All notable changes to this specification will be documented here.
Format: Keep a Changelog Versioning: Semantic Versioning
parties.did_resolution_statusoptional string field. Values:"bound"(DID verified via Ed25519 challenge-response at registration time),"unverified"(caller-declared identity without cryptographic verification). Absent if noagent_identityis provided. Included in public unauthenticated proof responses.
2.1.2 — 2026-03-24
parties.agent_identity_verifiedoptional bool field —truewhenagent_identityis a cryptographically verified DID bound to the API key via Ed25519 challenge-response. Absent if self-declared.- README: composability section documenting field mapping between proof-spec and Compliance Receipts v0.1 (qntm WG spec)
parties.agent_identitydescription clarified: documents DID binding override behaviour (verified DID takes precedence over caller-declared value)- Section 9:
agent_identity_verifiedincluded in public unauthenticated responses
2.1.1 — 2026-03-23
- Section 6: document
GET /.well-known/did.jsonas a second canonical key distribution endpoint — W3C DID Document (did:web:trust.arkforge.tech) withEd25519VerificationKey2020andpublicKeyJwk
2.1.0 — 2026-03-11
rekorfield — Sigstore Rekor immutable log anchortimestamp_authorityfield — RFC 3161 TSA referenceagent_identityoptional field — identifier for the calling system
chain_hashnow covers request + response + timestamp bundle
1.2.0 — 2026-01-15
hashes.chainfield — tamper-evident combined hashparties.sellerfield — domain of the called API
1.0.0 — 2025-11-01
- Initial proof format specification
proof_id,hashes.request,hashes.responsefields- Ed25519 signature by independent third party
- RFC 3161 timestamp