Product Changelog

​

Deployment reliability fix

​

Bug fixes

• Platform updates now deploy reliably: A build pipeline issue was causing Docker layer caching to prevent new code changes from being included in deployments, which could delay platform updates from reaching production. Deployments now always include the latest changes, ensuring that bug fixes and improvements ship on schedule.

​

Billing tenant isolation and audit query reliability

​

Bug fixes

• Billing endpoints now enforce tenant isolation at the database level: Internal billing endpoints — including usage tracking and subscription management — were not passing your authenticated session context to the database layer, which meant row-level security policies could not enforce tenant boundaries on those queries. Billing requests now carry the correct authentication context, ensuring your billing data is isolated at the database level in addition to the application layer.
• Trust registry audit queries no longer fail on empty outcome or detail fields: A follow-up to last week’s fix — audit log queries that included events with empty outcome or detail fields were still returning errors because the trust registry could not read NULL values in those columns. If you were seeing failed audit queries for events that had no recorded outcome or detail, those now return results as expected.

​

Trust registry audit query fix

​

Bug fixes

• Trust registry audit queries no longer fail on empty fields: Audit log queries that included events with empty actor or action fields were returning errors because the trust registry could not read NULL values from the database. If you were seeing failed audit queries — particularly for system-generated events that have no associated actor — those now return results as expected.

​

Gateway routing and CORS fixes

​

Bug fixes

• Attestation and transparency log API routing fixed: The attestation and transparency log endpoints were returning unexpected responses because the gateway was stripping the URL path prefix before forwarding requests. If you were calling attestation or transparency log API routes and receiving errors, those should now be resolved.
• Cross-origin API key authentication for attestation and machine identity endpoints: Browser-based applications calling attestation or machine identity endpoints with the X-Api-Key header could receive CORS errors because the header was not included in the gateway’s allowed CORS headers. If you use the JavaScript SDK or make direct browser-based API calls to these endpoints, cross-origin requests with API key authentication now work as expected.

​

Audit log reliability fix

​

Bug fixes

• Audit log pages no longer return errors: The audit log pages in the console — including tenant audit, platform audit, and admin audit views — were returning 500 errors when loading event data. This was caused by a database type incompatibility that prevented audit events containing IP addresses and outcome fields from being read correctly. All three audit views now load and display events as expected.

​

Billing and trust registry migration reliability

​

Bug fixes

• Billing service deployment reliability improved: The billing service could fail to start if a previous deployment left the database in a partially migrated state. The migration runner now automatically recovers from dirty or incomplete migrations, so billing operations — including subscription management, usage tracking, and invoice generation — remain available through deployments without manual intervention.
• Trust registry migration stability: The trust registry could fail during redeployments if a database index already existed from a prior run. Index creation is now idempotent, preventing deployment failures that could temporarily affect attestation verification and issuer lookups.

​

Verification landing page, expanded API routes, and auth fix

​

New features

• Verification landing page: A new /verify page on the website explains how Truthlocks cryptographic verification works and links directly to the verification portal. Use it as a shareable entry point for anyone who needs to verify an attestation or receipt.

​

Updates

• Faster homepage loading: Below-the-fold sections on the homepage are now lazy-loaded, reducing initial page load time. Preconnect hints for analytics services further improve First Contentful Paint and Largest Contentful Paint scores.
• Improved search engine discoverability: The website now includes hreflang locale signals, richer structured data (Organization schema, feature lists, and aggregate offers), and an expanded sitemap. Thirteen redirects have been added for legacy URL paths, so old bookmarks and external links now resolve correctly instead of returning 404s.
• AI bot guidance with llms.txt: A new llms.txt file provides structured guidance for AI crawlers and large language models, helping them understand Truthlocks content more accurately.
• Expanded API gateway route coverage: Nine additional route groups — including settings, privacy, invitations, messages, environments, attestation packs, issuer applications, and assets — are now properly routed through the production API gateway. If you previously received unexpected errors when calling these endpoints, those should now be resolved.

​

Bug fixes

• API key authentication restored: A database migration issue could cause all API key authenticated requests to fail with an internal error. The authentication layer now handles both the old and new database schema gracefully, so existing API keys continue to work without interruption.
• Audit log API routing fixed: The audit log endpoints were returning incorrect responses because the gateway was stripping the URL path prefix before forwarding requests. Audit queries and exports now route to the correct backend service.

​

MAIP API playground, observability accuracy, and homepage fixes

​

Updates

• Interactive API playground for MAIP endpoints: All 29 Machine Identity API endpoints — including agents, sessions, trust scores, truth claims, compliance checks, datasets, models, orchestrations, and workflows — now support the interactive playground in the API reference. You can send live requests directly from the docs against Sandbox or Production without leaving the page.
• More accurate health monitoring: Health probes used by the observability dashboard and status page now use the correct URL scheme and handle request errors gracefully. If a monitored service was previously showing an incorrect health status due to a probe misconfiguration, that should now be resolved.

​

Bug fixes

• Homepage layout and animation fixed: The homepage navigation buttons, live demo grid alignment, and CLI typewriter animation were not rendering correctly. All three are now displaying and animating as expected.

​

Content Security Policy and CSRF fixes

​

Bug fixes

• Web applications no longer stuck on loading screens: All six Truthlocks web apps — console, verification portal, status page, Trust Explorer, website, and docs — could get stuck on a loading spinner because the nonce-based Content Security Policy introduced in Week of April 14 was blocking page scripts from running. Nonces are now correctly wired from the server middleware into each page, so scripts load as expected.
• Console and verification portal form submissions no longer blocked: State-changing requests (such as revoking an attestation or updating settings) in the console and verification portal were returning 403 errors because the CSRF protection introduced in Week of April 14 required a token that the frontend was not sending. CSRF tokens are now included automatically on all relevant requests, so form submissions and actions work without errors.

​

Expanded SCIM filter attribute support

​

Updates

• SCIM filtering on displayName and externalId: The SCIM provisioning endpoint now supports filtering users by displayName and externalId in addition to userName. Identity providers like Azure AD that send displayName-based filter queries during sync now work correctly without returning errors. See the supported filter operators and common IdP filter patterns for details.

​

Database-level tenant isolation and security hardening

​

Updates

• Database-level tenant isolation: All consumer and admin API operations — including attestation management, API key management, portfolio access, privacy exports, and account settings — now enforce tenant isolation at the PostgreSQL layer using row-level security policies, in addition to existing application-level checks. This defense-in-depth improvement ensures that even in the event of an application-level bug, one tenant’s data cannot be accessed by another. No action is required on your part.
• Console login security hardened: The console login flow no longer returns authentication tokens in the response body. Tokens are now set exclusively as HTTP-only cookies, reducing your exposure if a cross-site scripting vulnerability were ever present on the page.
• Blog content sanitized against XSS: Blog posts served on the Truthlocks website are now sanitized before rendering, preventing any malicious content in API-fetched posts from executing in your browser.
• Internal service schema no longer exposed: The signing service previously allowed unauthenticated clients to query its internal API schema via gRPC reflection. Reflection is now disabled in production, reducing the information available to potential attackers.

​

SCIM provisioning, security hardening, and console reliability

​

Updates

• Expanded SCIM filter support: The SCIM provisioning endpoint now supports additional filter operators — including and, or, ne, co, sw, and ew — in addition to the existing eq filter. If your identity provider (Okta, Azure AD, etc.) sends complex filter queries during user and group sync, those queries are now handled correctly instead of returning errors.
• Stronger browser security across all web apps: All Truthlocks web applications — including the console, verification portal, status page, Trust Explorer, and docs — now use nonce-based Content Security Policies instead of static inline rules, and the console and verification portal enforce CSRF protection on all state-changing requests. These changes reduce your exposure to cross-site scripting and request forgery attacks.
• API error responses no longer leak internal details: All API services now return a generic error message for 500-level responses instead of exposing internal error details. This applies to the attestation, verification, machine identity, and trust registry services. Internal errors are still logged server-side for debugging.
• Improved API stability under unexpected failures: All nine backend services now include panic recovery middleware, which prevents unexpected internal errors from dropping your connection. If a service encounters an unhandled error, you now receive a proper error response instead of a closed connection. This complements the gateway resilience improvements shipped previously.
• Observability dashboard shows real latency data: The observability dashboard previously displayed a hardcoded 500ms p99 latency value. It now computes real p99 latency from actual health check measurements, giving you accurate performance data for all monitored services.

​

Bug fixes

• Console machine identity and receipts pages load correctly: Ten console pages — including the machine identity activity feed, trust distribution, trust policy, low-trust agents, and several receipts management views — were failing to load due to missing API routes. All affected pages now load and display data as expected.
• Anti-fraud dashboard data loading fixed: The anti-fraud page in the console was showing a “Failed to load risk data” error because it was calling incorrect API routes. The page now fetches data from the correct endpoints and displays risk metrics properly.
• Homepage live demo and CLI animation fixed: The live demo section on the homepage had layout alignment issues on desktop and the CLI typewriter animation was not playing. Both are now rendering and animating correctly.

​

Status page accuracy and security hardening

​

Updates

• Stricter cross-origin and browser security policies: All Truthlocks web applications — including the console, verification portal, status page, and Trust Explorer — now enforce a strict CORS origin whitelist instead of reflecting any origin. Additional security headers have been applied across all services, including frame protection, content-type sniffing prevention, referrer policy, and transport security. These changes reduce your exposure to cross-site attacks when using any Truthlocks app.
• Production API route coverage expanded: Several API route groups — including billing, consumer, webhooks, receipts, and machine identity — are now fully routed in the production gateway, closing gaps where certain endpoints could return unexpected errors. If you previously encountered routing issues with any of these endpoints in production, those should now be resolved.

​

Bug fixes

• Status page uptime bars now reflect actual service health: The status page uptime bars previously showed 100% uptime regardless of actual service status. Uptime bars now reflect known incidents and display amber or red when a service is currently degraded or down. A new incident history section also shows past platform events so you can see what happened and when.

​

Dynamic social sharing previews

​

Updates

• Dynamic Open Graph and Twitter card images: When you share a link to truthlocks.com on social media, Slack, or any platform that supports link previews, the preview card now displays a dynamically generated image that matches the current homepage branding — including the “The Trust Platform for Machine & Digital Identity” headline and compliance badges. Previously, shared links used a static image that could fall out of date with the live site. No action needed on your part — this applies automatically to all shared links going forward.

​

Interactive live demo and website improvements

​

New features

• Interactive live demo on homepage: A new live demo section on the homepage showcases animated walkthroughs for verification, attestation, machine identity, and receipt anchoring — auto-cycling through each flow so you can see the platform in action without leaving the page. For a hands-on version, visit the full demo page.

​

Updates

• Animated CLI hero: The CLI section on the homepage now features a typewriter animation with a blinking cursor that triggers as you scroll into view and replays automatically — giving a better sense of how the CLI works in practice.
• Enterprise-first homepage layout: Homepage sections have been reordered to lead with platform capabilities, how it works, and impact — placing enterprise content front and center. The creator-focused section now appears later on the page.
• Expanded header and footer navigation: The site header now includes links to Compliance Engine, Enterprise Platform, Healthcare, and Code Authorship. The footer has been updated with additional product, solution, and resource links. The Support Center link now correctly points to /help.

​

Bug fixes

• Homepage dark mode rendering fixed: Several homepage sections — including the creator showcase and “how it works” cards — were not rendering correctly in light mode. Both light and dark themes now display as expected across all homepage sections.
• Footer label corrected: The “Enterprise” link in the footer Solutions column was mislabeled — it actually linked to the supply chain page. The label now correctly reads “Supply Chain.”

​

Website rebrand and infrastructure monitoring

​

Updates

• Homepage rebrand: The homepage hero now positions Truthlocks as “The Trust Platform for Machine & Digital Identity” with a “Full-Stack Trust Ecosystem” badge, reflecting the platform’s growth beyond attestations into machine identity (MAIP), risk detection, and compliance tooling. No functional changes — this is a messaging update to better describe what the platform does today.
• Infrastructure monitoring for service reliability: All backend services now have automated health monitoring with alerts for high CPU usage, elevated memory consumption, and service availability drops. These controls align with SOC 2 monitoring requirements and help ensure faster incident response if a service degrades. You can check current service status anytime on the status page.

​

API resilience and data protection improvements

​

Updates

• Extended backup retention for SOC 2 alignment: Production database backups are now retained for 30 days, up from 7 days. This provides a longer point-in-time recovery window and aligns with SOC 2 audit expectations for data backup controls. No action is required on your part — your data is automatically covered by the extended retention policy. See trust & compliance for more on how Truthlocks aligns with SOC 2.
• API gateway resilience improvements: The API gateway now includes automatic panic recovery, which prevents unexpected internal errors from dropping your connection. Previously, certain edge-case failures could cause the gateway to reset in-flight connections. Requests that encounter an internal error now return a proper error response instead of a dropped connection. During deployments, the gateway and signing service also drain in-flight requests over a 15-second window instead of terminating them immediately. See gateway resilience for details.
• DoS protection across all services: All API services now enforce HTTP server timeouts that protect against slowloris-style denial-of-service attacks. This improves availability under sustained low-bandwidth connection attempts and helps ensure consistent response times for legitimate API traffic. See connection timeout protection for more details.

​

MAIP Policies API and compliance accuracy

​

New features

• MAIP Policies API: Three new endpoints — List, Create, and Evaluate — let you define runtime enforcement rules for machine agents. Policies can restrict agent actions based on trust scores, scopes, delegation depth, and agent type. Use the evaluate endpoint as a runtime checkpoint before agents perform sensitive operations. See the MAIP Policies API reference for the full rule schema.

​

Updates

• MAIP policy route namespace change: MAIP policy endpoints have moved from /v1/policies to /v1/maip/policies to avoid conflicts with RBAC issuance policies. If you have the previous path hardcoded, update it to /v1/maip/policies. The previous path no longer routes to machine identity policies.
• Compliance language corrected: SOC 2 and ISO 27001 compliance status on the website now reads “Aligned” instead of “Ready” or “Certified,” reflecting that Truthlocks follows these frameworks without holding a formal certification. GDPR and CCPA remain listed as “Compliant” since they are law-based and do not require third-party certification.
• Expanded observability coverage: The attestation and audit services now include observability middleware, closing monitoring gaps and improving the accuracy of service health data on the observability dashboard and status page.

​

Security hardening, zero-downtime deployments, and reliability fixes

​

Updates

• Zero-downtime deployments: The API gateway and signing service now drain in-flight requests over a 15-second window during deployments instead of dropping them. If you previously experienced occasional request failures during platform maintenance windows, those should no longer occur.
• Attestation worker stability: A background worker in the attestation service that handles retention tasks could previously continue running after a shutdown, potentially causing stale state. It now terminates cleanly during restarts.

​

Bug fixes

• Tenant isolation hardened: A security fix ensures that tenant identity is always resolved from your authenticated session rather than request headers, preventing any possibility of cross-tenant data access. This is a defense-in-depth improvement — no action is required on your part.
• Audit log connectivity restored: The audit service was missing a required connection to the trust registry in production, which could cause audit log queries to fall back to an incorrect default. Audit queries now route to the correct backend reliably.
• Verification service configuration hardened: The verification service now receives its attestation service connection explicitly in both production and sandbox, eliminating reliance on a fallback default and improving verification reliability.
• Email reply-to address configured: Platform notification emails — including incident alerts and system notifications — now include the correct reply-to address, so replies reach the right destination.

​

API gateway reliability fix

​

Bug fixes

• Signing and machine identity gateway routes restored: The API gateway was missing two required service URLs — one for the signing service and one for the machine identity service. Without these, the gateway would fail to start on the next infrastructure deployment, which could temporarily block signing operations and all MAIP API endpoints. Both URLs are now configured in production and sandbox environments.
• Console deployment pipeline unblocked: A missing dependency in the console’s lockfile was causing Docker builds to fail, which blocked new console deployments. The lockfile has been corrected and console deploys are proceeding normally.

​

Complete status page and observability service coverage

​

Updates

• Status page shows all 10 services: The status page now lists every monitored backend service — API Gateway, Trust Registry, Attestation Service, Signing Service, Transparency Log, Verification Service, Audit Service, Billing Service, Machine Identity, and AI CMO. Previously, several services were missing from the status page even though they were being monitored internally. You can now check the health of any service directly from the status page or the programmatic status API.
• Observability dashboard service list updated: The observability dashboard in the console now shows matching service tables for both the platform and tenant views, so the services you see in the dashboard match what’s reported on the status page. Use the dashboard to monitor response times, SLA compliance, and uptime for all 10 services.

​

Billing service security hardening

​

Bug fixes

• Billing internal authentication hardened: The billing service could previously fall back to a default development key when the production service key was not configured, potentially allowing unauthenticated internal requests. The service now returns a 503 error if the production key is missing, ensuring that all internal service-to-service calls are properly authenticated. This complements the billing worker reliability fix shipped last week and further strengthens the security of billing operations like subscription management and usage tracking.

​

Billing service reliability improvement

​

Bug fixes

• Billing background workers now shut down gracefully: The billing service’s background workers — responsible for processing dunning retries and overage calculations — could previously continue running after a deployment restart, which in rare cases led to duplicate processing or stale state. These workers now terminate cleanly during service restarts, improving the reliability of automated billing operations.

​

Security hardening, observability, and reliability fixes

​

Updates

• Hardened security headers: All Truthlocks web applications — including the console, verification portal, status page, Trust Explorer, and website — now enforce stricter security headers. Server version information is no longer exposed, referrer policies are tightened, and transport security headers are applied consistently. These changes improve your browser-side security when using any Truthlocks app.
• Expanded observability dashboard: The observability dashboard now monitors five additional services — API gateway, audit, transparency log, machine identity, and AI CMO — giving you a more complete view of platform health. Incorrect port mappings for the billing and signing services have also been corrected, so health indicators for those services are now accurate.
• Improved sitemap coverage: The website sitemap now includes 23 previously missing pages — covering product, solution, use-case, resource, and audience pages — so search engines can index the full site. If you’ve had trouble finding Truthlocks pages through search, discoverability should improve.

