Skip to content

build(deps): bump @adastracomputing/ink from 0.2.0 to 0.4.0 in /examples/foreign-sender-receiver#76

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/examples/foreign-sender-receiver/adastracomputing/ink-0.4.0
Open

build(deps): bump @adastracomputing/ink from 0.2.0 to 0.4.0 in /examples/foreign-sender-receiver#76
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/examples/foreign-sender-receiver/adastracomputing/ink-0.4.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor

Bumps @adastracomputing/ink from 0.2.0 to 0.4.0.

Release notes

Sourced from @​adastracomputing/ink's releases.

v0.4.0

This release tightens signature verification and input validation and adds several verification helpers. It is published on the next dist-tag.

Potentially breaking validation tightenings

These reject inputs that 0.3.0 accepted. Legitimate signer and receiver traffic is unaffected; the rejected inputs are malformed, malicious, or outside the documented profile.

  • Ed25519 signatures are now verified in strict RFC 8032 mode at every verification site. Small-order public keys and non-canonical point encodings are rejected.
  • Signed JSON numbers are constrained to the forms every canonicalizer serializes identically: non-finite values, negative zero, and values whose shortest form uses exponential notation are rejected at signing and verification.
  • The agent card, audit, handshake, and discovery schemas now enforce maximum field lengths and array sizes.
  • The Authorization: INK-Ed25519 header is matched against single literal spaces; a tab, carriage return, or line feed in the separator is rejected.

Additions

  • verifyCheckpoint(signed, witnessPublicKey, expectedOrigin) verifies a signed C2SP checkpoint: the witness Ed25519 signature over the checkpoint body and the log origin. A checkpoint used for the inclusion-receipt cross-check must be verified this way first.
  • verifyReceipt({ receipt, senderPublicKey, expected }) binds a delivery receipt to the exact message it acknowledges: issuer key, from/to/ messageId, the recomputed message hash, and an optional disposition.
  • verifyInclusionReceipt accepts an event option that recomputes the leaf hash and binds it to receipt.eventId. The legacy eventHash is retained but does not provide that binding.
  • verifyInkAuth returns a prefix-independent principal alongside the raw sender id; per-sender security state (blocks, rate limits) should key on principal. canonicalAgentPrincipal(agentId) is exported for the same use.

Per the pre-1.0 policy this release publishes under the next dist-tag; latest is unchanged.

v0.3.0

extractPublicKeyFromAgentId now accepts either the canonical tulpa: prefix or the ink: alias introduced in ink/0.4. Both carry the identical multibase Ed25519 key, so the bootstrap verification key is byte-identical and a signature made with that key verifies regardless of which accepted prefix carried it. The prefix is identity syntax, not signing authority.

Emission is unchanged: deriveAgentId still returns tulpa: (accept both, emit one). The new AGENT_ID_KEY_PREFIXES export is frozen so a consumer cannot widen the accepted set at runtime. The change is additive and backward compatible. Existing tulpa: inputs behave exactly as before, and every previously rejected prefix other than ink: is still rejected. The wire protocol version is unchanged.

A receiver that keys per-sender security state (blocks, rate limits, duplicate-payload checks, cached verification keys, connection identity) MUST collapse the two spellings to one prefix-independent principal so a sender cannot switch prefix to dodge a block or split a rate-limit window. See Identity.

... (truncated)

Changelog

Sourced from @​adastracomputing/ink's changelog.

0.4.0, stricter verification, message-size bounds, checkpoint and receipt verification

This release tightens signature verification and input validation and adds several verification helpers. It is published on the next dist-tag.

Potentially breaking validation tightenings

These reject inputs that 0.3.0 accepted. Legitimate signer and receiver traffic is unaffected; the rejected inputs are malformed, malicious, or outside the documented profile.

  • Ed25519 signatures are now verified in strict RFC 8032 mode at every verification site. Small-order public keys and non-canonical point encodings are rejected.
  • Signed JSON numbers are constrained to the forms every canonicalizer serializes identically: non-finite values, negative zero, and values whose shortest form uses exponential notation are rejected at signing and verification.
  • The agent card, audit, handshake, and discovery schemas now enforce maximum field lengths and array sizes.
  • The Authorization: INK-Ed25519 header is matched against single literal spaces; a tab, carriage return, or line feed in the separator is rejected.

Additions

  • verifyCheckpoint(signed, witnessPublicKey, expectedOrigin) verifies a signed C2SP checkpoint: the witness Ed25519 signature over the checkpoint body and the log origin. A checkpoint used for the inclusion-receipt cross-check must be verified this way first.
  • verifyReceipt({ receipt, senderPublicKey, expected }) binds a delivery receipt to the exact message it acknowledges: issuer key, from/to/ messageId, the recomputed message hash, and an optional disposition.
  • verifyInclusionReceipt accepts an event option that recomputes the leaf hash and binds it to receipt.eventId. The legacy eventHash is retained but does not provide that binding.
  • verifyInkAuth returns a prefix-independent principal alongside the raw sender id; per-sender security state (blocks, rate limits) should key on principal. canonicalAgentPrincipal(agentId) is exported for the same use.

Per the pre-1.0 policy this release publishes under the next dist-tag; latest is unchanged.

0.3.0, accept the ink: agentId alias for key extraction

extractPublicKeyFromAgentId now accepts either the canonical tulpa: prefix or the ink: alias introduced in ink/0.4. Both carry the identical multibase Ed25519 key, so the bootstrap verification key is byte-identical and a signature made with that key verifies regardless of which accepted prefix carried it. The prefix is identity syntax, not signing authority.

Emission is unchanged: deriveAgentId still returns tulpa: (accept both, emit one). The new AGENT_ID_KEY_PREFIXES export is frozen so a consumer cannot widen the accepted set at runtime. The change is additive and backward compatible. Existing tulpa: inputs behave exactly as before, and every previously rejected prefix other than ink: is still rejected. The wire protocol version is unchanged.

A receiver that keys per-sender security state (blocks, rate limits, duplicate-payload checks, cached verification keys, connection identity) MUST collapse the two spellings to one prefix-independent principal so a sender cannot switch prefix to dodge a block or split a rate-limit window. See Identity.

... (truncated)

Commits
  • 63d78e1 release: 0.4.0 (#61)
  • d15f6eb feat(receipts): add verifyReceipt to bind a receipt to its acknowledged messa...
  • e315a0a harden: reject non-space separators in the Authorization header and correct t...
  • f66df6a fix(audit): bind inclusion-proof verification to the receipt's event (#58)
  • 6ad4ea0 feat(audit): verify transparency-log checkpoint signatures (#57)
  • c98af10 fix(schemas): bound the sizes of agent-card, audit, handshake and discovery m...
  • ac55388 feat(auth): return a canonical principal from verifyInkAuth (#55)
  • ee915a2 fix: bound validateMessage complexity and reject non-canonical numbers (#54)
  • a17f1e4 fix(crypto): verify Ed25519 signatures in RFC 8032 strict mode (#53)
  • 4184286 build: batch root dev-dependency bumps and fix the nix package hash (#52)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump @adastracomputing/ink
059b16f 
Bumps [@adastracomputing/ink](https://github.com/Ad-Astra-Computing/ink) from 0.2.0 to 0.4.0.
- [Release notes](https://github.com/Ad-Astra-Computing/ink/releases)
- [Changelog](https://github.com/Ad-Astra-Computing/ink/blob/main/CHANGELOG.md)
- [Commits](v0.2.0...v0.4.0)

---
updated-dependencies:
- dependency-name: "@adastracomputing/ink"
  dependency-version: 0.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Dependency updates label Jun 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Dependency updates

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants