Public Changelog
Changelog
User and developer-facing changes are recorded here. Product, SDK, API, connector, verifier, witness, Local Vault, and documentation changes that affect external users must update this page.
Documentation policy
docs.attesto.eu publishes only public user and developer material. Internal control-plane procedures, infrastructure runbooks, credential handling, and private operational diagnostics stay out of this site.
2026-06-14
Updated Tenant signup subscriptions
Tenant signup now requires choosing Starter, Growth, or Realtime, records the onboarding intent, sends a branded welcome email, and starts Stripe Checkout for the configured 30-day tenant trial. Billing docs and API references now describe the same flow.
Updated Docs and codebase parity
Public docs now align the current API, connector, Local Vault, SDK, CLI, and regulatory-evidence language with the live codebase. The docs clarify that Python, TypeScript, Go, and CLI are first-class developer surfaces, document exact connector and Local Vault route families, and explain how Article 12 logging evidence can support Article 13 transparency work without making unsupported legal-compliance claims.
Corrected Gateway, MCP, OTel, and n8n docs
Developer-surface and implementation-recipe docs now use the real
attesto-gateway flags, explicit MCP
ATTESTO_BASE_URL configuration, current MCP tool
names, OTel allowlist option names, and the n8n action/trigger
behavior implemented by the packages.
2026-06-12
Fixed Docs navigation and mobile sidebar
Documentation pages now keep canonical English routes in English, preserve equivalent localized routes when changing language, and expose the manual sidebar as a real hamburger drawer on phones and tablets while preserving the desktop layout.
Updated SDK and verifier package versions
SDK documentation now reflects the current 0.4.0
Python, TypeScript, Go, and CLI release family. Go examples use
the public go.attesto.eu/sdk module path, and
verifier report examples use verifierVersion: 0.4.0.
Expanded Article 12, companion packages, and SDK test harness docs
SDKs and Implementation Recipes now explain the “Voldoe aan Artikel 13
met 1 regel code” promise as technical evidence support:
one integration line can start verifier-ready evidence capture for transparency work, while legal conformity remains the customer's responsibility. Docs now also cover attestedFetch,
attesto-mcp,
attesto-local-vault, n8n-nodes-attesto,
and the phase-gated witness package boundary.
Expanded Gateway, MCP, and n8n implementation recipes
Implementation Recipes now document the Attesto Inference
Gateway, Attesto MCP server, and n8n-nodes-attesto
node as public developer surfaces, including production base URL,
capture mode, secret boundaries, and evidence behavior.
2026-06-08
Hardened Language content parity
All supported docs language routes now publish the full canonical English manual and changelog body, not shortened summaries. Localized pages may add language-specific navigation and compliance-boundary chrome, but the docs contract now verifies canonical full-body parity, article body hashes, headings, code examples, tables, trust boundaries, and changelog coverage across English, Dutch, German, French, Spanish, Polish, and Italian.
Added Full localized manual routes
docs.attesto.eu now publishes language-specific manual routes for
English, Dutch, German, French, Spanish, Polish, and Italian:
/languages/{lang}/manuals/.... The language
selector preserves the current manual when switching languages,
sidebars and navigation route to localized pages, and the docs
contract now fails if a public manual is missing a localized
route or language-specific compliance boundary text.
Added Truth Package lifecycle verification
Tenant export ZIP generation is now treated as Proof of
Evolution evidence. Packages include
attesto.truth-package.manifest.json, the finalized
ZIP hash is recorded through a
truth_package.generated Proofstream event, and
dashboard or auditor downloads record
truth_package.accessed events with hashed request
metadata. The Attesto CLI now verifies package ZIP integrity via
attesto verify truth-package --file ./truth-package.zip
and rejects tampered artifacts.
Hardened Truth Package verified events
Successful package verification is now a first-class lifecycle
event. After a package is downloaded and checked by the Attesto
CLI, the tenant API validates the verifier report against the
stored package hash, manifest hash, and artifact count before it
records truth_package.verified. The service-backed
backend lane proves export generation, download/access,
verification recording, and Merkle inclusion for all lifecycle
leaves.