​

Bug fixes

• Status page now shows accurate service health: The status page was incorrectly displaying all services as experiencing an outage because health check endpoints were not properly configured. Service health indicators now reflect actual availability.
• SSO login URL corrected: The single sign-on (SSO) login flow on the console sign-in page was redirecting to an incorrect URL, which could prevent SSO users from signing in. The SSO slug now points to the correct console domain.
• Verification portal logo loading fixed: The verification portal homepage could fail to load the Truthlocks logo in certain environments. Logo loading is now reliable with a proper fallback in place.
• Verification portal routing improved: The verification portal was intermittently falling back to a slower public routing path instead of using optimized internal routing. Requests now route correctly, improving page load reliability.

​

Metered product reference and usage tracking

​

Updates

• Complete metered product reference: The billing overview now documents all 16 metered products organized into four categories — Core (mints, verifications, storage, proof bundles, webhooks, seats), MAIP (agents, sessions, trust score computes, compliance checks), AI (dataset attestations, model attestations), and Anti-Fraud (risk signals, deepfake scans, velocity records). Each product includes a description and default rate, so you know what counts toward your usage before you start building.
• Usage API returns all 16 metrics: The usage endpoint now returns up to 16 counters organized by product group. Each metric includes your current consumption, plan limit, billing period, and unit of measurement — making it straightforward to monitor usage programmatically across all platform services.
• Projected monthly spend in the console: The usage dashboard at Settings > Billing > Usage now shows a projected monthly cost based on your current consumption rate and effective per-unit rates. Use it to forecast spending before the billing cycle closes.

​

Billing transparency, dark mode, and stability fixes

​

New features

• Full metered product pricing: The pricing page now lists all 16 metered products across four categories — Core, MAIP, AI, and Anti-Fraud — so you can see exactly what you’re paying for. The pricing calculator has also been expanded with sliders for agents and receipts, and the feature comparison table now includes MAIP, AI, and Anti-Fraud rows.
• Dark mode on status page and verification portal: The status page and verification portal homepage now fully support dark mode, matching your system preference. All components — service cards, uptime bars, subscription forms, navigation, and history views — render correctly in both light and dark themes.

​

Updates

• Expanded usage dashboard: The console usage page now tracks 16 metrics organized by product group instead of the previous two, giving you a more detailed view of your consumption across all platform services.
• Error and loading pages: The console, status page, verification portal, docs, and Trust Explorer now display polished error, loading, and not-found pages instead of raw framework defaults — improving the experience when something goes wrong or a page is loading.
• Accessibility improvements: Images on the Trust Explorer — including issuer logos and profile images — now include descriptive alt text for screen readers.

​

Bug fixes

• Invoice date formatting fixed: Invoice dates in the console billing section were displaying as raw strings instead of formatted dates. Dates now render correctly.
• Brand name consistency: A remaining instance of “Truthlock” (without the “s”) has been corrected to “Truthlocks” across generated route metadata.
• Status page dark mode rendering: Dark-mode utility classes on the status page were being ignored due to a missing Tailwind configuration. Dark mode styles now apply correctly.
• Website header navigation fixed: A broken SVG icon in the site header has been corrected and now renders properly.

​

Solution pages and PyPI package updates

​

New features

• Solution pages: Three new pages on truthlocks.com — AI Verification, Developers, and Enterprise — explain how Truthlocks fits different use cases. Use them to understand which platform capabilities are most relevant to your needs before diving into the docs.

​

Updates

• PyPI package descriptions: All seven framework-specific AI connector packages — truthlocks-langchain, truthlocks-llamaindex, truthlocks-crewai, truthlocks-autogen, truthlocks-openai, truthlocks-anthropic, and truthlocks-bedrock — now render full README descriptions on PyPI (v1.0.1). Previously, the package listing pages were blank. You can now read setup instructions, usage examples, and feature overviews directly on PyPI before installing.

​

Interactive verification demo

​

New features

• Interactive verification demo: The demo page walks you through the full Truthlocks verification flow in four steps: generate a receipt, verify its cryptographic hash, tamper with the data, and see the mismatch detected — all running client-side in your browser using Web Crypto SHA-256. This is the fastest way to understand how Truthlocks works before signing up. Try it at truthlocks.com/demo.

​

Framework-specific Python packages for AI connectors

​

New features

• Framework-specific PyPI packages: Instead of installing a single monolithic package, you can now pip install the connector for your framework directly: truthlocks-langchain, truthlocks-llamaindex, truthlocks-crewai, truthlocks-autogen, truthlocks-openai, truthlocks-anthropic, and truthlocks-bedrock. Each package wraps the core MAIP AI connectors library and pulls in only the dependencies for that framework — keeping your environment lean. All packages are published at v1.0.0 on PyPI. See the supported frameworks table for install commands.

​

Brand consistency and API error handling

​

Updates

• Structured API error responses: The API gateway now returns RFC 7807 Problem Details JSON for 404 Not Found and 405 Method Not Allowed errors. If you integrate with the Truthlocks API, error responses on invalid routes now include a consistent type, title, status, and detail field — making it easier to handle errors programmatically. See the error handling guide for details.

​

Bug fixes

• Brand name corrected on authentication pages: The company name was displayed as “Truthlock Inc.” instead of “Truthlocks Inc.” on the sign-in, sign-up, and verification portal login pages, as well as the status page footer. This is now corrected across all pages.
• Website product URL redirect fixed: Visiting /products/* on truthlocks.com now correctly redirects to /product/*. Previously, these URLs returned a 404.

​

Verification portal stability fix

​

Bug fixes

• Verification portal navigation fixed: The consumer navigation sidebar on the verification portal could fail to render correctly due to a component error, which in some cases prevented the sidebar from loading. This is now fixed — navigation loads reliably for all users.

​

MAIP integration link and identity fixes

​

Bug fixes

• VS Code extension marketplace ID corrected: The VS Code extension was listed with an incorrect marketplace identifier, which meant the install link from the Downloads and Plugins pages did not resolve. The extension ID is now correct, and the marketplace listing also displays the proper Truthlocks brand icon.
• JetBrains plugin link fixed: The JetBrains plugin link on the Plugins page was returning a 404. It now points to the correct repository where you can download and install the plugin.
• GitHub Action slug corrected: The MAIP GitHub Action was referenced with an incorrect slug on the Downloads page. The link now points to the correct Action, so you can find and install it from the GitHub Marketplace without issues.

​

Docker images for MAIP services

​

New features

• MAIP Docker images: Official Docker images are now available for the CLI, MCP Server, event streaming gateway, and Slack integration. Pull and run any image individually, or use the new Docker Compose file to spin up the entire MAIP integration stack in one step. This is the fastest way to get started with self-hosted MAIP integrations. Images are available on the Downloads page. See the Docker deployment guide for setup instructions.
• Docker Compose for MAIP: A single docker-compose file orchestrates all five MAIP service containers — the CLI, MCP Server, event streaming gateway, Slack integration, and the core machine identity service — so you can run the full stack locally for development and testing. See the full Docker Compose example to get started.

​

Updates

• VS Code extension marketplace metadata: The VS Code extension now includes an updated README and changelog on the Visual Studio Marketplace, making it easier to understand what the extension does before installing it.

​

SDK and integration package references corrected

​

Bug fixes

• Go module paths corrected: The Kafka connector and event streaming gateway Go modules were referencing an incorrect GitHub organization in their module paths, which could cause go get and go mod tidy to fail. Both packages now resolve to the correct namespace.
• Python package URLs fixed: The Delta Lake plugin, DVC plugin, MLflow plugin, and AI model connectors had incorrect repository URLs in their package metadata. Links from PyPI now point to the correct source repositories.
• Neovim plugin references updated: The Neovim plugin documentation and source code contained outdated organization references. All help docs and Lua source files now link to the correct repository.
• GitHub Action references corrected: The MAIP GitHub Action source files had incorrect organization references in check annotations and comment templates. CI output now displays the correct links.

​

Website resources pages fixed

​

Bug fixes

• Corrected package names and install commands: The Downloads page was displaying incorrect package names, which could cause failed installs if you copied the commands directly. The correct package names are now shown.
• Fixed GitHub organization links: Links to the Truthlocks GitHub organization on the Integrations and Plugins pages were pointing to the wrong organization. All repository links now resolve to the correct source.
• Fixed documentation links on resources pages: Several “View docs” links on the Integrations, Downloads, and Plugins pages were broken or pointing to outdated paths. All links now point to the correct documentation pages.
• Homepage CLI section updated: The CLI install command on the homepage hero section now references the correct package name.

​

Build infrastructure restored

​

Bug fixes

• Deployment pipeline restored: A misconfiguration caused critical build and packaging files to be overwritten with empty content, which blocked new deployments from building and shipping. All affected files have been restored to their correct state. No user-facing functionality was affected, but this fix ensures that platform updates and patches resume shipping on schedule.

​

Console UX polish, SEO improvements, and reliability fixes

​

Updates

• Modern notifications in console and verification portal: Browser-native alert and confirmation dialogs have been replaced with toast notifications and inline confirmation modals across the console and verification portal. Actions like revoking attestations or deleting resources now show polished in-app confirmations instead of default browser popups.
• Sitemaps for all public apps: The documentation, status page, and transparency portal now serve XML sitemaps, improving search engine indexing and discoverability.
• Website footer updated: The truthlocks.com footer has been refreshed with current navigation links and branding.

​

Bug fixes

• API reference playground requests unblocked: The interactive API playground was blocking live requests due to a Content Security Policy misconfiguration. API calls from the playground now work as expected in both Sandbox and Production environments.
• Website contact form fixed: The contact form on truthlocks.com was returning 500 errors. The form now submits successfully.
• Audit log API routing corrected: Audit log queries and exports could intermittently fail due to a backend routing misconfiguration. Audit log data now returns reliably.

​

Q3 2027 platform recap

​

New features shipped this quarter

• Compliance exports: Export audit data formatted for SOC 2, GDPR, and HIPAA directly from the console or API, in JSON or CSV. Requires the Compliance Pack add-on. See the compliance exports guide.
• Africa (AF) data residency region: A third data residency region in Cape Town is now available for tenants subject to POPIA or other African data sovereignty requirements. See data residency.
• Custom SMTP for email delivery: Enterprise and government tenants can route all platform emails through their own SMTP server. See email delivery.
• Account security controls: Enable TOTP-based multi-factor authentication, change your password, and manage active sessions from your account settings. See the account security guide.
• Email verification page: The post-signup email verification flow now works end to end with a dedicated confirmation page.

​

Updates

• Instant issuer activation: New issuers now activate immediately at the Basic trust level — no manual approval required. Start minting attestations as soon as you create an issuer. The quickstart, Trust Explorer, RBAC permissions, issuer applications, and B2G Procurement Pack all reflect this change.
• SIEM integration expanded: Step-by-step setup instructions now cover five providers — Splunk, Datadog, AWS CloudWatch, Elastic/ELK, and custom webhooks with HMAC signature verification. See the SIEM integration guide.
• Issuer applications clarified: Applications are now only needed to upgrade from the default Basic tier to a higher trust level such as Verified Organization or Government Entity. See the issuer applications guide.
• MAIP and Anti-Fraud production verified: All 44 Machine Identity endpoints and all five Anti-Fraud detection paths — including deepfake scanning, ATO detection, and velocity scoring — are confirmed stable in production.
• SDKs finalized: The JavaScript, Go, and Python SDKs are published with full API coverage, typed interfaces, and correct documentation links.

​

Bug fixes

• MAIP GitHub Action installs reliably: Fixed a missing package specifier that could cause pnpm install --frozen-lockfile to fail in CI. See MAIP integrations.
• Proof bundle downloads restored: Proof bundle downloads are no longer blocked by incorrect billing entitlement checks.
• Public verification works without authentication: The verification portal no longer returns 401 errors for anonymous lookups.

​

Issuer activation rollout complete

​

Updates

• Instant issuer activation rollout complete: Over the past three weeks, every platform surface has been updated to reflect the new issuer onboarding model — new issuers activate immediately at the Basic trust level with no manual approval gate. This includes the quickstart, introduction, Trust Explorer, transparency settings, RBAC permissions, issuer applications, and B2G Procurement Pack. If you were waiting to try the platform, you can now create an issuer and start minting attestations immediately.

​

Bug fixes

• MAIP GitHub Action installs reliably: Fixed a missing package specifier in the MAIP GitHub Action dependency manifest that could cause pnpm install --frozen-lockfile to fail. If you were seeing install failures in CI when using the GitHub Action, this is now resolved.

​

Compliance exports, Africa data residency, and account security

​

New features

• Compliance exports: Export your audit data in framework-specific formats for SOC 2, GDPR, and HIPAA reporting. Each report includes the evidence auditors need — control mappings, data processing records, or security audit trails — formatted for the target framework. Generate reports from Settings > Audit > Export in the console or via the API, in JSON or CSV. Requires the Compliance Pack add-on. See the compliance exports guide.
• Africa (AF) data residency region: A third data residency region is now available in Cape Town, South Africa, for tenants subject to POPIA or other African data sovereignty requirements. Your region is assigned automatically based on your organization’s country code. All tenant data — users, attestations, evidence, files, billing records, and audit logs — stays in the selected region, with HTTP 409 enforcement if a request is routed to the wrong region. See data residency.
• Custom SMTP for email delivery: Enterprise and government tenants can now route all platform emails through their own SMTP server instead of the default AWS SES infrastructure. Configure your SMTP host, port, and credentials from Settings > Email in the console. This is useful for organizations that require emails to originate from their own mail systems. See email delivery.
• Account security controls: You can now enable multi-factor authentication (TOTP), change your password, and manage active sessions directly from your account security settings. MFA works with any authenticator app (Google Authenticator, Authy, 1Password). Session management lists all active sessions by device and location, and lets you sign out other sessions if you suspect unauthorized access. See the account security guide.

​

Updates

• SIEM integration guide with provider-specific setup: The SIEM integration guide now includes step-by-step setup instructions for five providers — Splunk (HTTP Event Collector), Datadog (Log Management API), AWS CloudWatch, Elastic/ELK, and custom webhooks with HMAC signature verification. You can also update or delete existing SIEM destinations via the API. Requires the Enterprise tier.
• Email bounce handling and suppression: The platform now automatically suppresses email addresses that hard bounce or receive spam complaints. Suppressed addresses are checked before every send attempt, and the API returns an EMAIL_SUPPRESSED error code if a recipient is on the suppression list. This improves deliverability and protects your sender reputation. See email delivery.
• Console session management for administrators: Tenant administrators can now view and revoke active console sessions from Settings > Sessions. Each session shows the device, browser, location, and last-active timestamp. Revoke any session to immediately sign out that user. See account security.
• Issuer applications are now for trust tier upgrades only: The issuer application guide has been updated to clarify that new issuers activate immediately at the Basic trust level — no application required. Applications are only needed when you want to upgrade to a higher tier such as Verified Organization, Government Entity, or Accredited Institution. The application workflow, evidence upload steps, and approval process remain the same.
• Government onboarding reflects instant activation: The B2G Procurement Pack onboarding flow now shows that government agency issuers are activated at the Basic tier as soon as they are created during the onboarding wizard. Agencies that need a higher trust tier can submit an issuer application after onboarding — there is no longer a waiting period before minting.

​

Trust Explorer tiers and RBAC alignment

​

Updates

• Trust Explorer now shows Basic and Verified tiers: The public issuer directory on the Trust Explorer previously displayed “Pending” and “Verified” badges. Since new issuers are now active immediately, the “Pending” tier has been replaced with Basic — the default trust level assigned on creation. Organizations that complete governance review are shown as Verified. To upgrade from Basic to Verified, submit an issuer application. See transparency settings.
• Governance permission scope clarified: The governance:approve RBAC permission previously described as “Approve pending issuers” now reads “Approve governance requests” — reflecting that manual approval is no longer part of issuer creation. This permission applies to trust tier upgrade reviews and other governance actions. No changes to how the permission works; this is a label update only.

​

Streamlined issuer onboarding

​

Updates

• Instant issuer activation: When you create an issuer, it now returns status: "ACTIVE" immediately — no waiting for a governance admin to approve it. You can start minting attestations right away after registering your issuer and signing key. The quickstart and introduction now reflect this streamlined flow.
• Issuer applications for higher trust tiers: Manual review is now reserved for organizations that need an elevated trust tier — Verified Organization, Government Entity, or Accredited Institution. Submit an issuer application when you’re ready to upgrade from the default Basic tier. Basic-tier issuers have full minting and signing capabilities.

​

Public verification, email flow, and stability improvements

​

New features

• Email verification page: The post-signup email verification flow now works end to end. Clicking the verification link in your email lands on a dedicated setup page that confirms your account — previously this returned a 404. The sign-in page also now shows a “check your email” banner after signup.
• Issuer auto-approval on registration: New issuers are now activated immediately upon creation, removing the previous manual review step. You can start minting attestations right away after registering your issuer.

​

Updates

• Proof bundle downloads restored: Proof bundle downloads were failing for some users due to an incorrect billing entitlement check. Downloading proof bundles is now unrestricted — billing is enforced at attestation creation time, not on read. Developer plan accounts also now include 100 proof bundle downloads.
• Public verification no longer requires authentication: The verification portal was returning 401 errors for anonymous verification lookups. Public verification now works without authentication as intended — anyone with a verification link can confirm an attestation’s validity.
• Transparency log checkpoints available across all tenants: The transparency log checkpoint endpoint was returning empty results in some cases. Checkpoints are now correctly aggregated across all tenants, so inclusion proofs resolve reliably.
• Email notifications working in production: Several email templates — including email verification, issuer approval, incident notifications, and password reset — had broken placeholders that prevented delivery. All notification emails now render correctly with the right content.
• Marketing page signup links fixed: Seven call-to-action buttons across the pricing, product, and calculator pages on truthlocks.com were linking to a non-existent signup URL. All CTAs now point to the correct sign-up page.

