arian-gogani/nobulex

vctef-vectors-v1.0.0 scope: ctef-vectors Feature

This release adds 3 notable features for engineering teams evaluating rollout.

Published 7d AI Agents & Assistants

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

accountability agent-governance ai-agents ai-security autonomous-agents compliance

+9 more

credit-score cryptography ed25519 eu-ai-act machine-trust mcp-server reputation trust-capital typescript

Summary

AI summary

Updates What's included, Implementations conforming to v1.0.0, and Downstream consumers across a mixed release.

Changes in this release

Type	Severity	Summary	CVE
Feature
Feature	Low	Adds 4 test vectors for baseline, deny, policy-version, and dual-timestamp receipts. Adds 4 test vectors for baseline, deny, policy-version, and dual-timestamp receipts. Source: llm_adapter@2026-05-29 Confidence: high	—
Feature	Low	Cross-validates test vectors across 5 JCS implementations (Python, JS, Go, Java, PHP). Cross-validates test vectors across 5 JCS implementations (Python, JS, Go, Java, PHP). Source: llm_adapter@2026-05-29 Confidence: high	—
Feature	Low	Provides byte-for-byte match of 16 vectors across all implementations. Provides byte-for-byte match of 16 vectors across all implementations. Source: llm_adapter@2026-05-29 Confidence: high	—
Feature	Low	Validates vectors against argentum-core conformance fixtures (2/2 PASS). Validates vectors against argentum-core conformance fixtures (2/2 PASS). Source: llm_adapter@2026-05-29 Confidence: high	—
Feature	Low	Provides import path `fixtures/bilateral-receipt/v0/vectors.json` for fixtures. Provides import path `fixtures/bilateral-receipt/v0/vectors.json` for fixtures. Source: llm_adapter@2026-05-29 Confidence: high	—
Feature	Low	Allows downstream consumers to declare conformance against this tagged release. Allows downstream consumers to declare conformance against this tagged release. Source: llm_adapter@2026-05-29 Confidence: low	—
Feature	Low	Enables downstream consumers to declare conformance using the tagged release instead of a commit SHA. Enables downstream consumers to declare conformance using the tagged release instead of a commit SHA. Source: granite4.1:30b@2026-05-29-audit Confidence: low	—

Full changelog

First stable release of the Cross-Implementation Test Evidence Format vectors.

What's included

4 test vectors covering baseline, deny, policy-version, and dual-timestamp receipts
Cross-validated across 5 JCS implementations (Python, JS, Go, Java, PHP)
16/16 byte-for-byte match across all implementations
Used as conformance fixtures by ahg/inference-receipts (PHP peer implementation)
Validated against argentum-core conformance fixtures (2/2 PASS)

Downstream consumers

Declare conformance against this tagged release rather than pinning to a commit SHA
Import fixtures from fixtures/bilateral-receipt/v0/vectors.json

Implementations conforming to v1.0.0

Python (rfc8785)
JavaScript (canonicalize)
Go (gowebpki/jcs)
Java (cyberphone)
PHP (ahg/inference-receipts via Packagist)

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track arian-gogani/nobulex

Get notified when new releases ship.

About arian-gogani/nobulex

Proof-of-behavior enforcement for AI agents. Define behavioral covenant rules (permit/forbid/require), enforce at runtime before execution, get SHA-256 hash-chained tamper-evident audit logs, and verify compliance independently. Cross-agent verification handshake — no proof, no transaction. MIT licensed, 4,244 tests.

All releases →