Clarified Release evidence boundaries
The frozen release/attesto-1.0-pre-market/ dossier
is now explicitly labelled as a historical pre-market artifact.
Current Attesto 2.0 readiness must be evaluated with
release/attesto-2.0-production-readiness/manifest.json
and the green release/total-evidence contracts.
Added Public status page contract
Added status.attesto.eu as a first-class public trust surface for customer-facing service health, public incidents, and availability history. The status service uses its own dedicated status database and exposes only public probe results; it does not read tenant data, raw logs, provider payloads, secrets, or admin diagnostics.
Improved Status uptime ticker bars
status.attesto.eu now shows per-service 90-day health ticker bars above the component cards, including uptime percentage, current latency, HTTP expectation, probe interval, and status timezone. The public component set excludes the admin control panel by contract.
Hardened Marketplace developer onboarding and trials
The Marketplace now shows developer signup/signin and Free/Verified/Professional/Partner plan selection near the top of the page. Developer prices and 14-day paid developer trials are loaded from the backend tier contract; free developer accounts can submit free connector assets for private review, while paid connector submissions remain gated by paid subscription and Stripe Connect readiness. Tenant plan checkout now exposes the server-side 30-day Stripe trial in the dashboard plan UI.
Hardened Marketplace publisher auth and reproducible Evidence Score
Marketplace developer accounts now sign up and sign in through marketplace-only auth endpoints and are rejected by the tenant dashboard login path. Evidence Score is now documented and enforced as a deterministic validator formula with explicit criteria, max points, components, and no adoption or marketing bonus.
Hardened Marketplace developer account gate
Marketplace connector submission now requires a marketplace developer account. Free developer accounts can submit free assets into private platform review, while paid assets require an active paid developer tier and Stripe Connect readiness. Ordinary tenant users can browse, acquire, install, and download entitled artifacts without receiving upload access.
Added Marketplace CLI publishing helpers
The Attesto CLI now supports connector manifest creation, local marketplace validation, marketplace publisher submission, and private-review submission against the real marketplace APIs. The public commands use bearer-token authentication, keep secrets out of output, and are covered by Go CLI contract tests.
Added Marketplace developer subscription checkout
Publisher profiles can now start paid developer subscription checkout, open a Stripe billing portal, and view commercial publishing requirements. Stripe webhooks update publisher subscription state and write marketplace evidence without exposing Stripe secrets or checkout session identifiers to the frontend.
Added Paid marketplace connector checkout
Paid connector acquisition now creates Stripe Checkout Sessions with Stripe Connect destination transfer data and an Attesto application fee. Verified webhooks create tenant entitlements, write revenue ledger entries, and record marketplace purchase, entitlement, and revenue-split evidence.
Hardened Marketplace refunds and payout reconciliation
Verified Stripe refund events now update the marketplace ledger, mirror the 75/25 revenue reversal, close fully refunded tenant entitlements, revoke active installs, and block artifact download. Stripe Connect payout events record publisher payout evidence and reconcile eligible ledger entries without exposing raw Stripe payloads or connected-account identifiers to the frontend.
Hardened Marketplace platform review
Marketplace publisher submissions are now private pending-review assets by default, even when public visibility is requested. Public docs describe the publisher-facing submission lifecycle; Attesto review and publication remain private operator workflows. Approval, rejection, and revocation write marketplace evidence and platform audit entries.
Added Marketplace Stripe Connect payout onboarding
Publisher profiles can now start Stripe Connect payout onboarding through the marketplace API and refresh payout readiness after returning from Stripe. The frontend receives only a Stripe-hosted onboarding URL and safe payout status fields; connected-account identifiers and Stripe secrets remain server-side.
2026-06-07
Expanded Marketplace install lifecycle evidence
The Marketplace now supports real tenant-scoped install update, entitlement revoke, re-acquire/re-install after revoke, and evidence receipt lookup APIs. The public marketplace UI exposes update, revoke, and manifest download actions only after login. Backend and frontend tests cover CSRF recovery, entitlement gating, receipt lookup, update idempotency, revoke blocking, and reactivation.