​

Bug fixes

• Key generation errors for new tenants resolved: New tenants could encounter a 500 error when generating their first issuer key because the production environment wasn’t auto-created. Environment setup is now automatic on first key generation.
• Audit log writes no longer silently dropped: Audit log entries triggered by API requests were occasionally lost due to a request lifecycle issue. Audit writes now complete reliably regardless of when the originating request finishes.
• Console dashboard loads correctly: The tenant console dashboard was returning 401 errors on load. Dashboard data now routes through the correct backend path and loads as expected.
• Cryptographic signing algorithm corrected: The platform’s KMS integration was selecting an incompatible Ed25519 signing algorithm variant, which could cause signature validation errors. The correct algorithm is now used for all signing operations.

​

Platform production readiness milestone

​

Updates

• Machine Identity stability verified: All 44 MAIP API endpoints have been verified stable after the route conflict fixes shipped last week. If you previously experienced intermittent errors with agent registration, session management, or trust score queries, those issues are resolved. No further action is needed.
• Anti-Fraud detection paths complete: All five detection paths — direct signal ingestion, event normalization, deepfake scanning, ATO detection, and velocity scoring — are confirmed stable in production with real-time webhook notifications for signal creation and escalation events.
• SDK packages finalized: The JavaScript, Go, and Python SDKs — including the @truthlocks/sdk-antifraud package — are published to npm with proper MIT licensing, hardened package contents, and corrected documentation links.
• 12 MAIP integrations production-ready: All integrations — Slack, GitHub Action, Linear, Notion, VS Code, JetBrains, MCP Server, Neovim, event streaming, Kafka, MLflow, and AI model connectors — are available for use. Browse them on the Integrations hub or the MAIP integrations guide.

​

MAIP stability, SDK hardening, and website navigation

​

Updates

• MAIP API stability improvements: Resolved route conflicts in the Machine Identity service that could cause certain API requests to return unexpected errors. If you experienced intermittent failures when calling MAIP endpoints — particularly agent registration, session management, or trust score queries — those issues are now fixed.
• SDK package security: The JavaScript, Go, and Python SDK packages have been hardened to exclude internal source files and now include proper open-source licensing. No changes to the SDK APIs — this only affects the published package contents.
• Website resources navigation: The marketing site header now includes a Resources dropdown with direct links to the Integrations hub, Downloads, and Plugins pages — making it easier to discover available tools without navigating through the docs.
• MAIP endpoint path changes: Two Machine Identity API paths have changed. If you have these routes hardcoded, update them:
  • GET /v1/compliance/{entityID}/status is now GET /v1/compliance/entities/{entityID}/status
  • GET /v1/datasets/{attestationID}/lineage is now GET /v1/datasets/lineage/{datasetId}
  The previous paths no longer resolve. See the compliance API and dataset lineage API references for the current routes.
• Open-source licensing: The repository-level MIT license file is now in place, so the license link shown on npm package pages resolves correctly.

​

Bug fixes

• API input validation hardening: The document status update API now validates input fields against a strict allowlist, closing a potential injection vector. No action needed on your part — this fix is applied server-side.
• Fixed broken links in SDK READMEs: Four links in the JavaScript SDK, Protect CLI, and Anti-Fraud SDK README files on npm and GitHub were pointing to non-existent documentation pages. All links now resolve to the correct guides.

​

Dataset lineage API reference now reflects new path

​

Updates

• Dataset lineage endpoint path finalized: The dataset lineage endpoint now uses GET /v1/datasets/lineage/{datasetId} in the API reference and interactive playground. If you bookmarked the old API reference page or copied example code from the docs, update your references to use the new path. The previous path (GET /v1/datasets/{attestationID}/lineage) no longer resolves. See the Machine Identity guide for an overview of all MAIP endpoints.

​

Website navigation, SDK fixes, and MAIP path changes

​

Updates

• Resources navigation on the website: The marketing site header now includes a Resources dropdown with direct links to the Integrations hub, Downloads, and Plugins pages — making it easier to discover available tools without navigating through the docs.
• MAIP endpoint path changes: Two Machine Identity API paths have changed. If you have these routes hardcoded, update them:
  • GET /v1/compliance/{entityID}/status is now GET /v1/compliance/entities/{entityID}/status
  • GET /v1/datasets/{attestationID}/lineage is now GET /v1/datasets/lineage/{attestationID}
  The previous paths no longer resolve. See the compliance API and datasets API references for the current routes.
• Open-source licensing: The repository-level MIT license file is now in place, so the license link shown on npm package pages resolves correctly. Previously it returned a 404.

​

Bug fixes

• Fixed broken links in SDK READMEs: Four links in the JavaScript SDK, Protect CLI, and Anti-Fraud SDK README files on npm and GitHub were pointing to non-existent documentation pages. All links now resolve to the correct guides.

​

MAIP API stability, SDK security, and API hardening

​

Updates

• MAIP API stability improvements: Resolved route conflicts in the Machine Identity service that could cause certain API requests to return unexpected errors. If you experienced intermittent failures when calling MAIP endpoints — particularly agent registration, session management, or trust score queries — those issues are now fixed.
• SDK package security: The JavaScript, Go, and Python SDK packages published to npm have been hardened to exclude internal source files and now include proper open-source licensing. No changes to the SDK APIs — this only affects the package contents.

​

Bug fixes

• API input validation hardening: The document status update API now validates input fields against a strict allowlist, closing a potential injection vector. No action is needed on your part — this fix is applied server-side automatically.

​

MAIP integration guides, expanded navigation, and cross-linked docs

​

Updates

• Integration overview in machine identity guide: The machine identity guide now includes a quick-reference table of all MAIP integrations organized by category — editor plugins, AI assistants, data pipelines, CI/CD, AI frameworks, and team tools — so you can discover available connectors at a glance.
• Neovim plugin command reference: The Neovim plugin section now documents all five commands (:MaipReceipt, :MaipReceipts, :MaipTrust, :MaipAgent, :MaipSearch), Telescope fuzzy-finder integration for searching receipts, a lualine-compatible statusline component that displays your agent’s trust score, and an auto_receipt option that generates a receipt every time you save a buffer — with copy-paste code snippets for lazy.nvim.
• Event streaming Python SDK: The event streaming gateway now includes a Python SDK with a backend comparison table and configuration examples for running Kafka, EventBridge, Kinesis, NATS, and Redis Streams simultaneously in a single gateway instance — with built-in deduplication, exponential backoff retries, and Prometheus-compatible metrics at /metrics.
• MCP Server configuration: The MCP Server section now includes a ready-to-use JSON configuration snippet for connecting AI coding assistants to the MAIP platform. The server exposes 20 tools, 4 resources, and 3 prompts for agent registration, receipt generation, and trust score queries.
• Orchestration guide cross-links: The AI orchestration guide now links directly to the event streaming gateway and AI model connectors, making it easier to find the right integration when building multi-agent workflows.
• Expanded sidebar navigation: 28 guide and reference pages — including account security, AI metadata, privacy center, Truth Explorer, transparency settings, custom domains, enterprise branding, SIEM integration, data residency, abuse hardening, compliance review, and provider routing — are now accessible directly from the docs sidebar.

​

Neovim plugin, event streaming, SDKs on npm, and homepage refresh

​

New features

• Neovim plugin: A Lua-native plugin for Neovim brings MAIP receipts, agent management, and trust scores into your editor. Browse and create receipts from Neovim commands, search receipts with Telescope, view agent trust scores in the statusline, and auto-generate receipts on file save or git commit. Install via your preferred plugin manager. See the MAIP integrations guide.
• Event streaming gateway: A new multi-backend event streaming gateway generates MAIP data-flow receipts for messages flowing through your event-driven pipelines. Supports Kafka, AWS EventBridge, AWS Kinesis, NATS, and Redis Streams — each with built-in deduplication, retry middleware, and operational metrics. See MAIP integrations.
• SDKs published to npm: The JavaScript, Go, and Python SDKs — including the new @truthlocks/sdk-antifraud package — are now published to npm and available for install. Each package includes full API coverage, typed interfaces, and a README with quickstart examples.
• Use Cases page: A new Use Cases page on the marketing site explains how to apply Truthlocks across common scenarios — from content protection and credential verification to regulatory compliance and supply chain integrity. Use it to find the right starting point for your integration.

​

Updates

• Homepage refresh: The homepage now features an updated capabilities grid highlighting all core platform areas — attestations, receipts, machine identity, anti-fraud, compliance, and billing — alongside corrected pricing information and direct navigation to Machine Identity (MAIP) resources.
• Product and solution pages: Five new deep-dive pages on the marketing site cover attestation workflows, fraud prevention, compliance automation, identity verification, and enterprise trust — giving prospective users a clearer picture of how the platform fits their stack before signing up.
• MAIP launch blog post: A dedicated blog post walks through the Machine Identity launch — what MAIP is, why it matters for AI agent governance, and how to get started with agent registration and trust scoring.
• SEO metadata improvements: Page titles, descriptions, and Open Graph tags across all public-facing pages have been audited and corrected for accuracy, improving search engine discoverability and social media previews.

​

Integrations hub, downloads, and console navigation

​

New features

• Integrations hub: A dedicated Integrations page lets you browse and filter all 28 MAIP integrations in one place — organized by category with search. Find the right connector for your stack without digging through individual guides. See the full list of available integrations in the MAIP integrations guide.
• Downloads page: A new Downloads page collects the CLI, SDKs, IDE plugins, and Docker images into a single reference with copy-to-clipboard install commands.
• Plugins page: A new Plugins page highlights the VS Code extension and JetBrains plugin alongside all available CI and pipeline plugins.

​

Updates

• Console navigation icons: The Machine Identity and Anti-Fraud sections in the console sidebar now display dedicated icons, making it faster to find the right section at a glance.
• Homepage CLI hero: The homepage now includes an interactive CLI section with a terminal animation and copy-to-clipboard, so you can get started with the Truthlocks CLI directly from the landing page.

​

Anti-Fraud case management and risk evaluation engine

​

New features

• Risk evaluation engine: A new POST /v1/risk/evaluate endpoint combines signal ingestion, policy evaluation, and decision recording in a single call. Submit a signal and receive an immediate decision — allow, challenge, block, or review — based on your tenant’s active policy rules. Optionally mint a fraud_decision_receipt for non-repudiation by passing mint_receipt: true with your issuer credentials.
• Risk decision policy rules: Define tenant-scoped policy rules with configurable thresholds (score ranges, signal type matching, subject type filtering) and actions (allow, challenge, block, review, alert). Rules are evaluated by priority, with the highest-priority match winning. Five built-in templates are included out of the box — default_ato, default_deepfake, default_velocity, strict_fraud, and compliance_mode — so you can start with sensible defaults and customize from there.
• Fraud receipt types: Four new platform receipt types are available for fraud-related events — fraud_decision_receipt (records allow/challenge/block/review decisions), ato_alert_receipt (records ATO alert events), risk_block_receipt (proves an action was blocked due to fraud risk), and deepfake_detection_receipt (records deepfake scan results). These receipts provide a cryptographic audit trail for every fraud decision. See receipt types.
• Case management: Open, triage, and resolve fraud cases from the Risk & Fraud > Cases console page. Each case has a severity level, assignee, status workflow, and a full event timeline with notes. Cases are automatically numbered (CASE-YYYY-NNNN) and sorted by severity. Add notes, change status, and track the full investigation history from the case detail view. Cases are also available via the API at POST /v1/risk/cases and GET /v1/risk/cases.
• Evidence packs: Generate a complete evidence bundle for any fraud case via POST /v1/risk/cases/{id}/evidence-pack. The pack collects all risk signals, decisions, ATO profiles, deepfake scan results, velocity windows, and case events for the subject into a single JSON document — ready for your compliance team or external review.
• Block and challenge actions: Two new endpoints let you take immediate action on a subject — POST /v1/risk/block blocks a subject and automatically quarantines them, while POST /v1/risk/challenge records a challenge decision requiring step-up authentication. Query all decisions via GET /v1/risk/decisions with filtering and pagination.
• Quarantine management: Blocked subjects are automatically quarantined. Check a subject’s quarantine status via GET /v1/risk/quarantine/{subject_id} or release them via DELETE /v1/risk/quarantine/{subject_id}.
• Customer risk dashboard: A new Risk & Fraud > Dashboard page in the console shows eight key metrics at a glance — total signals, high-risk signals, decisions made, subjects blocked, subjects challenged, signals under review, open cases, and critical cases.
• Fraud SIEM export: Export fraud signal and decision data in JSON, CSV, CEF, or LEEF format via POST /v1/risk/siem/export. Poll for completion via GET /v1/risk/siem/export/{id}. Use this to feed fraud data into your existing SIEM or security operations workflow.
• Tenant risk configuration: Configure your tenant’s risk thresholds — auto-case creation, automatic blocking, and challenge triggers — from Settings > Risk in the console or via GET /PUT /v1/risk/config. Toggle switches and threshold sliders let you tune the system without code changes.
• Anti-fraud TypeScript SDK: A new @truthlocks/sdk-antifraud package provides 12 methods covering the full anti-fraud workflow — ingestSignal, listSignals, evaluate, evaluateATO, getATOProfile, recordVelocity, blockSubject, getQuarantineStatus, createCase, listCases, generateEvidencePack, and deepfakeScan.

​

Updates

• API key environment isolation: API keys now enforce strict environment boundaries. Production keys (tl_live_ prefix) are rejected in sandbox environments, and sandbox keys (tl_test_ prefix) are rejected in production. This prevents accidental cross-environment calls. See environments.
• Security hardening: Resolved 21 findings from a security audit — including stricter JWT validation, removal of unsafe-eval from Content Security Policies, CORS restrictions to explicit origin allowlists, file upload size limits, SAML and OIDC redirect URL allowlists, and upgraded referrer policies to strict-origin-when-cross-origin across all apps.

​

Machine Identity (MAIP) — generally available

​

New features

• Agent identity registry: Register AI agents with the platform and manage their full lifecycle — create, update, suspend, and revoke. Each agent gets a unique MAIP identifier and an Ed25519 keypair for signing receipts. Rotate keys on demand or mark a key as compromised to auto-suspend the agent. See the Machine Identity guide and the register agent endpoint.
• Agent sessions and tool access: Create short-lived, scope-bound sessions for agents with automatic expiry and session handoff between agents. Register tools with risk levels and enforce least-privilege access controls — including rate limiting, scope validation, and approval gating for dangerous operations. See Agent Authorization and the sessions API.
• Trust scores and multi-witness attestation: Compute trust scores for any agent based on receipt history, compliance status, and peer attestations. Create witness groups where multiple agents independently attest to a claim, with weighted consensus scoring. See Trust Scores and the trust scores API.
• Truth claims and document verification: Create truth claims linked to receipts, with multi-verifier scoring and consensus status (confirmed, disputed, or inconclusive). Verify documents through a four-stage pipeline — upload, extraction, AI verification, and truth claim creation — with each stage chained via receipt linking. See the truth claims API.
• Compliance framework: Run compliance checks against GDPR, SOC 2, HIPAA, AI Act, and PCI-DSS with continuous compliance chains and period-based reporting. Generate compliance reports that aggregate check results by entity and regulation. See the compliance API.
• AI orchestration and workflows: Coordinate multi-agent tasks using sequential, parallel, hierarchical, or competitive execution patterns. Define reusable workflows with JSON step definitions and run them on demand. The LLM integration layer generates privacy-preserving receipts for every inference call — hashing prompts and responses without storing content. See AI Orchestration and the orchestrations API.
• Safety guardrails: Evaluate agent actions against configurable guardrails — prompt injection detection, PII scanning, toxicity filtering, bias checks, hallucination scoring, and budget enforcement. Circuit breakers auto-trip when guardrail violations exceed thresholds. See the guardrails API.
• Dataset and model attestation: Attest datasets with Merkle tree chunking and transformation tracking. Attest ML models with framework, architecture, hyperparameter, and metric metadata. Both automatically create data lineage edges so you can trace provenance upstream and downstream. See the datasets API and the models API.
• Cross-tenant delegation: Offer and accept bilateral trust delegations between tenants, with configurable depth limits and time-to-live. Each delegation step generates a receipt chain for auditability. See Cross-Tenant Delegation and the delegation API.
• Signed agent receipts: Every agent action generates a cryptographically signed receipt — covering nine receipt types including genesis, delegation, action, revocation, data attestation, model attestation, compliance, truth claim, and verification. Receipts are chained via previous_receipt_id for tamper-evident audit trails.
• Policy engine: Define tenant-level policies with conditions (trust score thresholds, scope restrictions, agent type, delegation depth) and effects (allow, deny, or require approval). Evaluate policies in real time before any agent action. See the policies API.
• Anomaly detection: The platform tracks behavioral baselines for each agent and scores deviations on a 0–1 scale. Report and resolve anomalies through the anomaly API.
• Console dashboards: Six new pages in the tenant console — agent registry, sessions, trust scores, delegations, orchestrations, and compliance checks — give you full visibility into your MAIP deployment without leaving the browser.
• Usage metering and plan quotas: All MAIP operations — receipts, compliance checks, sessions, tool invocations, witness attestations, truth claims, document verifications, dataset and model attestations, orchestrations, workflows, delegations, and anomaly reports — count against your plan’s included quotas. See your current usage on the billing usage page.

