Release notes: v2.2.0

Why this release

v2.2.0 is the trust-layer release. It cements Akmon as the producer-agnostic, tamper-evident evidence and verification layer that sits on top of whatever agent you already run, and makes that claim provable: a third party can verify an Akmon bundle's signature, and now its operator attestation, offline with nothing but openssl, no Akmon binary, no cloud. Everything is additive; existing journals and bundles remain readable.

Top user-facing wins

  • Import any agent (OpenTelemetry GenAI): akmon otel import <trace.json> turns an OTLP/JSON trace into a verifiable AGEF session, including the legacy v1.36-and-earlier message-event form that most deployed instrumentations still emit by default, not only the v1.37 structured attributes. Capture fidelity is honest: imports are capture_level=structural (metadata only), never silently presented as a full recording.
  • Generate a signing key: akmon bundle keygen produces a usable Ed25519 key (PKCS#8 v2) with a 0600 private-key file. (openssl genpkey emits PKCS#8 v1, which is rejected.)
  • Verify offline with stock openssl (metric F.1): akmon bundle prove-openssl emits statement.bin / signature.bin / pubkey.pem so anyone can check a signature with no Akmon and no cloud.
  • Operator-identity binding (AGEF v0.1.3): akmon bundle attest records a separately-signed AGEF-OPERATOR-v1 claim binding an accountable operator/human to a session, addressing the EU AI Act Art. 14 / Art. 12(3) "which operator" requirement without PKI, DID, or cloud. akmon bundle verify and agef-verify gain --operator-key / --require-operator; prove-openssl --operator-key makes the operator claim openssl-verifiable too. Verification attaches trust to the key, never to the self-asserted identity string.
  • Standalone agef-verify is now shipped in the release alongside akmon, with SHA-256 checksums and an SBOM, so auditors can verify on an air-gapped machine.

Upgrade notes

  • Safe, additive upgrade from v2.1.0. AGEF bumps from 0.1.1 to 0.1.3, but the bumps are minor/additive: 0.1.1/0.1.2 readers still read 0.1.3 bundles and ignore the optional signatures[] / operator_attestations[] fields. Unsigned/unattributed bundles serialize byte-identically.
  • The AGEF-SIG-v1 head signature and the prove-openssl byte output are unchanged by the operator layer: adding an operator attestation never invalidates an existing head signature.
  • The canonical AGEF specification (radotsvetkov/agef) is being updated to v0.1.3 in lockstep.

Verifying your download

Each release publishes SHA256SUMS. After downloading, check it:

sha256sum --check SHA256SUMS