Added Marketplace publisher profile evidence
Publishers can now create, fetch, and update a tenant-scoped publisher profile through the Marketplace API and UI. Profile creation and display-name updates generate marketplace evidence receipts, and asset submission no longer creates a silent publisher identity without audit evidence.
Added Attesto Marketplace documentation and production gate
Added the public Marketplace guide for validated connector manifests, tenant acquisition, installation, entitlement-gated artifact downloads, publisher validation, marketplace evidence, and security boundaries. The production readiness snapshot now includes a marketplace contract covering backend routes, frontend build policy, connector manifests, connector-kit tests, deployment labels, supported languages, and cross-subdomain tenant-cookie configuration for marketplace.attesto.eu.
Added first-class Go SDK and Attesto CLI
Added a Go SDK module and Attesto CLI backed by the same Proofstream protocol, production API origin, golden vectors, and verifier matrix as Python and TypeScript. Go exposes stream, event, receipt, window, checkpoint, consistency, witness, anchor, IVC, bundle, connector, Local Vault, fork-evidence, and quorum-supporting API methods. The CLI supports JSON output, safe local config, real endpoint calls, offline receipt verification, bundle/fork/quorum checks, connector workflows, Local Vault workflows, and release-readiness evidence checks.
Expanded SDK parity across Python, TypeScript, Go, and CLI
Python, TypeScript, Go, and CLI surfaces now include tenant/operator bearer mode where applicable and backend-supported methods for tenant streams, stream events, windows, checkpoints, proof state, fork evidence, tenant audit packs, connector installation/ingest/revoke, and Local Vault installation/relay/witness/fork-evidence flows. System API keys remain the default for server-side ingest and verification. Tenant bearer tokens remain restricted to trusted operator automation.
Hardened SDK and CLI release gates
SDK production contracts, verifier matrix contracts, dependency security checks, SDK registry/module readiness, CI, and release manifest artifact hashing now include Go and CLI surfaces. Go golden-vector tests prove canonical JSON, domain hashes, HMAC connector signatures, and offline receipt verification. CLI smoke tests prove version output, secret redaction, config persistence, API routing, and offline receipt verification. A version-parity gate now requires Python, TypeScript, Go SDK, and CLI to ship the same canonical release version.
Added certification readiness guide
Added a public Certification Readiness guide covering ISO/IEC 27001, SOC 2 Type II, ISO/IEC 27701, Cyber Essentials Plus, NEN 7510, ENSIA/BIO, and eIDAS 2.0 alignment. The guide explains Attesto's preparation model and explicitly avoids claiming certification, legal-compliance, qualified trust-service, or public-authority outcomes before external review.
Added public Security Management guide
Added a public trust-center guide for Attesto's ISO/IEC 27001 readiness model. It explains the ISMS scope, risk register, asset register, supplier register, incident register, internal audit plan, management review cadence, evidence sources, and claim boundaries without publishing private operational records or claiming certification.
Added guide category filtering, favicon, and ISO alignment evidence
The docs homepage now includes a category filter for guide cards, browser tabs use the Attesto favicon, and the Regulatory Evidence guide documents ISO/IEC 27001 audit-readiness alignment without claiming certification. The release pipeline now includes a machine-readable ISO alignment pack and contract guardrail.
Expanded documentation hub depth
Added a Stripe-style collapsible docs explorer, guide-card tags, and a new Implementation Recipes guide covering SDKs, API, Proofstream, verification, webhooks, connectors, Local Vault, and production rollout paths. Language handbooks now start with clear adoption paths so new users can learn Attesto before diving into advanced Proofstream or Nova concepts.
Released Python SDK on PyPI
The official Python SDK package attesto is now
available on PyPI at version 0.2.0. Fresh
install-smoke verification confirms pip install
attesto==0.2.0 imports AttestoClient,
AttestoV2Client, and defaults to
https://verify.attesto.eu.
Released TypeScript SDK on npm
The official TypeScript SDK package @attesto/sdk is
now available on npm at version 0.2.0. The initial
map-bearing 0.1.0 package was removed from npm.
Current package artifacts contain only runtime JavaScript,
declaration files, README.md, and package metadata.