​

Integrations

• Slack: Slash commands (/maip-receipt, /maip-trust, /maip-agent, /maip-help) let your team query receipts, trust scores, and agent status directly from Slack. Interactive Block Kit layouts display receipt details, risk summaries, and dashboards inline.
• GitHub Action: Automatically generate MAIP receipts for commits, pull requests, releases, CI runs, and build artifacts. Verification results appear as GitHub Check Runs with trust score badges on your PRs.
• Linear: Issue and comment events auto-create MAIP receipts. Verify receipts and post trust scores as comments, with bidirectional sync between Linear and the MAIP platform.
• Notion: Automatically creates Receipts, Agents, and Trust Scores databases in your workspace. Syncs receipts incrementally, generates audit report pages, and updates Notion in real time via webhooks.
• VS Code extension: A sidebar panel for browsing receipts, auto-generating receipts from your editor, and viewing trust data — available from the VS Code marketplace.
• JetBrains plugin: MAIP integration for IntelliJ, PyCharm, and WebStorm with the same receipt browsing and generation capabilities as the VS Code extension.
• MCP Server: A Model Context Protocol server exposing 20 tools, 4 resources, and 3 prompts for AI assistants to interact with the MAIP platform.
• AI model connectors: Python connectors for LangChain, LlamaIndex, CrewAI, AutoGen, OpenAI, Anthropic, and AWS Bedrock. Every AI model call automatically generates a receipt with token counts, cost estimates, and SHA-256 content hashes.
• Kafka connector: Go middleware that auto-generates MAIP data-flow receipts for Kafka messages with batched flushing and operational metrics.
• MLflow plugin: Python plugin that generates cryptographic receipts for every MLflow model run, providing provenance proof for your ML experiments.
• DVC plugin: Python plugin for creating MAIP receipts on DVC data versioning operations.
• Delta Lake plugin: Python plugin for generating receipts on Delta Lake table operations.

​

Updates

• Security hardening: Stricter Content Security Policies across all public-facing apps, tighter CORS restrictions, JWT validation improvements, and file upload size limits. Referrer policies upgraded to strict-origin-when-cross-origin across all apps.

​

MAIP interactive API playground

​

New features

• Interactive playground for all MAIP endpoints: Every endpoint across Machine Agents, Agent Sessions & Tools, Trust & Witness, Truth Claims & Documents, Compliance & Anomalies, Datasets & Models, Orchestrations & Workflows, Guardrails & Delegation, and Observability now includes a playground where you can compose and send live API requests. This covers agent registration, session management, trust score queries, witness attestation, compliance checks, orchestration execution, guardrail evaluation, and observability queries.
• OpenAPI specification for MAIP: A complete OpenAPI 3.0 specification now backs all MAIP endpoints, enabling accurate request/response schemas, parameter validation, and authentication configuration in the playground. The spec supports both X-API-Key and Bearer JWT authentication methods.

​

Updates

• MAIP guide pages updated: The Machine Identity, Agent Authorization, Trust Scores, Cross-Tenant Delegation, and AI Orchestration guides now link to the interactive playground, making it easier to try endpoints while reading the documentation.

​

Risk signal webhook notifications

​

New features

• Risk signal webhook events: Two new webhook event types — risk.signal.created and risk.signal.escalated — fire whenever a risk signal is ingested or crosses the automatic review threshold. This covers signals from direct ingestion, event normalization, deepfake scans, ATO alerts, and velocity anomalies. Subscribe to risk.signal.* to receive both, or pick individually. Each payload includes the signal_id, signal_source, signal_type, risk_score, and subject details, so you can trigger automated responses — block a session, notify your security team, or open a fraud case — without polling the API. See the webhooks guide.

​

Updates

• Unified detection path navigation: All five detection guides — risk signals, deepfake detection, ATO detection, velocity scoring, and webhooks — are now fully cross-linked so you can navigate between detection paths from any guide without returning to the overview.

​

Anti-Fraud Identity Firewall — generally available

​

Updates

• Multi-language API examples across all detection endpoints: Every Anti-Fraud Identity Firewall endpoint now includes request and response examples in cURL, JavaScript, and Python. This covers velocity action recording, velocity window queries, anomaly listing, ATO evaluation, ATO profiles, ATO alerts, deepfake scanning, and scan results retrieval.
• End-to-end detection guides: Each detection path now has a dedicated guide with full workflow coverage — from initial API call to signal review in the console. See the velocity scoring guide, ATO detection guide, deepfake detection guide, and the risk signals overview.
• Layered protection patterns: The velocity scoring guide documents recommended patterns for combining detection paths — use velocity scoring for general abuse (API rate abuse, transaction flooding, registration spam) alongside ATO detection for login-specific security (credential stuffing, subject risk profiles). Both feed into the same unified signal pipeline.
• Webhook notifications for all signal types: Risk signals created by any of the five detection paths — including velocity anomalies and ATO alerts — can trigger real-time webhook notifications, so your security team can respond without polling.

​

Anti-Fraud Identity Firewall — feature-complete

​

Updates

• Custom velocity action types: The velocity scoring engine supports any action type your application produces — failed logins, API requests, transactions, registrations, password resets, verification requests, or any custom action. Define your own action taxonomy and the platform tracks all of them with the same four-window scoring model and automatic risk signal ingestion at score 60 or above.
• Velocity scoring integration patterns: You can combine velocity scoring with ATO detection for layered protection — use velocity scoring for general abuse detection (API rate abuse, transaction flooding, registration spam) and ATO detection for focused login security (credential stuffing alerts, subject risk profiles). See the velocity scoring guide.
• Five-path unified pipeline: All five ingestion paths in the Anti-Fraud Identity Firewall — direct ingestion, event normalization, deepfake scanning, ATO detection, and velocity scoring — now produce identical risk signal records. You can query and review signals from any source in one place using the list signals endpoint or the Risk & Fraud > Signals console. See the ingestion path comparison table.

​

Velocity and anomaly scoring

​

New features

• Record action endpoint: A new POST /v1/risk/velocity/record endpoint accepts any action type and updates rolling window counters for the subject. The response includes current window counts, the computed velocity score, and the signal_id if a risk signal was auto-ingested. Use this to evaluate action frequency in real time as events occur. See the velocity scoring guide.
• Get velocity windows endpoint: A new GET /v1/risk/velocity/{subject_id} endpoint returns all tracked action types for a subject with per-window counts and velocity scores. Use this to inspect a subject’s current velocity profile without recording a new action.
• List anomalies endpoint: A new GET /v1/risk/velocity endpoint returns a paginated list of subjects with velocity scores above a configurable threshold, sorted by score. Use this to monitor for high-velocity anomalies across your tenant.
• Automatic risk signal ingestion: When a subject’s velocity score reaches 60 or above, the platform automatically ingests a risk signal with signal_type: "velocity" into your existing risk signal pipeline — no extra API call needed.

​

Updates

• Five-path risk signal pipeline: The risk signals guide now documents velocity scoring as a fifth ingestion path alongside direct ingestion, event normalization, deepfake scanning, and ATO detection. All five paths produce the same risk signal records. See the updated ingestion path table.

​

Anti-Fraud Identity Firewall — fully integrated

​

Updates

• Unified detection workflow: The deepfake detection guide now links directly to the account takeover detection guide, and vice versa. You can navigate between all four detection paths from any guide in the Anti-Fraud Identity Firewall without returning to the risk signals overview.
• Introduction updated for ATO detection: The introduction now lists account takeover detection alongside deepfake scanning, event normalization, and direct signal ingestion as a core Anti-Fraud capability — making it easier for new users to discover ATO detection from the docs landing page.

​

ATO profile and alert endpoints

​

New features

• ATO profile endpoint: A new GET /v1/risk/ato/profile/{subject_id} endpoint returns the current risk profile for any subject — including risk level, failed login count, known IP addresses, and known devices. Use this to check a subject’s ATO status at any time without triggering a new evaluation. See the ATO detection guide.
• ATO alerts endpoint: A new GET /v1/risk/ato/alerts endpoint returns a paginated list of all ATO alerts for your tenant, with cursor-based pagination and optional subject_id filtering. Each alert includes the alert type (velocity_exceeded or credential_stuffing), the risk level when it was triggered, and the signal_id linking to the auto-ingested risk signal. See the ATO detection guide.

​

Updates

• Four-path risk signal pipeline: The risk signals guide now documents account takeover detection as a fourth ingestion path alongside direct ingestion, event normalization, and deepfake scanning. All four paths produce the same risk signal records, so you can query signals from any source using the list signals endpoint or the Risk & Fraud > Signals console. See the updated ingestion path table.
• ATO detection guide: A dedicated account takeover detection guide walks through the full workflow — sending login events, understanding threshold rules and event types, checking subject profiles, listing alerts, and implementing common integration patterns like blocking on elevated risk and combining ATO with event normalization. Includes code examples in cURL, JavaScript, and Python.

​

Account takeover detection

​

New features

• ATO risk evaluation endpoint: A new POST /v1/risk/ato/evaluate endpoint accepts login events and evaluates them against velocity-based heuristics. Each call tracks the subject’s failed login count within a rolling one-hour window and returns a risk level — normal, elevated, high, or critical — based on configurable thresholds (5, 10, and 20 failed attempts). Use this to assess account takeover risk in real time as login events occur.
• Automatic ATO alerts: When a subject’s failed login count crosses a threshold, the platform automatically creates an alert and ingests a risk signal with signal_type: "ato" into your existing risk signal pipeline. Alerts at the elevated and high levels are classified as velocity_exceeded; at 20+ failures the alert type escalates to credential_stuffing. The response includes the signal_id so you can trace the alert back to its corresponding signal in the Risk & Fraud console or via the list signals endpoint.
• ATO subject profiles: Each evaluated subject gets a profile that tracks their current risk level, failed login count, and known IP addresses. Retrieve a subject’s profile via GET /v1/risk/ato/profile/{subject_id} to check their ATO status at any time without triggering a new evaluation. Query alerts for a subject via the list ATO alerts endpoint.

​

Updates

• Deepfake scan results API — expanded code examples: The scan results retrieval endpoint now includes JavaScript and Python examples alongside cURL, making it easier to integrate scan result lookups into your application code.

​

Unified risk signal pipeline and deepfake scan improvements

​

Updates

• Three-path risk signal pipeline: The risk signals guide now documents deepfake and impersonation scanning as a full third ingestion path alongside direct ingestion and event normalization. All three paths produce the same risk signal records, so you can query and review signals from any source using the list signals endpoint or the Risk & Fraud > Signals console page. See the ingestion path comparison table.
• Deepfake scan API improvements: The deepfake scan endpoint now returns additional fields in the response — detection_model, attestation_id, created_at, subject_ref, and subject_type — giving you richer context for each scan result. The endpoint also includes JavaScript and Python code examples alongside cURL, and documents the pre-computed score passthrough option for teams using external ML models.

​

Deepfake scan results retrieval

​

New features

• Scan results retrieval endpoint: A new GET /v1/risk/deepfake/results/{subject_ref} endpoint returns the most recent scan result for a given subject reference. Use it to check the current deepfake and impersonation status of images, videos, documents, attestations, or identities at any time. The response includes the verdict, scores, triggered indicators, and the linked signal_id if the scan exceeded the risk threshold.
• Deepfake detection guide: A dedicated deepfake and impersonation detection guide walks through the full workflow end to end — submitting scans, reviewing verdicts, using pre-computed scores, linking scans to attestations, and retrieving results. Includes a complete indicator reference table and code examples in cURL, JavaScript, and Python.

​

Anti-Fraud Identity Firewall — now a core platform capability

​

Updates

• Anti-fraud promoted to core use case: The introduction and quickstart pages now feature the Anti-Fraud Identity Firewall alongside existing platform capabilities. New users can discover fraud detection workflows from the moment they land in the docs, with direct links to the risk signals guide, the signal ingestion API, the event normalization API, and the deepfake scan API.
• End-to-end fraud detection pipeline: With this milestone, you can now run a complete fraud detection workflow entirely within Truthlocks — ingest signals from external fraud tools, normalize raw identity events into scored signals automatically, scan subjects for deepfake and impersonation indicators, and review everything in the Risk & Fraud console. See the risk signals guide for a full walkthrough.

​

Deepfake and impersonation detection

​

New features

• Deepfake and impersonation scan API: A new POST /v1/risk/deepfake/scan endpoint accepts a subject reference and either raw indicator signals or pre-computed scores from your external models. The platform’s heuristic engine maps indicators — face swaps, inconsistent lighting, compression artifacts, biometric mismatches, and identity document discrepancies — to deepfake and impersonation scores on a 0–100 scale. Each scan returns a verdict of authentic, suspect, deepfake, or impersonation along with the list of triggered indicators. See the risk signals guide.
• Automatic risk signal creation: When a scan’s deepfake or impersonation score reaches 60 or above, the platform automatically ingests a risk signal into your tenant’s pipeline — no extra API call needed. The response includes the signal_id so you can trace the scan result to its corresponding signal in the Risk & Fraud console or via the list signals endpoint.
• Pre-computed score passthrough: If you already have scores from an external ML model or detection service, pass deepfake_score and impersonation_score directly to skip heuristic analysis. The platform still applies the same verdict thresholds and automatic signal ingestion, so you get consistent classification regardless of the detection source.
• Attestation linking: Associate any scan with an existing attestation by passing an attestation_id. This ties deepfake detection results to the credential they relate to, making it easier to flag and review suspicious attestations.

​

Updates

• Standardized field names across the risk signals API: The signal ingestion and query endpoints now use subject_type and subject_id consistently, replacing the earlier entity_type and entity_id field names. If your integration references the old field names, update them to subject_type and subject_id. The six supported subject types remain the same — user, issuer, attestation, session, ip, and device. See the signal ingestion endpoint and the list signals endpoint.
• New verification.failed event mapping: The event normalization endpoint now recognizes verification.failed as a built-in event type, mapping it to signal type behavior with a base score of 60. This joins the existing five mappings — login.failed.repeated, login.suspicious_geo, verification.invalid_sig, attestation.deepfake_suspect, and session.hijack_suspect — giving you six pre-calibrated event types out of the box. See the built-in event mappings table.

​

Anti-Fraud Identity Firewall — foundation complete

​

Updates

• Two ingestion paths: Submit pre-scored signals from external fraud tools via POST /v1/risk/signals, or send raw identity events via POST /v1/risk/events and let the platform normalize them into scored signals automatically. Use direct ingestion when you already have a risk score; use event normalization for platform-native events like failed logins, suspicious geolocations, and deepfake detections. See the risk signals guide.
• Six entity types for signal ingestion: The signal ingestion endpoint now supports six entity types — user, issuer, session, device, ip, and attestation — so you can attach signals at the right granularity for your use case. Scores use a 0–100 integer scale, with scores at or above 80 triggering automatic review decisions.
• Idempotent signal ingestion: Pass an Idempotency-Key header when ingesting signals to safely retry without creating duplicates. Duplicate signals with the same key are silently ignored.
• Risk & Fraud console: The Risk & Fraud > Signals page in the console lets you browse, filter, and inspect all ingested signals with color-coded score badges. Filter by source, type, or minimum score, and click any row for full details. Cases and Dashboard pages are available in the navigation as the feature set expands.
• Cursor-based pagination and filtering: The list signals endpoint supports cursor-based pagination with filters for source, signal type, entity type, entity ID, and minimum score — ready for dashboards, alert pipelines, and batch analysis.

​

Identity event normalization and enrichment

​

New features

• Identity event normalization API: A new POST /v1/risk/events endpoint accepts raw platform events and automatically maps them to canonical risk signal types with base scores. The platform recognizes built-in event types including login.failed.repeated (maps to ato, score 70), login.suspicious_geo (maps to geo_anomaly, score 65), verification.invalid_sig (maps to behavior, score 75), attestation.deepfake_suspect (maps to deepfake, score 85), and session.hijack_suspect (maps to ato, score 90). Unknown event types are accepted with a safe fallback so you can start sending events immediately. The response includes both the raw event ID and the normalized signal ID for full traceability. See the event normalization guide and the API reference.
• Automatic metadata enrichment: Normalized signals are enriched with available context — issuer trust tier, geolocation, and device metadata — before being stored. This means signals created through event normalization carry richer context than manually ingested signals, improving downstream fraud analysis without extra work on your part.
• Unified signal pipeline: Events submitted to /v1/risk/events produce the same risk signal records as direct ingestion via /v1/risk/signals. You can query, filter, and review normalized signals using the existing list endpoint and the Risk & Fraud > Signals console page — no changes to your existing workflows.

​

Updates

• Expanded risk signal ingestion fields: The signal ingestion endpoint now supports subject_type for categorizing entities (user, issuer, session, device, ip, attestation), user_agent for browser context, and an Idempotency-Key header for safe retries — duplicate signals with the same key are silently ignored. Risk scores use a 0–100 integer scale, with scores at or above 80 triggering automatic review decisions.

​

Risk signals — entity types, flexible taxonomy, and production-ready querying

​

Updates

• Six subject types: Each risk signal is tied to one of six subject types — user, issuer, attestation, session, ip, or device — so you can model signals at the right granularity for your use case. For example, attach device fingerprint signals to a device subject and IP reputation scores to an ip subject, then query signals for a specific subject across all sources. See the ingest endpoint.
• Flexible signal taxonomy: The source and signal_type fields are free-form strings, so you can define your own naming conventions across integrations — device_fingerprint, ip_reputation, email_verification, behavioral, or any custom source. This lets you centralize signals from multiple vendors without mapping to a fixed schema. See the risk signals guide.
• Tenant-isolated signal storage: All risk signals are protected by row-level security. Signals are bound to your tenant at ingestion time and queries can only return your own signals — ensuring complete data isolation in multi-tenant deployments.
• Cursor-based pagination and filtering: The list signals endpoint supports cursor-based pagination with filters for source, signal_type, subject_type, subject_id, and min_score. Use this to build dashboards, alert pipelines, or batch analysis jobs against your ingested signal data.

​

Risk signal ingestion pipeline

​

New features

• Risk signal ingestion API: You can now submit risk signals to the platform via POST /v1/risk/signals and retrieve them individually via GET /v1/risk/signals/{id} or as a filtered, paginated list via GET /v1/risk/signals. Each signal carries a risk score (0–1), source identifier, and signal type, giving you a structured way to feed fraud and abuse intelligence into your verification workflows. Use this to centralize risk data from third-party fraud tools, manual reviews, or internal detection systems.
• Risk & Fraud console section: A new Risk & Fraud section in the console provides a dedicated Signals page where you can browse all ingested risk signals with color-coded score badges (green for low, amber for medium, red for high), filter by source, type, or minimum score, and paginate through results. Cases and Dashboard pages are also available in the navigation as the feature set expands in the coming weeks.

​

Console login fix and security hardening

​

Updates

• Console security hardening: The console’s Content Security Policy now blocks inline script evaluation, closing a potential cross-site scripting vector. No action is needed on your part — this change is applied automatically.
• Shorter CORS preflight cache: The API gateway now caches CORS preflight responses for one hour instead of 24 hours. If you update your integration’s origin or headers, the change takes effect faster without waiting for the previous cache window to expire.

