attribution, purpose) joining the 5 core groups
- 10 type-to-extension mappings with strict/interop enforcement
- 9 pillar usage profiles with schema-vs-profile field tables, non-goals, and strict-mode demos
- Commerce event field: 6-value closed enum (observational metadata only)
- ProofMethodSchema deprecated (transport-binding cleanup, removal not-before v0.13.0)
- AST no-network audit and API contract extraction
- 192 conformance requirements (up from 146)
- 28 packages on npm at v0.12.2
v0.12.1
x402 Upstream Wire Sync + Security + Tooling
- x402 adapter sync: four-layer adapter architecture (A1/A2/B/C), discriminated signed artifact unions, 5-layer verification API with opt-in crypto, privacy-minimal receipt model
- Conformance fixture rewrite and X402-PROFILE.md
- Security: undici CVE-2025-22150, hono CVE-2025-51798 patches, audit gate
- Vitest 4.1.0 upgrade with coverage badge
- README rewrite
- Upstream: x402 PR #935 (Offer/Receipt Extension) merged
- 28 packages on npm at v0.12.1
v0.12.0
Interaction Record Format 0.2 Stable
- Interaction Record Format 0.2 promoted to stable on npm
latest(28 packages via OIDC trusted publishing) - 146 normative requirement IDs across 18 spec sections with machine-readable registry and drift detection
- Property and fuzz testing: 12+ property tests across schema, crypto, protocol with zero-crash guarantee
- Performance benchmarks: Vitest bench suite for issuance, verification, policy binding with Node 24 baseline
- SSRF and security hardening: expanded test vectors, security posture documentation
- API surface lock for 9 critical packages with pack-install smoke tests
- Doc-example execution gate: automated validation of 25 code blocks in 5 spec documents
- OIDC trusted publishing: 45 packages configured, provenance attestations on every publish
- Node 24 Active LTS canonical baseline, Node 22 Maintenance LTS compatibility lane
- Committed release manifest (
docs/releases/current.json) with versioned gate reports - All 6 stable gates wired and passing (20/20)
- 28 packages on npm at v0.12.0
v0.11.3
Zero Trust + Agent Identity + Key Rotation + Reconcile CLI
- Zero Trust Profile Pack: 7 sub-profiles as documentation overlays (Access, Toolcall, Decision, Risk Signal, Sync, Tracing, ZT Extensions); no new wire fields, all ZT data in
ext[]with reverse-DNS keys - Agent Identity expansion: 8 proof types (
ed25519-cert-chain,eat-passport,eat-background-check,sigstore-oidc,did,spiffe,x509-pki,custom),ActorBindingSchemawith origin-only enforcement, MVIS 5-field validation (validateMVIS()) - Key Rotation lifecycle: PENDING/ACTIVE/DEPRECATED/RETIRED/REVOKED FSM, 30-day normative overlap (upgraded from 7-day RECOMMENDED), tiered kid reuse detection (stateful MUST reject, stateless SHOULD warn),
revoked_keys[]in issuer config, NIST SP 800-57 aligned - Reconciliation CLI:
peac reconcile <bundle1> <bundle2>with composite(iss, jti)conflict key, deterministic JSON output,--fail-on-conflictfor CI gating - Treaty extension: 4-level
commitment_class(informational,operational,financial,legal) atorg.peacprotocol/treaty - ZT extension schemas:
credential-event,tool-registry,control-actioninpackages/schema/src/extensions/; URL scheme allowlist (HTTPS + URN only) for SSRF prevention FingerprintRefconversion functions: opaque format (sha256:<hex64>orhmac-sha256:<hex64>), pure string manipulation in@peac/schema- Governance framework alignment: 8 mapping documents (NIST AI RMF, EU AI Act, OWASP ASI, ISO 42001, IEEE 7001, OECD AI, Singapore MGFAA, AWS RAI)
- Multi-tenant guidance: 3-tier isolation model (Shared, Scoped with kid prefix, Isolated with per-tenant JWKS)
- NIST submission pack: self-contained evidence package for NIST CAISI RFI,
release-gate-0.11.3.shwith 10 checks - New examples:
edge-markdown-content-signals,a2a-gateway-pattern - 28 packages on npm at v0.11.3
v0.11.2
Content Signals + Evidence Locators
- New package:
@peac/mappings-content-signals-- observe content use policy signals from robots.txt (RFC 9309), AIPREF Content-Usage headers, and tdmrep.json (W3C TDM Reservation Protocol) - New package:
@peac/adapter-openai-compatible-- hash-first interaction evidence for OpenAI-compatible chat completion APIs; SHA-256 digests only, no raw text stored - Error recovery
next_actionhints on everyErrorDefinition: closed vocabulary of 7 agent-actionable recovery hints (retry_after_delay,retry_with_different_key,retry_with_different_input,refresh_attestation,contact_issuer,abort,none) retryablecanonical rename (fromretriable)receipt_urllocator hint onPeacEvidenceCarrier: optional HTTPS-only URL, max 2048 chars, no implicit fetch- Plugin Pack: Claude Code skill and Cursor rules for AI-assisted development
- Distribution surface files:
server.json(MCP Registry),smithery.yaml,llms.txt,.mcp.json - 28 packages on npm at v0.11.2
v0.11.1
Evidence Carrier Contract + A2A Mapping
- Evidence Carrier Contract:
PeacEvidenceCarriertype andCarrierAdapter<TInput, TOutput>pattern in@peac/kernel(Layer 0, zero runtime deps) - Zod schemas and
computeReceiptRef()in@peac/schema(Layer 1) - New package:
@peac/mappings-a2a-- carry evidence through A2A metadata in TaskStatus, Message, and Artifact - Agent Card discovery:
capabilities.extensions[]withhttps://www.peacprotocol.org/ext/traceability/v1 - MCP carrier format:
_metakeysorg.peacprotocol/receipt_refandorg.peacprotocol/receipt_jws - ACP/UCP carrier adoption via
@peac/mappings-acpand@peac/mappings-ucp - x402 carrier via
@peac/adapter-x402 - Transport size limits: MCP/A2A/UCP 64 KB embed, ACP/x402/HTTP 8 KB headers
receipt_refintegrity:sha256(receipt_jws)verified at extraction- Discovery profile: 3-step (Agent Card, well-known, header probe)
- 4 normative specifications: Evidence Carrier Contract, A2A Mapping, Discovery Profile, JWKS Resolver
v0.11.0
Zod 4 + MCP Streamable HTTP + Kernel Constraints
- Zod 4 migration (
^4.3.6) across all packages withpnpm.overridesenforcement - MCP Streamable HTTP transport: session-isolated
McpServerper client (CVE-2026-25536 defense) - Kernel constraint enforcement pipeline: fail-closed in
issue()andverify()paths - New package:
@peac/integrator-kit-- bootstrap + conformance harness for third-party implementations - OWASP ASI-01 through ASI-10 alignment across all packages
- CORS deny-all, localhost-only bind, rate limiting, and size limits for MCP HTTP
v0.10.14
Fixture Versioning + Kernel Constraints Formalization
- Conformance fixture versioning:
schema_versionfield across all JSON fixture files - Kernel constraints specification (
KERNEL-CONSTRAINTS.md) with normative rules - Editorial hygiene sweep across specs and documentation
- Zod 4 preparation: compatibility audit and migration plan
v0.10.13
MCP Server
- New package:
@peac/mcp-server-- MCP server exposing 5 tools for AI agent integration- Pure tools:
peac_verify,peac_inspect,peac_decode(no key material required) - Privileged tools:
peac_issue,peac_create_bundle(require signing key)
- Pure tools:
- Handler-transport separation for transport-neutral core
- Static policy configuration via allowlist file
- Structured
_metaon all tool responses (serverVersion,policyHash,protocolVersion) - SSRF prevention by design -- no ambient key discovery
- 226 tests across 22 test files
v0.10.12
OpenClaw + RFC 9421
- New package:
@peac/capture-node--FileSpoolStoreandFileDedupeIndexfor durable, file-system-backed receipt storage - OpenClaw
activate()one-call setup withgenerateSigningKey()for zero-config onboarding peac-keygenCLI for Ed25519 key generation- Structured counters (
scanned/exported/skipped) for export and query operations - Dual-representation check in verifier -- detects
auth/evidencevs_jwsmismatch - RFC 9421 proof capture normative profile with 5 conformance vectors
- Profiles taxonomy: Transport, Proof Capture, Wire Format categories
v0.10.11
Runtime Dependencies + Stripe x402
- Upgraded
@noble/ed25519to v3 (signAsync/verifyAsync/getPublicKeyAsyncAPI) - Upgraded
@opentelemetry/sdk-metricsto v2 - New:
fromCryptoPaymentIntent()in@peac/rails-stripefor Stripe crypto payments - Registry v0.3.0:
org.peacprotocol/interaction@0.1extension key - Advisory registries:
toolcall_op_types,toolcall_resource_types - Supply chain hardening:
SECURITY.md, audit gate, lockfile drift check inguard.sh
v0.10.10
Dev Toolchain
- Migrated build system to tsup with dual ESM/CJS output (
.mjs/.cjs) - tsc for type declarations only
- Turbo pipeline optimization across 75 build targets
- Stale artifact detection in
guard.sh
v0.10.9
Foundation Release
- Wire format
peac-receipt/0.1stable - 22 npm packages published under
@peacscope - Express middleware (
@peac/middleware-express) for automatic receipt issuance - 4 payment rail adapters: x402 (Coinbase), Stripe, Razorpay, Card networks
- Evidence bundle creation and verification (
.peac.tar.gz) - Conformance test suite with 200+ vectors
v0.9.0 (July 18, 2025)
First Public Release
- Production-ready open-source implementation
- Machine-readable
peac.txtand.well-known/peac-issuer.json - Core modules, Node.js SDK, CLI, schema
- Ed25519 signature enforcement
- x402 and Stripe compatibility
Versioning policy
PEAC Protocol is currently in the v0.x series. During this phase:
- Breaking changes are allowed between minor versions, with migration guidance in the changelog
- The wire format (
peac-receipt/0.1) is stable across all v0.x releases - All packages share the monorepo version -- when one package updates, they all update
At v1.0 (earned, not scheduled):
- Wire format changes to
peac-receipt/1.0 - Public API surface freezes with full backward compatibility commitment
Links
- GitHub Releases -- full changelog with migration notes
- npm @peac scope -- all published packages
- Changelog -- detailed per-package changes
- Conformance Vectors -- test your implementation against the current release