Added CLI and Go SDK roadmap
The SDK guide now treats CLI tooling and a Go SDK as official
production surfaces alongside Python and TypeScript. CLI scope is
attesto verify, attesto witness, and
attesto bundle. Go is scoped for enterprise
infrastructure, cloud, platform, and security tooling. Neither
surface receives public install commands until real behavior,
tests, artifact policy, install smoke, registry/module readiness,
docs, and changelog evidence are complete.
Defined package naming strategy
Documented the official package namespace for core SDKs, verifier, Local Vault, witness, and connector packages. Attesto will not publish empty package placeholders that resolve to dead-end installs.
Hardened SDK package release metadata
The Python SDK package name is attesto and the
TypeScript SDK package name is @attesto/sdk. The
TypeScript package now carries public npm publish metadata and a
prepublish test gate, and the source release process includes
package artifact and fresh-install smoke checks before registry
publication. Public packages must not contain sourcemaps, raw
TypeScript source, tests, caches, source archives, frontend
bundles, API keys, private keys, or secret-like material.
Added SDK registry readiness gate
Added a production-readiness gate that checks public PyPI and npm
metadata for the official SDK packages. This prevents Attesto
from claiming complete developer distribution until
pip install attesto and
npm install @attesto/sdk resolve from the public
registries at the current release versions.
Released Stripe live billing cutover
Attesto billing now uses live Stripe mode on the server side. Growth and Realtime monthly billing objects match the prices shown in the tenant upgrade flow, the live billing webhook is enabled for subscription lifecycle events, and the strict production launch gate reports production-ready. Stripe keys, webhook signing secrets, object identifiers, and payment payloads are not published in docs, frontend bundles, release reports, or API responses.
Expanded Stripe-style adoption paths
The docs home now treats Attesto as a user manual, developer portal, and trust center. The recommended paths are Developer Path, Architect Path, Operator Path, Compliance Path, and Research Path, starting with the problem Attesto solves before introducing Proofstream, witnesses, quorum, and Nova.
Clarified Nova circuit claim boundary
Upgraded the first Proof of Evolution circuit to a Poseidon state-root transition over committed Pallas scalar digests while keeping the claim boundary explicit: checkpoint validity, policy binding, incident/gap semantics, and witness quorum semantics are still enforced outside Nova until a reviewed successor semantic circuit covers them inside Nova.
Added active navigation and language selector
Added a shared docs-site navigation script that marks the current top-level tab with an accessible active state and adds a language selector. The selector detects browser language, remembers an explicit choice locally, and links to English, Nederlands, Deutsch, Français, Español, Polski, and Italiano handbooks.
Added category-defining docs structure
Reworked docs.attesto.eu around an adoption path: Getting Started, Attesto 1.0 evidence primitives, Attesto 2.0 Proofstream, Witness Plane, Verifier System, Local Vault and connectors, Proof of Evolution, Regulatory Evidence, and tenant-safe Operators.
Added trust center and verification docs
Added public manuals for verifier-first evidence, Trust Boundaries, Failure Modes, verifier bundles, the verifier matrix, fork evidence, quorum, and independent offline verification.
Added multilingual public handbooks
Added public handbook pages for English, Nederlands, Deutsch, Français, Español, Polski, and Italiano. English remains the canonical API and SDK contract language.
Hardened docs HTTPS headers
Hardened docs-site runtime headers so docs.attesto.eu publishes HSTS and security headers on HTML, assets, and health responses. Live smoke checks cover HTTPS-only behavior.
Expanded developer implementation guides
Expanded API, SDK, webhook, connector, Local Vault, and Proofstream docs with request and response shapes, idempotency, signature verification, connector diagnostics, offline verifier behavior, and production safety boundaries.
Added docs.attesto.eu production docs hub
Added a public static documentation site with search, public manuals, changelog policy, Docker image, Swarm routing, SSL termination through the existing Traefik Let's Encrypt path, and a contract that blocks internal or secret-like content from the public bundle.
Added Proofstream public documentation
Published public guidance for receipts, windows, checkpoints, witness/quorum evidence, anchors, bundles, offline verification, SDK v2 methods, connectors, and Local Vault customer-edge usage.