​

Bug fixes

• Console login fix for Business tenants: All Business-tier tenants were unable to log in to the console due to an account routing issue. The issue has been resolved and affected accounts have been automatically repaired — you can now log in normally.

​

Console receipt management and receipt export endpoint change

​

Updates

• Console receipt management: The Receipts page in the console now includes search, export, proof bundle download, and redaction controls. Search receipts by keyword or filter directly from the list view. Export receipts as CSV or JSON with a status banner that tracks job progress. Download a self-contained proof bundle from any receipt’s detail page. Redact a receipt’s payload with a confirmation dialog (active receipts only). These features were previously only available via the API — they are now fully accessible from the console. See the receipts guide.
• Receipt export status endpoint moved: The endpoint for checking a receipt export job’s status has moved from GET /v1/receipts/export/{id} to GET /v1/receipt-exports/{id}. If you poll for export completion in your integration, update the URL to use the new path. The POST /v1/receipts/export endpoint for queuing exports is unchanged. See receipt export.

​

Bug fixes

• Server stability fix: A routing conflict could cause the service to crash on startup under certain conditions. The conflict has been resolved — no action is needed on your part.

​

AI CMO email delivery, tenant login, and receipt reliability fixes

​

Bug fixes

• AI CMO email delivery: All campaign emails were failing to send. The issue has been resolved and any emails that failed during the outage will be automatically retried on the next delivery cycle. If you noticed campaigns stalling, they should resume without any action on your part. See the AI CMO guide.
• Campaign lead deduplication: The same lead could receive emails from multiple campaigns simultaneously if discovery cycles ran in parallel. Lead assignment is now atomic, so each lead only appears in one active campaign at a time.
• Campaign lead discovery: All campaigns were discovering the same set of leads instead of progressing through different result pages. Each campaign now advances through unique lead pages based on its existing lead count, improving discovery variety across campaigns.
• Tenant login after email verification: Tenants who completed email verification could be blocked from logging in because their account remained in a pending state. Tenant activation now happens atomically alongside email verification, so you can log in immediately after confirming your email. Existing affected accounts have been automatically repaired.
• Receipt listing reliability: The receipts list endpoint could intermittently return a server error instead of your receipt data. Error handling has been improved so the endpoint returns results reliably.

​

Truth Receipts

​

New features

• Truth Receipts: You can now mint signed, immutable receipts for any event type. Each receipt is cryptographically signed with your issuer key (Ed25519 or ES256), anchored in the transparency log with a Merkle inclusion proof, and offline-verifiable via proof bundle export. Use receipts to create tamper-evident records of payments, security events, document deliveries, compliance checks, or any custom event. See the receipts guide.
• Five platform receipt types: Five receipt types are available out of the box — payment_receipt for payments and refunds, security_event_receipt for auth events and key rotations, delivery_receipt for document deliveries and notifications, compliance_receipt for KYC/AML checks and regulatory evidence, and custom_receipt for any other event. Each type includes a JSON Schema that validates your payload before signing. See receipt types.
• Custom receipt types: Create your own receipt types with custom JSON Schemas via POST /v1/receipt-types. Deprecate or archive types you no longer need. Use this to model domain-specific events — warranty claims, inspection reports, delivery confirmations — with schema-validated payloads. See create a receipt type.
• Signing policies: Define per-type signing policies that control which issuers, trust tiers, and signing algorithms are allowed. For example, restrict compliance_receipt to HSM-backed keys from issuers with a minimum trust tier. See signing policies.
• Receipt verification: Verify any receipt independently via POST /v1/receipts/verify. The endpoint checks revocation status, key compromise history, and cryptographic signature validity, returning one of six verdicts — VALID, REVOKED, INVALID_SIGNATURE, KEY_COMPROMISED, KEY_INACTIVE, or NOT_FOUND. See receipt verification.
• Receipt proof bundles: Download a self-contained proof bundle for any receipt via GET /v1/receipts/{id}/proof-bundle. The bundle includes the signed receipt envelope, Merkle inclusion proof, and issuer key snapshot — everything needed for offline verification. See proof bundles.
• Receipt search: Search across receipts using full-text queries and faceted filters — by type, status, issuer, date range, or indexed payload fields. See receipt search.
• Receipt export: Queue asynchronous bulk exports of receipts as JSON or CSV. Poll for completion and download from a pre-signed URL. See receipt export.
• Receipt redaction: Permanently remove PII from a receipt’s payload while preserving the cryptographic proof, transparency log entry, and Merkle inclusion proof. A RECEIPT_REDACT event is anchored in the log for auditability. Use this for GDPR right-to-erasure requests. See receipt redaction.
• Receipts API: Manage receipts programmatically — mint (POST /v1/receipts), list with filters (GET /v1/receipts), retrieve by ID (GET /v1/receipts/{id}), and revoke (POST /v1/receipts/{id}/revoke). All endpoints support idempotency keys. See the receipts API reference.
• Receipts in the console: A new Receipts page in the console lets you browse, search, and filter receipts by type and status. Click any receipt to view its full detail page, including the cryptographic signature and transparency log anchor. A separate Receipt Types page lets you manage custom types and view signing policies.
• SDK support: The JavaScript, Go, and Python SDKs now include a full receipts resource — mint, list, get, revoke, verify, search, export, redact, proof bundle download, and type management. See SDK examples.
• Receipt webhook events: Subscribe to receipt.created, receipt.revoked, receipt.type.created, and receipt.type.deprecated events via your existing webhook endpoints to react to receipt activity in real time.
• Retention policies: Set a retention policy when minting a receipt — standard (2 years), extended (7 years), or permanent — to control how long receipt data is retained. Expired receipts are cleaned up automatically. See retention policy.

​

Bug fixes

• Fixed a login issue where newly verified tenants were blocked from signing in. If you verified your email but couldn’t log in, this has been resolved — your account is now activated automatically upon email verification.
• Fixed a server error that could occur when listing receipts under certain conditions, improving reliability of the receipts API.
• Fixed an incorrect icon on the Receipts navigation item in the console that displayed a fallback instead of the intended icon.

​

OIDC single sign-on, announcements broadcast console, and industry solution pages

​

New features

• OIDC single sign-on: Organization administrators can now configure Single Sign-On using any OpenID Connect-compliant identity provider — including Google Workspace, Okta, Auth0, and Microsoft Entra ID. Enter your provider’s Issuer URL, Client ID, and Client Secret in Settings > Security > SSO, and the system auto-generates the correct Redirect URI. Test the connection directly from the settings page before enabling it for your team. Each tenant manages its own independent SSO configuration. This works alongside the existing SAML SSO option, giving you flexibility to use whichever protocol your identity provider supports.
• Announcements broadcast console: Platform administrators can now compose and broadcast announcements to every tenant on the platform from a dedicated console page. Set a subject, message body, and priority level (Normal, Urgent, or Critical), then publish instantly. Broadcast history is searchable and filterable by priority. Tenants receive announcements in their console inbox with read tracking and priority indicators.
• Industry solution pages: The marketing site now includes dedicated pages for eleven industries and use cases — Fintech, Healthcare, Government, HR, Supply Chain, Regulatory Compliance, Document Integrity, Credential Verification, B2B, B2B2C, and B2G. Each page explains how the platform applies to that vertical with industry-specific pain points, implementation workflows, and calls-to-action. Browse them at truthlocks.com.
• Product hub pages: Ten new deep-dive pages on the marketing site cover each core platform component — attestation service, compliance engine, governance framework, proof bundles, transparency log, trust registry, and verification platform — giving prospective users a detailed overview before signing up.

​

Updates

• Incident history page: The public status page now includes a dedicated incident history page listing past incidents and scheduled maintenance windows. Each entry shows severity, affected services, resolution status, and a full timeline of updates — making it easier to review platform reliability over time. See health monitoring.
• Enterprise contact and procurement pages: New enterprise landing and contact sales pages on the marketing site let prospective enterprise customers request a demo or start a procurement conversation directly. A billing FAQ and legal/SLA terms page are also available to streamline procurement.

​

Production readiness milestone, tenant lifecycle improvements, and security hardening

​

Updates

• Tenant lifecycle improvements: The tenant signup flow now follows a clear three-stage progression — Pending, Onboarding, and Active. New tenants start in Pending status after signup, move to Onboarding when they complete their profile, and transition to Active after platform approval. This gives administrators better visibility into where each tenant is in the onboarding process. See the tenant management guide.
• Signing key security enforcement: All attestation signing in production now uses KMS-backed keys exclusively. Development keystores are blocked from running in production and staging environments, ensuring every signature is backed by hardware-grade key protection.
• Tenant isolation hardening: Row-level security policies have been standardized across all services, closing edge cases where tenant data boundaries could be inconsistent. CI gates now prevent regressions, so every release is verified for tenant isolation before deployment.
• API contract verification: A new automated check validates that the OpenAPI specification matches live API handlers on every release. This prevents drift between the API reference and actual API behavior, so the documentation you read always reflects what the API does.
• Gateway route parity: Development and production API gateways are now verified to serve identical route surfaces, eliminating environment-specific routing differences that could cause unexpected behavior when moving from sandbox to production. See environments.
• DDoS and bot protection: Production endpoints are now protected by WAF rules and bot defenses at the edge, adding a layer of protection in front of existing rate limits and abuse hardening.

​

Blog CMS Markdown editor, add-on quantity support, and billing admin refinements

​

Updates

• Markdown content editor: The blog CMS content editor now uses Markdown instead of HTML, making it easier to write and format posts without switching between markup languages. All existing posts continue to render correctly.
• Blog search improvements: The blog post list in the console now filters by title, category, and tags — previously search only matched on title. Use this to find posts faster when managing a large content library. See the blog CMS guide.
• Streamlined publish flow: The blog post editor now uses a single Publish button instead of the previous Save & Publish label, reducing confusion between saving a draft and publishing. Draft posts can still be published later from the post list. See the blog CMS guide.
• Add-on quantity support: Seat-based add-ons like Extra Seats now let you choose the number of units at checkout. The add-ons marketplace shows a quantity selector for applicable add-ons alongside your regional price and a one-click attach button.
• Regional pricing in add-on checkout: When attaching a paid add-on, the checkout flow now shows your region-adjusted price automatically. For example, the Compliance Pack displays $149.50/month for tenants in Nigeria (0.5x multiplier) instead of the$299 base price. See regional add-on pricing.
• Expanded dunning override guidance: The dunning overrides controls now include specific use-case guidance for each action — restoring access during a billing dispute, extending grace periods for wire transfers, switching to manual dunning after an enterprise contract, and accommodating government procurement timelines.
• Grace period metric details: The grace period controls now display the metric name, extra allowance, and expiration date for each active grace period, making it easier to audit temporary quota extensions at a glance.

​

Blog CMS for platform administrators

​

New features

• Blog CMS: A full content management system is now available in the platform console. Create, edit, publish, and archive blog posts at www.truthlocks.com/blog without leaving the console. Posts support Markdown, cover images, categories, and tags — and automatically include Open Graph tags, Twitter Cards, and JSON-LD structured data for search engine visibility. Filter posts by status or category, and manage the full lifecycle from draft to archive. Requires the content admin or super admin platform role. See the blog CMS guide.
• Blog API: Manage posts programmatically via six new API endpoints — list, create, get, update, publish, and archive. Use these to integrate blog publishing into your existing content workflows or build custom editorial tools. See the blog CMS API reference.

​

Dunning contract modes, add-on price transparency, and expanded regional pricing

​

Updates

• Dunning contract modes: Billing administrators can now choose between three contract modes when overriding a tenant’s dunning behavior — Standard (automatic retries on a fixed schedule), Enterprise (manual intervention only, for wire or PO payments), and Government (no automatic retries, for government procurement timelines). Set the contract mode from the tenant billing detail page. See dunning overrides.
• Add-on price transparency: The add-ons catalog now displays base prices for all seven add-ons — from $25/seat/month for Extra Seats to$499/month for Private Log — so you can compare costs before attaching an add-on. See add-ons.
• Grace period metric selection: When granting a temporary grace period, you can now choose from four specific metrics — verifications, mints, webhook endpoints, and storage — giving you precise control over which quota to extend. Multiple grace periods for different metrics can be active simultaneously. See grace period controls.
• Expanded Tier 1 regional pricing: Ten additional countries have been added to the Tier 1 pricing region — Netherlands, Switzerland, Ireland, Italy, Spain, Sweden, Norway, Denmark, Finland, and New Zealand — so tenants in these markets now pay the standard base price for add-ons. See regional add-on pricing.

​

Regional add-on pricing, tenant billing monitoring, and admin override controls

​

New features

• Regional add-on pricing: Add-on prices now adjust automatically based on your organization’s country. The billing system groups countries into five pricing tiers — from full price in Tier 1 markets (US, GB, DE) to 50% in Africa and South Asia — so teams in emerging markets pay a fair local rate without any manual configuration. Preview pricing for any region from the add-ons page. See regional add-on pricing.
• Tenant billing monitoring: Platform billing administrators now have a dedicated dashboard showing total MRR, subscription status breakdown, and a per-tenant table with plan, payment provider, last payment date, and MRR contribution. Click any row to open the tenant billing detail page with subscription, entitlement, and invoice data. See billing operations.
• Entitlement overrides: Platform admins can now set per-tenant feature flags and quota overrides that take precedence over plan entitlements — useful for custom agreements, pilot programs, or temporary access grants. Overrides persist until removed and do not expire with the billing cycle. See billing operations.

​

Updates

• Dunning overrides: Billing administrators can now override a tenant’s dunning state directly from the tenant billing detail page. Use this to restore access during a billing dispute or while waiting for a wire transfer to clear. See billing operations.
• Grace period controls: Grant temporary metric grace periods that extend a tenant’s access beyond plan limits for a specified duration. Set the metric, amount, and hours from the tenant billing detail page — grace periods expire automatically. See billing operations.
• Subscription management guide: A new step-by-step guide walks you through the full billing lifecycle — choosing a plan, estimating costs, subscribing via checkout, attaching add-ons, monitoring usage, and canceling. See subscription management.

​

Blog launch, help center, and SEO improvements

​

New features

• Blog: The marketing site now includes a blog with 12 articles across six categories — Product, Security, Engineering, Company, Developer, and Partnerships. Each post includes structured data for rich search snippets, cover images, and newsletter signup. Filter by category to find topics relevant to you.
• Help center: A new help page organizes support resources into four sections — Getting Started, Developers, Creators, and Enterprise — with direct links to guides, API docs, and contact options so you can find answers faster.

​

Updates

• SEO improvements: All public-facing apps — marketing site, docs, verify portal, status page, and transparency log — now include canonical URLs, Open Graph tags, Twitter cards, JSON-LD structured data, and sitemaps. Pages render richer previews when shared on social media or indexed by search engines.
• Marketing page accuracy: Several marketing pages have been updated to align more closely with current platform capabilities.
• Non-www redirect: Requests to truthlocks.com now automatically redirect to www.truthlocks.com for consistent URLs across search indexing and link sharing.

​

Bug fixes

• Fixed an incorrect social media link that pointed to the wrong X (Twitter) account.

​

Billing self-service APIs

​

New features

• Plan catalog API: Browse all available subscription tiers — including pricing, features, and quotas — via GET /v1/billing/plans. Use this to build custom pricing pages or let users compare plans before subscribing. No authentication required. See list plans.
• Per-use rate lookup: Check your tenant’s effective per-mint and per-verification rates, including any custom rate card or regional pricing adjustments, via GET /v1/billing/rates. See get rates.
• Plan cost estimator: Submit your expected usage to POST /v1/billing/estimate and receive a plan recommendation with estimated monthly cost — useful for onboarding flows and pricing calculators. No authentication required. See estimate plan cost.
• Projected invoice calculator: Get a line-item invoice breakdown for any combination of mints, verifications, and plan via POST /v1/billing/projected-invoice. Regional pricing adjustments are applied automatically when you include a country code. See projected invoice.
• Subscription cancellation API: Cancel your subscription via POST /v1/billing/cancel. Access continues through the end of your current billing period, then downgrades to the Developer (free) plan. See cancel subscription.
• Billing portal sessions: Redirect users to their payment provider’s self-service portal (Stripe, Paystack, or Flutterwave) via POST /v1/billing/portal to update payment methods, view invoices, and manage subscriptions. See create portal session.
• Add-on management API: Attach and detach add-ons — extra seats, priority SLA, private log, compliance pack, white-label branding, rate limit boost, and extended retention — via the add-ons endpoints. Free add-ons activate immediately; paid add-ons return a checkout URL.

​

Single lead creation API, privacy job detail page, and support session improvements

​

New features

• Single lead creation API: Add a single lead to your pipeline via POST /v1/platform/growth/leads. Specify email, name, company, title, industry, LinkedIn URL, country, and timezone — the lead is created in the global pool and can be assigned to a campaign separately. Country codes are used to infer timezone for timezone-aware outreach, or you can set an explicit IANA timezone. See create a single lead.

​

Updates

• Privacy job detail page: Click any job in the data lifecycle console to open a detail page showing job information (type, target, reason), request context (tenant, requester, approver), and result data — including download URLs for exports or record-removal summaries for erase and purge jobs.
• New privacy job statuses: Data lifecycle jobs now track two additional statuses — Approved (queued for processing after review) and Rejected (denied by a platform administrator) — giving you clearer visibility into the review workflow. See data lifecycle.
• Support session management improvements: The support session list now opens with stat cards showing active, revoked, and expired session counts. Session columns have been reorganized to prioritize status, scopes, reason, and timing information for faster scanning.

