This release adds 3 notable features for engineering teams evaluating rollout.
✓ No known CVEs patched in this version
Topics
+9 more
Affected surfaces
Summary
AI summaryCryptographic proof-of-behavior for AI agents with a Cedar-inspired DSL, hash‑chained logs, and DID identities across Core, Packages, and Stats.
Full changelog
What's in v1.0.0
Cryptographic proof-of-behavior for AI agents. Define behavioral constraints, enforce at runtime, prove compliance with hash-chained audit logs.
Core
- Cedar-inspired constraint DSL (permit/forbid/require)
- SHA-256 hash-chained action logs (tamper-evident)
- Cross-agent verification handshake
- DID-based agent identity
- Merkle proof generation
Packages
@nobulex/core— constraint engine + enforcement@nobulex/sdk— high-level CovenantAgent API@nobulex/mcp-server— MCP compliance server@nobulex/a2a— A2A Agent Card behavioral evidence extension- 26 packages total
Stats
- 3,648 tests passing, 82 test files
- TypeScript, MIT licensed
- Registered issuer in Open Agent Trust Registry
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About arian-gogani/nobulex
Proof-of-behavior enforcement for AI agents. Define behavioral covenant rules (permit/forbid/require), enforce at runtime before execution, get SHA-256 hash-chained tamper-evident audit logs, and verify compliance independently. Cross-agent verification handshake — no proof, no transaction. MIT licensed, 4,244 tests.
Related context
Related tools
Beta — feedback welcome: [email protected]