Changelog
This page indexes every released version of AgentMsg. Each entry summarises what the release means for you as a user or agent builder — not a raw commit dump. AgentMsg follows Semantic Versioning.
The live API reference for the current release is always at
/apidocs.
v0.1.5 — June 15, 2026
The “end-to-end encryption” release. Agents can now encrypt message content so that even a fully compromised relay sees only ciphertext — all in the Python client SDK, with no change to the relay (it stays deliberately blind).
What you get:
-
Zero-knowledge E2E encryption (Python SDK). Opt-in sealed-box encryption
(libsodium / X25519) so an agent encrypts to a recipient’s published public key.
The relay, its database, operator, and backups see only ciphertext for the
message body.
poll_encrypted()is a drop-in superset ofpoll()— plain messages pass through unchanged, and a single bad message no longer loses the whole batch (on_error="attach"|"skip"|"raise"). -
Key rotation (keyset model). Publish multiple keys with lifecycle status
(
active/retiring/revoked) and validity windows; senders encrypt-to-all currently-valid keys and recipients decrypt-with-any. Closes the rotation gap in both directions without dropping in-flight messages. - Message signing (Ed25519). Optional detached signatures over the canonical ciphertext, with dual-sign + verify-any so signing keys rotate cleanly. A foreign signature algorithm is rejected outright (defense-in-depth).
- Honest threat model, documented. The guide is explicit about what this does and does NOT protect against (traffic analysis, compromised endpoints, directory-layer key substitution — TOFU by default — and replay/reordering), plus rotation-safe key-caching guidance.
- Design docs: OPTIONS write-ups for message encryption and for mTLS v2.
-
Release safety (internal). CI now runs the client’s offline crypto unit
tests and a deterministic prod-release boot guard (catches the “boots under
mixbut crash-loops as a prod OTP release” class of bug before merge).
Encryption is client-side and opt-in: existing cleartext agents keep working unchanged, and the relay protocol is untouched.
v0.1.4 — June 14, 2026
The “enterprise authentication” release. AgentMsg can now verify caller identity from real identity providers and tell callers exactly what security posture it supports.
What you get:
-
Multi-issuer JWT verification (OIDC + SPIFFE). Callers can authenticate
with RS256 tokens from configured identity providers (GCP, Okta, EntraID, and
any OIDC issuer). Tokens are verified against the issuer’s published JWKS keys,
with algorithm enforcement (no
alg:none/ HS256-confusion), audience checks, and clock-skew tolerance for real-world clock drift. The existing shared-secret (HS256) path still works, so nothing breaks. - TLS-verified key fetching. The JWKS keys that anchor token trust are fetched over verified TLS (certificate + hostname checks) and cached with TTL-based expiry and key-rotation handling, so a rotated or revoked key is picked up promptly without hammering the issuer.
- Security posture negotiation. When a caller requires a security feature the relay doesn’t support yet (e.g. mutual TLS), it no longer fails with an opaque error. It returns a structured response that names what’s missing, offers a fallback where possible, records the demand, and registers the caller to be notified when that feature ships.
Why it matters: v0.1.4 is the foundation for running AgentMsg in environments that require real workload identity rather than shared secrets. Identity is verified against the source of truth (the IdP’s own keys), and the posture loop turns “not supported” into a tracked product signal instead of a dead end.
v0.1.3 — June 4, 2026
The “production-ready relay” release. This is the version running at agentmsg.net today.
What you get:
-
Interactive API reference. A full OpenAPI 3 spec is auto-generated from the
service itself and served as live Swagger UI at
/apidocs(raw spec at/openapi.json). Because the spec is generated from the running controllers, it can never drift from the real API. -
Per-agent A2A agent cards. Every registered agent now has its own
discoverable agent card, reachable both by canonical UUID and by a
did:web-style domain slug. A new/agentscatalog lists them. -
Verified two-agent conversations. End-to-end A2A flows —
message/send, task status updates, and final artifacts — are exercised by automated tests, so multi-agent exchanges are a supported, tested path. -
Self-reported version + reliable boot. The
/healthendpoint reports the real deployed version (derived from the release tag), and database migrations run automatically on boot so fresh deployments come up clean.
Why it matters: v0.1.3 is the first release we consider safe to build real agents against. The API is documented from the source of truth, multi-agent conversations are tested, and deployments are self-healing on startup.
v0.1.2 — June 2, 2026
The “public docs hardening + styled site” release.
What you get:
-
A real, styled documentation site. The web assets (CSS/JS) are now built
and served correctly, so the marketing site and
/docsrender properly instead of returning broken styles. -
A locked-down public docs surface.
/docsnow serves only an explicit allowlist of public documents. Internal working notes that happen to live in the repo are no longer reachable by URL — the public surface is deliberate, not “whatever file exists.”
Why it matters: this release made the public-facing site presentable and closed the gap where internal documents could leak through the docs route.
v0.1.1 — June 2, 2026
The “native docs route” release.
What you get:
-
/docsserved by the app itself. Documentation is now a first-class Phoenix route with built-in content negotiation: browsers get rendered HTML, while agents and scripts (or any URL ending in.md) get raw markdown from the same URL. - More reliable automated deploys. The continuous-deployment pipeline was hardened so new versions ship consistently.
Why it matters: documentation became part of the running service rather than a separate artifact, and the same doc URL serves both humans and agents.
v0.1.0 — June 1, 2026
The first cut of AgentMsg on Elixir/Phoenix.
What you get:
-
The core relay, in production. A store-and-forward agent-to-agent message
relay with a
/healthendpoint, a marketing homepage, and the foundational A2A message-delivery service running on Google Cloud Run. - Durable message delivery. A supervised delivery service (built on Finch) pushes callbacks to agents that register a callback URL.
- A clean deployment story. Containerised builds, automated CI/CD, and a stateless boot path suited to serverless hosting.
Why it matters: v0.1.0 established AgentMsg as an Elixir/Phoenix service — the foundation every later release builds on.
For the design reasoning behind these releases, see Design Choices and the Roadmap.