​

Platform command center, partnership pricing, and billing operations console

​

New features

• Platform command center: Platform administrators now land on a command center that shows live metrics — total tenants, issuers, users, and attestations — alongside pending review counts, aggregate usage bars, and service health indicators. Suspended or onboarding tenants are flagged at a glance so you can act without navigating to separate pages.
• Partnership pricing: Create custom rate cards with per-operation pricing for partner tenants. Each rate card defines unit prices for mints and verifications, and can be assigned to one or more tenants with an effective date. Use this to offer negotiated pricing to strategic partners or volume customers without changing your standard plan rates.
• Billing operations console: A new operations hub lets billing administrators issue partial or full refunds across payment providers, apply manual credits and adjustments, create offline invoices, monitor payment failures and account suspensions, and review enterprise purchase orders — all from a single page. Available to users with the billing admin platform role.

​

Updates

• Per-tenant billing detail: The tenant billing page now shows each tenant’s subscription status, payment provider, MRR contribution, and dunning state. Billing administrators can override grace periods and adjust entitlements directly from the tenant detail view. See tenant management.
• Usage projections: The usage page now includes a projected monthly spend estimate based on your current consumption rate and active rate card, so you can forecast costs before the billing cycle closes.

​

Staff detail page, granular data lifecycle jobs, and support session audit logs

​

New features

• Staff detail page: Click any staff member to open a dedicated detail page where you can edit their display name, toggle roles on or off with descriptions, and deactivate or reactivate their account — all from a single view. See platform staff.
• Force logout for tenants: Support staff can now immediately terminate all active sessions for a tenant from the support console. This is useful when responding to a compromised account or during an active security incident.
• Support session access logs: Every API request made during an impersonation session is now recorded in a per-session access log — including HTTP method, path, status code, and request ID. Open any session from the support console to review exactly what was accessed.

​

Updates

• Granular data lifecycle job types: The data lifecycle console now distinguishes between three job types — Export (package data for download), Erase (delete personal data while preserving anonymized records), and Purge (irreversibly remove all data including anonymized records). Previously, the console grouped these as Export or Deletion.
• Support console health overview: The support console now opens with four stat cards — total tenants, healthy, warning, and critical — giving support staff an at-a-glance view of platform health before drilling into individual tenants.
• Support session creation flow: Creating an impersonation session now requires a reason (minimum 10 characters) and lets you set a custom TTL from 1 to 60 minutes. Both fields are recorded in the audit log for compliance.

​

Institutional plan tier, platform admin tools, and payment failure lifecycle

​

New features

• Institutional plan tier: A new Institutional plan sits between Business and Enterprise, designed for large enterprises with advanced security needs. It includes a private transparency log, HSM integration, SSO/SCIM, full RBAC and audit logs, compliance pack, white-label branding, and a 1-hour support SLA — without requiring a custom Enterprise contract.
• Payment failure lifecycle: When a payment fails, your account now follows a graduated access workflow — Degraded, Restricted, then Suspended — with a grace period at each stage so you have time to resolve the issue. A console banner and email notifications keep you informed throughout. Check your current billing status at any time via GET /v1/billing/status. See payment failures and grace periods.
• Billing status API: A new GET /v1/billing/status endpoint returns your current billing state, including feature_mode (Normal, Degraded, Restricted, or Suspended) and a grace_until timestamp. Use this in your integration to surface payment prompts to your users before access is restricted.
• Tenant management console: Platform administrators now have a dedicated tenant management page for viewing, filtering, and managing every tenant on the platform. Search by name, status, plan, or region; take lifecycle actions like approve, suspend, and reinstate; drill into a nine-tab detail view covering users, API keys, webhooks, activity, billing, notes, issuers, and compliance; and export the full tenant list as CSV.
• Platform staff management: Invite new platform team members, assign granular roles (super admin, billing admin, content admin, support admin, reviewer), and deactivate or reactivate accounts — all from the platform staff page.
• Platform rate limit administration: View system-wide default rate limits and configure per-tenant overrides when a tenant needs higher or lower throughput. Supports bulk updates for onboarding groups of enterprise tenants with the same requirements.
• Data lifecycle administration: A centralized data lifecycle page for managing cross-tenant privacy jobs — including data export requests, account deletion requests, and legal holds. Approve or reject jobs that require manual review, and place legal holds to prevent data deletion during litigation or compliance audits.
• Platform support console: A support console with live tenant health signals (status, last seen, API calls, error rate) and the ability to create scoped impersonation sessions for troubleshooting — all fully audited.

​

Updates

• Refreshed plan names and quotas: The free tier has been renamed from Free to Developer, and the entitlement quota table now includes all five tiers — Developer, Starter, Business, Institutional, and Enterprise — with support SLA, private transparency log, and HSM integration rows.
• Add-on catalog: Seven standardized add-ons are now available across all paid plans — Extra Seats, Priority SLA, Private Log, Compliance Pack, White-Label, Rate Limit Boost, and Extended Retention. Manage add-ons from the console or check your active add-ons via the entitlements endpoint.

​

AI-powered follow-up decisions and automatic email verification

​

New features

• AI follow-up strategist: The AI CMO now evaluates each lead individually before every follow-up email — considering campaign strategy, prior contact history, and engagement signals — rather than relying solely on a fixed schedule. If the AI determines a follow-up is unlikely to be productive, it skips the send. Follow-up decisions are visible in the Command Center cycle feed alongside other agent reasoning. You control the maximum number of follow-ups per lead with the max_followups campaign setting (default: 3, up to 10). See AI CMO campaigns.
• Automatic email verification: Every lead discovered through multi-source lead discovery is now automatically verified for deliverability before being imported into a campaign. Leads scoring below the verification threshold are filtered out, reducing bounce rates without any configuration on your part. For GitHub-sourced leads with no public email, the platform also attempts to find a verified email address automatically.

​

Updates

• Lower bounce rates across campaigns: The combination of pre-send email verification and AI-driven follow-up decisions means fewer emails are sent to invalid addresses or unresponsive leads, improving overall sender reputation and deliverability.

​

Platform observability dashboard, Command Center cycle feed, and trace lookup

​

New features

• Platform observability dashboard: Platform administrators now have a dedicated observability dashboard separate from the tenant view. It includes a KPI row (gateway status, healthy service count, SLO status, and recent errors), an availability gauge with error budget tracking, SLO scorecards for availability and p99 latency, and seven-day trend charts with SLO target reference lines — giving you a single page to assess the health of your entire environment.
• Trace lookup: Enter any trace ID in the platform observability dashboard to get a direct link to AWS X-Ray or your OTLP backend for that request. Use this to jump from a high-level alert to a specific distributed trace without switching tools.
• CloudWatch launchers: Quick-launch buttons on the platform observability dashboard open your AWS Dashboard, Metrics, Logs Insights, X-Ray, and Alarms directly — reducing context-switching when investigating issues.
• Command Center cycle feed: The AI CMO Command Center now includes a cycle feed panel listing every reasoning cycle with turn counts, execution time, and a decision preview. Click any cycle to open the decision modal for a full deep-dive — including a turn composition chart, performance grid, and the complete reasoning trail.

​

Updates

• Campaign health card: The Command Center now shows a compact health card with color-coded bounce rate and reply rate chips, a bounced email count, and a daily cap progress bar — so you can spot delivery issues without opening individual campaigns.
• Error distribution chart: The platform observability dashboard breaks down recent errors by signature in a color-coded bar chart, with each error group showing its count, source, and sample trace IDs for faster root-cause analysis.
• Service health donut: A compact radial chart on the platform dashboard shows the ratio of healthy, degraded, and unknown services at a glance, alongside expandable detail cards for each service with links to logs and traces.
• Auto-refresh toggle: The platform observability dashboard now supports toggling auto-refresh on or off, with a visible countdown to the next poll. Data sources refresh every 30 seconds when enabled.

​

AI CMO Command Center and interactive charts across the console

​

New features

• AI CMO Command Center: The agent activity viewer has been completely rebuilt as a four-column command center. Six stat cards show total cycles, thoughts, tool calls, emails sent, bounces, and replies with animated counters. New interactive charts display cycle activity over time, email performance by status, a delivery funnel breakdown, and AI tool-call distribution — giving you a real-time operational view of every running campaign.
• Decision inspector: Click any orchestration cycle in the Command Center to open a decision modal showing the turn composition breakdown, structured reasoning trace, and a turn-by-turn card trail. This makes it easier to understand exactly why the AI took a specific action during a campaign.
• Smart alerts panel: The Command Center now surfaces synthetic alerts derived from campaign stats — including high bounce rate warnings, low reply rates, and stalled cycles — so you can spot issues at a glance without digging through logs.

​

Updates

• Growth dashboard charts: The growth dashboard now includes interactive charts for emails sent per campaign (grouped by status), reply rate trends over time, and campaign status distribution — replacing the previous text-only stats view.
• Platform observability charts: The observability dashboard now displays service latency as a horizontal bar chart with a 200 ms SLA reference line, an availability gauge with SLO scorecard, 7-day trend lines for availability and p99 latency, and an error distribution chart. All charts support light and dark themes.
• Tenant dashboard attestation insights: The tenant console dashboard now shows three new visualizations — an attestation status donut chart (active, revoked, and other), an issuer coverage bar chart, and an active attestation rate gauge — giving tenant administrators an instant snapshot of their credential health.
• Tenant observability charts: The tenant-level observability dashboard now includes a latency trend area chart with color-coded service overlays, an attestation lifecycle breakdown, and usage quota bars with plan limit markers.
• Full dark mode support for Command Center: The AI CMO Command Center now fully supports light and dark themes, replacing previously hardcoded dark backgrounds with proper theme-aware styling.

​

Inbound webhook route conflict fix

​

Bug fixes

• Inbound webhook route conflict fix: A server route naming conflict could cause inbound reply capture requests to be intercepted by the outbound delivery webhook handler instead of the dedicated inbound handler. The inbound route has been renamed to eliminate the overlap, ensuring all inbound replies are correctly routed to the reply capture handler. If you experienced intermittent missing replies despite the fixes in the previous two weeks, this resolves the underlying cause.

​

Reply capture routing fix

​

Bug fixes

• Reply capture routing fix: Inbound replies to AI CMO campaign emails could be misrouted to the delivery notification handler instead of the reply capture handler, causing replies to be silently lost. The inbound webhook route now takes priority over the general delivery route, so all replies are correctly captured and classified. If you noticed missing replies after last week’s HTTPS fix, this resolves the issue.

​

Reply capture reliability fix

​

Bug fixes

• Reply capture delivery fix: Inbound replies to AI CMO campaign emails could be silently dropped when the reply capture webhook was configured over HTTPS. The system now correctly completes the SNS subscription handshake for HTTPS endpoints, so all replies are captured and classified as expected. If you previously noticed missing replies in your campaign activity, this resolves the issue.

​

Growth dashboard, knowledge base, and pipeline management tools

​

New features

• Growth dashboard: The console now opens to a dashboard showing active campaigns, emails sent today, average bounce rate, and total replies — plus a recent campaigns list and an activity feed. The same data is available programmatically via the dashboard API. The bounce rate card turns red when the average exceeds 3%.
• Knowledge base for AI personalization: Store product information — features, use cases, ICPs, personas, pain points, differentiators, objection handlers, pricing, and industry context — that the AI CMO injects into every email prompt. Higher-priority entries are weighted more heavily. Manage entries from the console or the knowledge base API.
• Email management page: A new Growth > Emails page in the console shows every AI-generated email across all campaigns with filters for campaign, status, and simulation mode. Click any email to see its content hash, AI prompt hash, SES message ID, delivery event timeline, and rendered body preview. See email management.
• Cross-campaign approval queue: The Growth > Emails > Pending Approval page consolidates all emails awaiting manual approval from every campaign with approval mode enabled into a single queue. See cross-campaign approval queue.
• Global kill switch: Immediately stop all active campaigns from sending emails with one toggle in Growth > Settings or a single API call. Use this as an emergency stop across your entire outbound program. See global kill switch.
• Public lead-capture endpoint: Send contact form submissions from your website directly into the leads pipeline using an unauthenticated endpoint at POST /v1/public/leads. Includes a honeypot field for spam prevention and rate limiting at three submissions per IP per hour. See capturing leads from your website.
• Newsletter subscriber management and campaign API: Manage newsletter subscribers and broadcast campaigns programmatically — list, add, and remove subscribers, create and send campaigns, and track delivery stats via the API. See the newsletter campaigns guide.
• Observability dashboard: Monitor your environment from a four-tab dashboard in the console — Overview (attestation counts, latency gauges, service health), Services (per-service SLA compliance and uptime), Usage & Quotas (mint, verify, and storage consumption against plan limits), and Security (cryptographic integrity and tenant isolation posture). Available on Business and Enterprise plans. See the observability guide.

​

Updates

• Lead CSV export: Export your full leads pipeline as a CSV file from the console with one click. The export includes ID, name, email, company, source, status, and creation date. See exporting the pipeline.
• Lead-to-customer conversion: Qualified leads can now be converted directly to customers from the lead detail page. Clicking Convert / Onboard Customer sends a branded onboarding invite to the lead’s contact address. See converting a lead.

​

Delete leads from the AI CMO pipeline

​

New features

• Lead deletion: Remove a lead from your pipeline by clicking Delete next to any lead in the console leads list, or by calling DELETE /v1/platform/leads/{id}. Emails already sent to the lead remain in the campaign’s email log for audit purposes. See the AI CMO guide.

​

Verify portal dark mode, redesigned navigation, and four badge styles

​

New features

• Dark mode: The verify portal now supports dark mode across all consumer pages. Switch between light, dark, and system appearance modes from the toggle in the top bar. Your preference persists across sessions. See the consumer portal guide.
• Four badge styles: Embeddable verification badges are now available in four styles — default, flat, large, and minimal — each with a dark theme variant. Use large on landing pages to show the protection date and content title, or minimal for inline text and README footers. See embeddable badges.
• Redesigned protection certificates: Downloaded protection certificates now feature a premium SVG design with a dark header, circular seal, and corner ornaments — suitable for legal evidence, portfolio displays, or print. See embeddable badges.

​

Updates

• Redesigned sidebar navigation: The verify portal navigation has been rebuilt as a collapsible rail — a narrow 64 px icon strip that expands on hover to show labels. Pin it open if you prefer a persistent sidebar. On mobile, navigation opens as a slide-out drawer from the hamburger menu. See the consumer portal guide.
• UI refresh across all consumer pages: Every page in the verify portal — Dashboard, Protections, Inbox, History, Saved, Profile, Privacy, Security, Billing, and Settings — now features improved loading skeletons, richer card layouts, and a consistent visual language. Protections adds search and sort controls, and the Settings hub uses a card grid with animated navigation.

​

HubSpot settings API, reply capture configuration, and AI model tier visibility

​

Updates

• HubSpot settings API: Connect and disconnect HubSpot programmatically by setting hubspot_api_key and hubspot_portal_id via the settings endpoint. Previously, HubSpot configuration was only available from the console. Set both fields to null to disconnect.
• Reply capture address configuration: The reply_to_address field is now available in the AI CMO settings API, so you can configure your dedicated reply address (e.g. sales@yourcompany.com) programmatically. This is the address used for automatic reply capture across all campaigns.
• AI model tier visibility: The settings API now exposes bedrock_model_fast and bedrock_model_write as read-only fields, so you can see which AI models are assigned to lead scoring, reply classification, and email generation. Combined with the existing bedrock_model_id field for campaign reasoning, all three model tiers are now visible from a single API call.

​

Salesperson personas, strategic campaign planning, and multi-touch engagement sequences

​

New features

• Salesperson personas: Every campaign now automatically generates a salesperson persona — a persistent fictional identity with a name, title, personality style, and industry-relevant backstory. All emails in a campaign are written in that persona’s voice and signed with their name, so recipients always hear from the same person across follow-ups. The persona is tailored to your target audience: a campaign targeting financial services gets a compliance-background persona, while a campaign targeting engineering leaders gets an enterprise SaaS persona. See salesperson personas.
• Strategic campaign planning: The Campaign Director now performs market research and competitive analysis before generating any emails. Each campaign plan includes pain point mapping, objection handling strategies, competitor positioning, and industry-specific triggers — giving the AI deeper context to craft relevant, specific messaging instead of generic outreach. These strategic insights are visible in the campaign detail view.
• Multi-touch engagement sequences: Campaigns now design structured multi-touch sequences where each email in a follow-up series has a distinct purpose — introduction, technical deep-dive, case study, or closing. Previously, follow-ups were generated independently without a cohesive progression. The sequence strategy is planned upfront and adapts based on campaign performance.

​

Updates

• Human-quality email writing: The AI writing model has been rewritten to produce warmer, more specific emails — with shorter copy (150 words max), no buzzwords, and concrete talking points drawn from the campaign’s strategic plan and knowledge base. Emails now read like they were written by a real salesperson, not generated by AI.
• Smarter mid-flight strategy adjustments: The strategist agent now performs root-cause diagnosis using the full strategic context — including market analysis, objection maps, and sequence performance — when adjusting a live campaign, rather than surface-level tone tweaks.

​

HubSpot deal pipeline, automatic reply capture, and advanced lead discovery sources

​

New features

• HubSpot deal pipeline: Hot leads now create deals in HubSpot automatically, with email activity logged on each contact record and lifecycle stages updated as leads progress. Previously, CRM sync only created a contact with a note — now the full sales pipeline is managed in HubSpot from first touch through qualification. See CRM integration.
• Automatic reply capture: Inbound replies to campaign emails are now captured and matched to the originating lead and campaign automatically. The system links each reply to the most recent sent email for that lead, so the AI can classify sentiment and route hot leads to your CRM without manual forwarding or inbox monitoring. See reply classification.
• Google search lead discovery: The prospector agent now discovers leads through Google search — building intelligent queries that target LinkedIn profiles, team pages, regulatory filings, and professional directories. This surfaces prospects who may not appear in traditional sales databases. See multi-source lead discovery.
• Directory lead discovery: A new directory scraping source finds leads from open web sources including SEC EDGAR filings, industry associations, and professional directories. This is especially useful for campaigns targeting regulated industries where public disclosure data is rich and reliable. See multi-source lead discovery.

​

Updates

• Four-tier enrichment priority: The lead discovery failover chain now follows a four-tier priority order — Apollo, Google search, directory sources, then GitHub — giving the prospector more fallback options and broader coverage before exhausting all sources. See multi-source lead discovery.
• Lead source attribution: Each discovered lead now tracks the actual enrichment source it came from, so you can see in the agent activity viewer whether a lead was found through Apollo, Google, a public directory, or GitHub.

​

Higher daily send cap, automatic email retry, smarter lead discovery, and cross-campaign deduplication

​

Updates

• Higher daily send cap: The default daily email cap for AI CMO campaigns has been raised from 50 to 1,000, so campaigns can reach more prospects each day without manual configuration. You can still set a custom cap per campaign. See safety limits.
• Automatic email retry: Failed emails are now automatically retried within 24 hours on each orchestrator cycle. Previously, failed sends required manual intervention or a campaign restart.
• Smarter lead discovery: The lead discovery engine now extracts industries, company size, and keywords from your ICP description — not just job titles. This means campaigns find a broader, more relevant set of prospects from enrichment providers. See multi-source lead discovery.

​

Bug fixes

• Cross-campaign lead deduplication: Leads already being contacted by another active campaign are now automatically skipped during discovery. Previously, the same prospect could receive outreach from multiple campaigns simultaneously, which risked duplicate emails and higher complaint rates.
• The AI learning engine now correctly parses strategy insights from the AI model, fixing an issue where learnings could fail to save between cycles.

​

Continuous campaigns, campaign reactivation, and periodic learning

​

New features

• Continuous campaigns: Campaigns are now continuous by default — they keep discovering leads and sending emails indefinitely without auto-completing. This is ideal for ongoing outbound programs where you want the AI CMO to keep engaging new prospects over time. Set continuous to false when creating a campaign if you want it to auto-complete after all leads are processed. See continuous campaigns.
• Campaign reactivation: Transition a completed or failed campaign back to active with a single API call or from the console. All leads are reset to pending so they re-enter the processing pipeline. Use this to re-run a campaign after updating your knowledge base or adjusting the AI strategy — no need to create a new campaign from scratch. See reactivate a campaign.

​

Updates

• Periodic learning: The AI CMO now synthesizes campaign learnings every 20 emails while a campaign is running, rather than waiting for the campaign to complete. This means the AI improves its messaging continuously — especially important for continuous campaigns that may run for weeks or months. See periodic learning.
• Template campaigns are continuous by default: Campaigns cloned from templates are now always continuous, so your template-based outreach keeps running without manual restarts.

​

JS and Python SDK idempotency prefix support

​

New features

• JS/TS SDK idempotency prefix: Set idempotencyPrefix when initializing the JavaScript SDK to namespace auto-generated idempotency keys across services sharing the same tenant. See the idempotency keys section for a multi-service example.
• Python SDK idempotency prefix: Set idempotency_prefix when initializing the Python SDK to namespace auto-generated idempotency keys. The retry behavior section now includes a callout linking to idempotency key configuration. See the idempotency keys section for details.

​

AI CMO agentic upgrades, multi-source lead discovery, and security hardening

​

New features

• Agentic campaign engine: The AI CMO now uses four specialized AI agents — Campaign Director, Prospector, Writer, and Strategist — that collaborate through a reason-act loop. Each agent plans, executes, observes results, and adjusts its approach autonomously. View every decision in the agent activity viewer.
• Multi-source lead discovery: Campaigns automatically discover leads across multiple enrichment providers with circuit-breaker failover. If one provider is rate-limited or unavailable, the system switches to the next source without interrupting your campaign. See multi-source lead discovery.
• Timezone-aware outreach: Campaign emails now send only during 9 am–6 pm in the recipient’s local timezone on weekdays. Leads outside business hours are automatically deferred to the next available window. See timezone-aware outreach.
• Use Template flow: Clone any of the ten pre-built campaign templates into a live campaign with a single click. Strategy, audience targeting, and configuration are copied automatically — just activate to start.

​

Updates

• Agent activity viewer redesign: The agent activity viewer now groups activity by orchestration cycle with animated counters, a campaign health bar, and sidebar stats. Agent reasoning, tool calls, and results are shown inline with live indicators when a campaign is running.
• Campaign learning loop: Each completed campaign synthesizes what worked — effective personas, messaging angles, subject lines — and applies those learnings to future campaigns automatically. Active campaigns also receive mid-flight strategy adjustments based on bounce and reply rates.
• Transparency app security hardening: Truth Explorer now enforces a stricter Content Security Policy, removing overly permissive script and connection directives.

​

Bug fixes

• Admin-approved campaign emails that were stuck in a “queued” state are now sent as expected. Previously, emails created with approval mode could be approved but never delivered.
• Campaign lead discovery no longer enters an infinite loop when all discovered leads are outside business hours.
• The lead import count now accurately reflects newly added leads instead of counting duplicates.

​

Go SDK idempotency prefix, accounting export improvements, and portal fixes

​

New features

• Go SDK idempotency prefix: Set a custom prefix with the new IdempotencyPrefix config option when initializing the Go SDK to namespace auto-generated idempotency keys across services — useful when multiple applications share the same tenant.

​

Updates

• Accounting export improvements: The accounting export endpoint now defaults to CSV format and accepts simplified date range parameters (from and to in YYYY-MM-DD format). If no date range is provided, the export covers the last 30 days. See billing.
• Simplified username claim response: The username claim endpoint now returns a streamlined response with just the status and username fields. Your portfolio URL is derived from your username at verify.truthlocks.com/portfolio/{username}.

​

Bug fixes

• The verify portal navigation hamburger menu now opens and closes correctly on mobile.
• Truth Explorer now displays error messages when checkpoint data fails to load, instead of showing a blank “No checkpoints” state.

​

Typed SDK errors, automatic idempotency keys, and smarter retry behavior

​

New features

• Typed error handling in all SDKs: Every API error now returns a structured error object with the HTTP status, machine-readable error code, and human-readable message. The Go SDK adds .IsCode() and .NotFoundError() helpers for concise error branching. The Python SDK exports a NotFoundError subclass you can catch directly. See the error handling section on each SDK page.
• Automatic idempotency keys: The JavaScript and Go SDKs now generate Idempotency-Key headers automatically on write operations like mint and revoke, making retries safe by default. Set a custom prefix with the idempotencyPrefix config option to namespace keys across services.
• Bearer token authentication: The JavaScript SDK now supports session-based JWT authentication alongside API keys and service keys — useful for frontend apps and OAuth-based login flows where a short-lived token is already available. See authentication.

​

Updates

• Retry-After header support: All three SDKs — JavaScript, Go, and Python — now honor the Retry-After header on HTTP 429 responses, waiting exactly as long as the server specifies instead of relying solely on exponential backoff. This prevents unnecessary retries when you hit a rate limit.
• Configurable request timeouts: Set a custom timeout when initializing any SDK — milliseconds in JavaScript, time.Duration in Go, or seconds in Python. The default is 30 seconds across all three.
• Disable automatic retries: Set maxRetries (or max_retries in Python) to 0 to turn off built-in retries entirely — useful when you have your own retry logic or need deterministic failure behavior. See the retry configuration section on each SDK page.
• Email delivery on mint: Pass a recipient_email when minting an attestation to deliver the credential directly to the recipient’s inbox. Available in all three SDKs and in the batch minting examples.
• Custom HTTP client in Go: Inject your own *http.Client when initializing the Go SDK to configure custom TLS, proxies, or connection pooling for enterprise environments.

​

Key compromise reporting, service key auth, and webhook signature verification

​

New features

• Key compromise reporting: If a signing key is compromised, report it immediately from the JavaScript or Go SDK to flag the key and block further signing — protecting existing attestations while you rotate to a new key. See the key compromise endpoint.
• Service key authentication: A new tl_svc_ service key type lets you authenticate server-to-server workloads without a user session. Ideal for background jobs, CI/CD pipelines, and microservice integrations. See the JavaScript SDK.
• Webhook signature verification helper: The JavaScript SDK now includes a verifyWebhookSignature() utility that validates incoming webhook payloads against the x-truthlocks-signature header in a single call. See the SDK examples page for a complete handler.

​

Updates

• Proof bundle download in all SDKs: All three SDKs — JavaScript, Go, and Python — now include a dedicated method to download the proof bundle for any attestation. Previously you needed a direct API call. See the proof bundle spec.
• API key management in JavaScript and Go SDKs: The JavaScript and Go SDKs now support listing, creating, and revoking API keys programmatically. See the API keys endpoints.
• Direct issuer suspend and revoke in SDKs: The JavaScript and Go SDKs now expose direct suspend and revoke methods for cases where you need to act immediately without a governance workflow.
• Python context manager: The Python SDK now supports Python’s with statement for automatic HTTP connection cleanup — useful for scripts and short-lived processes.
• Python environment switching: Pass environment="sandbox" when initializing the Python SDK to target the sandbox API without changing the base URL manually. See environments.
• Verification result caching pattern: The SDK examples page now includes a recommended caching pattern that stores valid results for five minutes while always checking revoked and superseded verdicts fresh — reducing API calls without sacrificing safety.

​

Audit query and governance workflow SDK examples in all three languages

​

Updates

• Audit query SDK examples: The JavaScript, Go, and Python SDKs now include full audit query examples — filter events by resource type, actor, action, or time range, and export compliance reports as CSV. Copy-paste-ready patterns are also available on the SDK examples page.
• Governance workflow SDK examples: All three SDKs now include end-to-end governance workflow examples covering the full lifecycle — create a request, collect approvals, and execute — with code for listing pending requests. See the SDK examples page and individual SDK references for details.

​

Full SDK governance parity, SIEM configuration API, and batch minting in Go and Python

​

New features

• JS and Python SDK governance and audit methods: The JavaScript and Python SDKs now include full governance workflow support — create, approve, and execute governance requests, plus query and export audit logs — matching the Go SDK. All three SDKs now have identical coverage for governance workflows and audit queries.
• SIEM streaming configuration API: Configure real-time audit log streaming to Splunk, Datadog, AWS CloudWatch, Elastic/ELK, or a custom webhook endpoint via the API. Events are buffered and retried automatically if your destination is unreachable. Enterprise tier only. See audit logs.
• Batch minting in Go and Python: The SDK examples page now includes batch minting patterns in Go and Python with configurable concurrency and per-recipient success/failure reporting — matching the existing TypeScript example.

​

Updates

• Superseded verdict version chain: The verify endpoint now returns a superseded_by_attestation_id field when a credential has been replaced, so you can follow the version chain to the latest attestation in a single step.

​

Username claiming, protection visibility, key rotation, and accounting exports

​

New features

• Username claiming: Claim a globally unique username to activate your public portfolio page at verify.truthlocks.com/portfolio/{username}. Your portfolio displays your display name and all public protections with titles, categories, and verification counts. See the portfolio guide.
• Protection visibility toggle: Set any content protection to public or private from the verify portal. Public protections appear on your portfolio and in similarity searches. Private protections are only visible to you. See the visibility endpoint.
• Signing key rotation: Rotate an issuer signing key without revoking it. The old key is marked as rotated and remains valid for verifying existing attestations, while the new key becomes active for all future signing. See the key rotation endpoint.
• Accounting export: Enterprise tenants can export their invoice history as CSV or JSON over a configurable date range. Exports include invoice number, status, dates, amounts, tax, and PO references — everything needed for reconciliation. See billing.
• Asset upload API: Upload files up to 5 MB via the API. Assets are stored with AES-256 encryption and served with proper content-type headers and caching. Useful for logos, evidence files, and supporting documentation.

​

Updates

• Platform broadcast announcements: Announcements from Truthlocks — including system updates, security alerts, and operational notifications — now appear directly in your console inbox with priority levels (normal, urgent, critical). See the announcements endpoints.
• Key rotation reminders: The platform now warns you when signing keys approach 90 days old and webhook secrets approach 180 days old, so you can rotate them before they become a compliance risk. See the webhooks guide.

​

Quick Protect, SIEM log streaming, governance API, and batch minting

​

New features

• Quick Protect: Protect content in a single step from the consumer dashboard. Drag a file onto the drop zone and the protection is minted immediately — client-side SHA-256 hashing, AI metadata extraction, and attestation creation happen in one action. See content protection.
• SIEM real-time log streaming: Stream audit log events in real time to Splunk, Datadog, AWS CloudWatch, Elastic/ELK, or a custom webhook endpoint. Enterprise tier only. See audit logs.
• Governance API: Manage formal issuer actions — suspend, revoke, reinstate, and change trust tier — through a multi-party approval workflow. Create a request, collect approvals, then execute. See the governance API reference.
• Webhooks management API: Register endpoints, list deliveries, rotate signing secrets, and send test events through the API. Monitor delivery health with per-event status tracking. See the webhooks API reference and the webhooks guide.
• Billing management API: Check your plan, create checkout sessions, view subscription status, and download invoices programmatically. See the billing API reference.
• Environments API: Create, list, and activate sandbox, development, and staging environments through the API with isolated data and separate API keys. See environments.
• Batch minting: Mint credentials for multiple recipients in a single workflow with configurable concurrency and per-recipient success/failure reporting. See the SDK examples.
• Downloadable protection certificates: Download a formal SVG certificate for any attestation — including the title, content hash, attestation ID, protection date, and a verified seal. Use certificates for legal evidence, portfolio displays, or print. See the badges guide.
• AI-generated proof summaries: Public proof pages now include a plain-English summary explaining what was protected and when, making verification accessible to non-technical viewers. See content protection.
• SUPERSEDED verification verdict: Verifying a superseded attestation now returns a distinct SUPERSEDED verdict instead of REVOKED, making it clear the credential was replaced — not invalidated. Follow the superseded_by_attestation_id field to the replacement. See the verify endpoint.
• Issuer event history: A new endpoint returns every status change, key registration, attestation, and governance action for a specific issuer. See issuer events.
• Consumer stats endpoint: See your total protections, verifications received, and portfolio page views at a glance. See the consumer stats endpoint.
• Privacy jobs tracking: List all your data export and account deletion requests with status, timestamps, and download URLs. See privacy jobs.

​

Updates

• Custom audit log retention: Configure how long audit logs are retained (30–3,650 days), choose between archive and permanent deletion, and set per-environment retention policies. See audit logs.
• Webhook wildcard filters: Subscribe to all events in a category with a single wildcard — for example, attestation.* matches all attestation events. See webhooks.
• Webhook secret rotation: Rotate a compromised webhook secret instantly from the console or via the API. See webhooks.
• Entitlements endpoint: A single call returns your active plan, feature flags, and numeric quotas — useful for building in-app upgrade prompts or enforcing client-side limits. See the entitlements endpoint.
• Issuer suspension: Platform administrators can now suspend an approved issuer directly. Existing attestations remain valid, but the issuer cannot mint new ones until reinstated. See the suspend endpoint.
• Go SDK governance methods: Manage issuer governance workflows — list requests, create, approve, and execute — directly from the Go SDK.

​

Interactive API playground on every endpoint and full SDK parity

​

Updates

• Interactive API playground on every endpoint: All 50+ API reference endpoints now support the interactive playground with pre-filled parameters and one-click environment switching between Production and Sandbox. You can test any request directly from the docs without leaving the page.
• Full three-language SDK parity: The JavaScript, Go, and Python SDKs now have identical workflow coverage — including credential issuance, verification, revocation, and supersede. Every SDK example is available in all three languages with copy-paste-ready code.
• Sandbox environment in the API playground: Switch between Production (api.truthlocks.com) and Sandbox (sandbox-api.truthlocks.com) directly in the API playground on any endpoint page. Sandbox requests use isolated test data so you can experiment safely. See environments.

​

Request examples across the API reference and complete Python coverage

​

Updates

• Request examples on every API endpoint: All API reference endpoints now include ready-to-use request examples in cURL, JavaScript, and Python. You can copy a working request directly from any endpoint page — including attestations, governance, consumer, issuers, and audit — and start integrating immediately.
• Complete Python SDK workflow coverage: The SDK examples page now includes Python code for every section, including end-to-end credential issuance, document attestation with SHA-256 hashing, and revoke-and-supersede workflows. Combined with the new request examples above, Python developers now have the same first-class integration experience as TypeScript and Go.
• Revoke examples on all SDK pages: The JavaScript, Go, and Python SDK reference pages each include a dedicated “Revoke an attestation” section with a complete code example, making credential lifecycle management easier to implement.

​

Full Python SDK parity and revoke examples on every SDK page

​

Updates

• Full Python SDK parity: The SDK examples page now includes Python code for every section — end-to-end credential issuance and verification, document attestation with SHA-256 hashing, and revoke-and-supersede workflows. Python developers get the same copy-paste-ready patterns already available in TypeScript and Go.
• Revoke examples on all SDK pages: The JavaScript, Go, and Python SDK reference pages now each include a dedicated “Revoke an attestation” section with a complete code example, matching the existing supersede sections.
• Clearer policy evaluate response docs: The issuance policies guide now explicitly notes that evaluation_ms has been removed from the evaluate endpoint response and points you to the decision audit trail for performance data.

​

Revoke and supersede SDK examples and Python SDK references

​

Updates

• Revoke and supersede SDK examples: The SDK examples page now includes full TypeScript and Go patterns for revoking an attestation and superseding it with an updated version. Each example covers the complete workflow — revocation with a reason, post-revocation verification, and supersede with a new payload — so you can integrate credential lifecycle management without guesswork.
• Python SDK references: The SDK examples page and all related quick-links now reference the Python SDK alongside JavaScript and Go, making it easier to find the right SDK for your stack.

​

Simplified policy evaluate response, CSV exports for all frameworks, and new developer guides

​

Updates

• Simplified policy evaluate response: The evaluate endpoint no longer returns evaluation_ms. The reasons field is now only populated when a request is denied, giving you a cleaner response to parse. If you were using evaluation_ms for performance monitoring, query resource_type=policy_decision in the decision audit trail instead.
• CSV export for all compliance frameworks: Compliance exports now support CSV output for SOC 2 and GDPR in addition to HIPAA. Pass format=csv with any report_type to the audit export endpoint.
• SDK examples guide: A new SDK examples page provides production-ready code patterns for common workflows — minting and verifying attestations, revoking and superseding credentials, validating webhook signatures, and more. Examples are available in TypeScript and Go.
• Data residency guide: A dedicated data residency guide explains how to pin tenant data to a specific region (US, EU, or Africa), what stays in-region, and how cross-region requests are handled.
• Support access documentation: New documentation explains how support staff access your tenant through time-limited impersonation sessions with scoped permissions, automatic expiry, and full audit logging.
• Policies API request examples: The create policy and evaluate policy endpoints now include complete curl examples and accurate response field descriptions.

​

Policies API, issuer applications API, custom roles API, and framework-specific exports

​

New features

• Policies API: Create, list, simulate, and delete issuance policies through the API. Test how a policy evaluates a given request with the evaluate endpoint before enforcing it. See the full policies API reference.
• Issuer applications API: Submit issuer applications, upload supporting evidence, and track application status through the API instead of the console. See the issuer applications API reference and the issuer applications guide.
• Custom roles API: Create custom roles and assign them to users programmatically. Define access permissions tailored to your team and assign them through the create role and assign role endpoints. See RBAC & permissions.
• Announcements API: Retrieve and manage platform announcements — system updates, security alerts, and operational notifications — through the announcements endpoints.
• Framework-targeted audit exports: The audit export endpoint now accepts an optional report_type parameter (soc2, gdpr, or hipaa) so you can generate a framework-specific report in a single request. Omit the parameter to get a raw audit log export. Requires the Compliance Pack add-on. See the compliance exports guide.
• Policy bindings API: A new /v1/policies/bindings endpoint lets you bind a policy to an individual issuer, a verification profile, or the tenant default — each with a priority value. The highest-priority binding is evaluated first and the first DENY stops evaluation. See policy bindings.

​

Updates

• Policy decisions in audit logs: Policy evaluation records are now queryable as standard audit events. Filter by resource_type=policy_decision and the decision_id returned from the evaluate endpoint to trace exactly which policy version, rules, and input hash applied. See decision audit trail.
• CSV export for all frameworks: Compliance exports now support CSV output for all report types (SOC 2, GDPR, and HIPAA), not just HIPAA. See the compliance exports guide.

​

Compliance exports, policy bindings, and decision audit trail

​

New features

• Compliance exports: Export audit data formatted for SOC 2, GDPR, and HIPAA compliance reviews from Settings > Audit > Export or via the API. Each export runs as a background job with downloadable JSON and CSV output. See the compliance exports guide.
• Policy bindings: Bind issuance policies to specific targets — an individual issuer, a verification profile, or the tenant default — with priority-ordered evaluation so the most specific policy wins. See issuance policies.
• Decision audit trail: Every policy evaluation now records a decision_id, the policy version, matched rules, and a SHA-256 hash of the input. Query past decisions through the audit events API for full traceability.
• Condition operators and fields reference: Seven operators (eq, neq, in, nin, gt, lt, exists) and eight evaluation fields with dot-notation support give you fine-grained control over issuance policy rules.

​

Updates

• Enterprise branding API: Manage brand assets programmatically — retrieve and update branding settings, upload logos via a presigned URL flow, and configure colors. Plan-gated to Business and Enterprise tiers. See the enterprise branding guide.
• Compliance review workflow: A dedicated guide now walks through the full four-stage review lifecycle — Requested, In Progress, Submitted, and Reviewed — including evidence attachments, reviewer outcomes, and email notifications at each step. See the compliance review guide.

​

Consumer settings, pricing calculator, and public proof metadata API

​

New features

• Consumer language and region preferences: Choose your display language and preferred data residency region from Settings > Language & Region on the verify portal. Five languages and seven regions are available at launch. See the consumer portal guide.
• Connected apps management: View and revoke third-party applications that have access to your account from Settings > Connected Apps on the verify portal. Each entry shows the app’s granted permissions and when access was authorized. See the consumer portal guide.
• Notification preferences: Control which emails and push notifications you receive — verification alerts, security alerts, marketing updates, and more — from Settings > Notifications on the verify portal. See the consumer portal guide.
• Device management: View all devices linked to your account with verification status and last-active timestamps. Remove devices you no longer use from Settings > Devices. See the account security guide.
• Public proof metadata API: Fetch metadata for any consumer protection — title, description, content type, file info, hash, and timestamp — without authentication. Useful for rendering custom proof pages and generating Open Graph link previews. See the proof metadata endpoint.
• Pricing calculator: Estimate your monthly costs based on expected mint and verify volumes. The calculator pulls live regional rates for 27 countries so you see pricing in your local currency.
• Content protection and code authorship use-case pages: Two new pages on the marketing site walk through real-world workflows — one for photographers, artists, writers, and researchers protecting creative work, and one for developers protecting source code with CI/CD integration.

​

Updates

• Billing dunning and grace periods: If a payment fails, the platform now follows a graduated access workflow — degraded, restricted, then suspended — with configurable grace periods so you have time to resolve the issue before losing access. See billing.
• Public rate-card API: A new unauthenticated endpoint returns current plans, per-operation rates, and regional pricing multipliers so you can build cost estimates programmatically. See billing.
• Consumer session management: You can now list active sessions and revoke all other sessions from the verify portal, in addition to the existing console-level session controls. See the account security guide.

​

Data retention, custom roles, consumer tiers, and code authorship protection

​

New features

• Data retention policies: Configure retention periods per data class — audit logs, consumer inbox, verification events, and webhook deliveries — with soft-only or soft-then-hard delete modes. Meets GDPR and data sovereignty requirements. See the privacy center guide.
• Legal holds: Place legal holds on specific data scopes to prevent deletion during investigations or disputes, regardless of your retention policy.
• Custom RBAC roles: Create custom roles with granular permissions spanning attestations, issuers, users, audit, webhooks, API keys, governance, and settings. See role-based access control.
• Consumer subscription tiers: Three pricing plans on the verify portal — Free (50 protections/month), Creator ($9/month, 500 protections), and Pro ($29/month, unlimited). Payment routes to the best provider for your region.
• Saved items: Consumers can bookmark inbox items with optional notes and tags for quick reference.
• Verification history: Browse previously read and archived verifications with filtering by state.
• Code authorship protection: Protect source code, APIs, and documentation with cryptographic attestations. Covers single-file and full-repository protection with CLI, Node.js, Go, and Python SDK examples, plus CI/CD integration patterns. See the code authorship guide.
• Issuer application review: Submit issuer applications with supporting evidence. Platform reviewers approve, reject, or request additional information — with risk ratings and trust tiers assigned during approval. See the issuer application guide.
• Tenant announcements: Receive platform-wide messages with priority levels (normal, urgent, critical) in a dedicated inbox with search, filtering, and read tracking.
• Pending approval status page: New tenants waiting for platform approval see a clear status page with next steps and automatic redirect once approved.
• SDK quick-start page: Copy-paste install commands and example code for the JavaScript, Go, and Python SDKs, directly from the console settings.

​

Updates

• SCIM provisioning guide: A dedicated guide covering user and group CRUD, filtering, deprovisioning, group-to-role mapping, and IdP setup for Okta, Azure AD, and OneLogin. See SCIM provisioning.
• Row-level security documentation: New documentation explaining Postgres RLS tenant data isolation, session variable injection, and the full list of covered tables. See row-level security.
• Abuse hardening documentation: New documentation covering rate limiting tiers, request size limits, Ed25519 enforcement, and compliance mapping across B2C, B2B, and B2G segments. See abuse hardening.
• Onboarding checklist: The onboarding guide now details a seven-step checklist with progress tracking and resume behavior.

​

Policy simulator, export controls, and policy lifecycle

​

New features

• Policy simulator: Test how your issuance policies evaluate a given request before deploying to production. Select a policy, enter a sample input, and see the decision, matched rules, and evaluation time — from the console or the evaluate endpoint.
• Export control policies: A new BUNDLE_EXPORT policy category lets you apply rules to proof-bundle export and data-portability requests, alongside the existing MINT and VERIFY categories.

​

Updates

• Policy lifecycle statuses: Policies now support DRAFT, ACTIVE, and DISABLED statuses. Save a policy as a draft while you iterate on rules, then activate it when ready — or disable it temporarily without deleting.
• Issuance policies: The existing issuance policies feature now includes detailed API examples for creating, listing, simulating, and deleting policies.

​

CI/CD protection, dark mode, AI campaigns, and Truth Explorer

​

New features

• Protect GitHub Action: Mint proofs of authorship on every push, PR, or release with truthlocks/protect-action@v1. Only SHA-256 hashes leave your runner.
• Dark mode: Toggle light, dark, or system themes across the console and all 18 verify portal pages. Your preference persists across sessions.
• Onboarding wizard: A guided six-step setup walks you through profile, organization, team invites, issuer creation, key generation, and a test mint. See the console onboarding guide.
• Console search and profile menu: Press Cmd+K / Ctrl+K to jump to any page. Click your avatar for settings, theme switching, and sign-out. See the console guide.
• Redesigned navigation: A collapsible nav rail with pin support and a mobile drawer, shared by the console and verify portal. See the consumer portal guide.
• Agentic AI campaigns: Four AI agents collaborate through each campaign step with full reasoning visibility and multi-provider lead sourcing. Includes simulation mode, a kill switch, and approval mode. See the AI CMO guide.
• Campaign templates: Ten ready-to-use templates for Financial Services, Legal, Healthcare, SaaS, Government, and more. See the templates guide.
• Truth Explorer: Browse transparency checkpoints, search by attestation ID, validate proof bundles offline, and view the issuer directory at transparency.truthlocks.com. No account required. See the Truth Explorer guide.
• Transparency settings: Configure your public directory profile — display name, website, logo, and visibility — from Settings > Transparency. See the transparency settings guide.
• File integrity verification: Upload a file on the verify portal to confirm it hasn’t been altered since protection. See the content protection guide.
• Leads pipeline: Track inquiries through new → contacted → qualified → converted stages with spam prevention and CSV export. See the leads pipeline guide.
• Newsletter campaigns: Compose, preview, test, and broadcast emails to subscribers from the console. See the newsletter guide.
• Badge style options: Four styles (default, flat, large, minimal) with dark variants and certificate layouts. See the badges guide.
• Tenant environments: Isolated DEV and STAGING environments with separate API keys and data. See environments.
• Issuance policies: Rule-based controls over who can mint, with one-click templates for jurisdiction and trust-tier restrictions. See the issuance policies guide.
• Public status page: Real-time health for eight services, 90-day uptime history, and incident timelines at status.truthlocks.com. See health monitoring.
• Billing usage API: Track mints, verifications, and storage against plan limits in real time. See the usage endpoint.
• Content similarity search: Check if a file has already been protected before minting. See the similarity endpoint.
• Blog CMS: Draft, publish, and archive blog posts from the console with category tagging and search.
• Alternative auth header: All endpoints now accept Authorization: ApiKey <key> alongside X-API-Key. See authentication.

​

Updates

• Custom domains: Branded URLs for the verify portal and console with automatic DNS verification. See the custom domains guide.
• Custom email senders: Use your own from-address for transactional emails via SES or SMTP. See email delivery.
• Observability dashboard: Real-time attestation volume, latency percentiles, and plan usage with auto-refresh (Business and Enterprise). See the observability guide.
• Campaign intelligence: Past learnings inform future campaigns. Positive replies are classified and pushed to your connected CRM.
• Timezone-aware outreach: Campaign emails send only during 9 am–6 pm in the recipient’s local timezone.
• Campaign safety guards: Auto-pause on high bounce or complaint rates, with daily caps and per-minute throttling.
• SDK automatic retries: All SDKs (Go, JS/TS, Python) retry transient errors up to three times with exponential backoff.
• Consumer page polish: All 18 verify portal pages now have loading skeletons, rich cards, and search/sort controls.
• Session management: View and revoke active sessions from Settings > Sessions.
• Document hash backfill: Existing protections now include a verifiable document_hash in proof bundles for file verification of older records.
• Hardened CSP: Tighter Content Security Policy on the transparency app.
• Expanded error codes: 20+ new codes across SSO, billing, consumer, and DID flows. See the error reference.

​

Bug fixes

• Admin-approved campaign emails are now sent as expected — previously they could be silently lost after approval.
• AI campaign agents no longer lose context between runs.
• Campaign lead discovery no longer loops on unknown timezones, and duplicates are counted correctly.
• Campaigns no longer complete before lead discovery finishes, and all detail tabs load correctly.
• Lead scoring, queries, and imports work correctly across all enrichment sources.
• Newly protected content no longer shows a false “document altered” verdict.
• Public proof pages show full attestation details without requiring sign-in.
• Content protection no longer stalls during initial issuer provisioning.
• Verification no longer fails on case-sensitive key status checks.
• New console signups correctly receive access on first login.
• Email delivery retries automatically on transient failures.
• Cloning a campaign template no longer fails when audience targeting is left blank.
• The agent activity viewer no longer crashes when loading campaign turns.
• Audit logs correctly record platform-level actions with accurate timestamps.
• Proof bundles with certain key formats no longer cause signature validation errors.

​

Consumer platform, B2B2C delivery, and new billing

​

New features

• Consumer content protection: Protect files directly from the verify portal — drag-and-drop uploads with SHA-256 hashing, EXIF extraction, and AI metadata detection. Manage everything from My Protections.
• B2B2C credential delivery: Deliver verified credentials to end consumers through a white-labeled inbox. Recipients see issuer-branded credentials and can view claims, archive items, or open the public proof page — no account required.
• SAML SSO and SCIM: Native SAML 2.0 single sign-on and SCIM user/group provisioning with connection testing and role mapping.
• Attestation supersede: Replace an attestation with a new version while preserving the full audit trail. Useful for credential renewals, corrections, and key rotations. Available in the Go and Python SDKs.
• Pay-per-use billing with 50% price cut: The new billing system uses rate cards and plan-based gating. Mint dropped to $0.25 (from$0.50) and verify to $0.10 (from$0.20).
• Multi-provider payments: Checkout routes to the best provider for your region — Stripe for most countries, Paystack for Nigeria, Flutterwave for Ghana, Kenya, and South Africa. See provider routing.
• Billing add-ons: Self-service add-ons for Extra Seats, Priority SLA, Private Audit Logs, Compliance Pack, White-Label Branding, and more.
• Verification pack templates: 26 ready-to-use verification pack templates spanning Identity, Compliance, Financial, Healthcare, Education, and Supply Chain categories.
• Public portfolios and badges: Share protected work via portfolio pages with OG tags. Embed verification badges or download SVG certificates.
• Python SDK and Protect CLI: A new Python SDK and the @truthlock/protect CLI for content protection, including a GitHub Action for CI/CD.
• DID and JWKS discovery: Public endpoints for resolving issuer identities via W3C DIDs and retrieving signing keys via JWKS for offline signature verification.
• Consumer account controls: API keys with a 5-key limit and 90-day expiry, TOTP-based MFA and session management, and a self-service privacy center for data exports and account deletion.
• Data residency: Lock tenant data to a specific geography (EU, US) for GDPR and data sovereignty compliance.
• Enterprise admin dashboard: Cross-tenant analytics, bulk tenant management, and detailed drill-downs across users, API keys, webhooks, activity, and billing.
• Compliance review workflow: Submit compliance evidence from settings. Administrators review, request info, and approve or decline with email notifications at each step.
• Purchase order billing: Enterprise tenants can submit purchase orders as an alternative to credit card payment.

​

Updates

• Billing limits enforcement: API requests over quota return HTTP 402 with upgrade guidance. Portal verifications remain free. See rate limits and error codes.
• Proof bundle integrity: Bundles now include a bundle_hash_b64url integrity hash and document_hash for tamper detection. See the proof bundle spec.
• Webhook improvements: Payloads include SHA-256 hashes, inactive endpoints are auto-skipped, and failed deliveries retry with status tracking. Endpoint limits scale by plan (1 free, 3 Starter, 10 Business, 25 Enterprise). See the webhooks guide.
• Interactive API playground: The API reference now has an interactive playground with pre-filled examples and environment switching.
• Automatic issuer provisioning: Your signing identity is created automatically the first time you protect content — no manual setup.
• Enterprise branding: Upload custom logos and brand assets for verification pages, emails, and proof bundles.
• Audit event reliability: Audit logs now reliably capture every action.
• Support access sessions: Support uses time-limited, scoped sessions with a full access log in your audit trail.
• Login security: Error messages no longer reveal whether an email address is registered.
• Terms of Service and Privacy Policy: New Terms of Service and Privacy Policy covering data processing, SLAs, and GDPR/CCPA rights.

​

Bug fixes

• Fixed a 500 error when generating signing keys for new tenants.
• The verify portal now handles anonymous verification without requiring authentication.
• Resolved connection errors and signature validation failures when downloading or verifying proof bundles.
• Fixed an infinite loop in the protect flow for consumers with stale issuer records.
• Console signups now correctly grant access, and the dashboard loads reliably after sign-in.
• Fixed broken email templates for team invites, password resets, onboarding, and issuer notifications.
• Resolved a 401 error preventing consumers from accessing their inbox.
• Proof pages now display the correct attestation date.
• Audit log exports complete successfully with correct IP address parsing.
• The verification packs API endpoint is now correctly routed.
• The public transparency log displays checkpoint history correctly.
• Fixed console theme switching, attestation minting field issues, and dashboard stats accuracy.

​

Search the Verification Network

• Verified Directory Database: A dedicated portal providing issuer reputation scores.
• Enhanced API Error Codes: We standardized our error verdicts for better predictability in programmatic consumption. Check out the new Error Reference.

​

Launching Core Cryptography Upgrades

• Ed25519 Native Signatures: Adopted Ed25519 as the primary algorithm for issuer and platform signatures, deprecating P-256 for minting.
• Proof Bundle Standardization: Introduced a unified, single JSON cryptographic artifact for offline verifiability (v1 spec).
• ZKP Preview: Early access preview of zero-knowledge proofs designed for verifiable credentials without over-sharing personal information.

​

Streamlined Go-To-Market

• Go, Python, and TS SDKs: Released native SDKs across three languages mapping to Truthlocks /v1/attestations endpoints.
• Enterprise Asset Packs: Documentation specifically tailored for B2G (Government), B2B, and Technical Integration architectures.