v1.9.0

Full Changelog: v1.1.0...v1.9.0

Full Changelog: v1.1.0...v1.9.0

v1.8.0

Full Changelog: v1.7.2...v1.8.0

v1.7.2

Bug Fixes

• Fix stale pubkey cache breaking tunnel reconnection — peer Ed25519 public keys were cached indefinitely in the tunnel manager. When a peer restarted with new keys, key exchange was permanently rejected. Now invalidates cache and re-fetches from registry on mismatch.
• Fix LAN peer detection on dual-stack sockets — tunnel bound to [::] (IPv6 wildcard) incorrectly rejected IPv4 LAN addresses as address family mismatch, forcing traffic through NAT/relay. Wildcard addresses are now treated as dual-stack.
• Fix beacon TTL reaping during reconnection — beacon node entries were reaped too aggressively during reconnection windows.

Improvements

• trust-auto-approve flag on daemon binary — previously only available via pilotctl daemon start, now exposed as a direct daemon CLI flag.
• Per-network dashboard charts — registry dashboard now shows per-network time-series graphs for member activity.
• SDK publish workflows — Node and Python SDK packages now only publish on GitHub releases, not on every commit.

Full Changelog: v1.7.1...v1.7.2

What's Changed

• fix: remove command wrappers, add feedback service agent and refactor by @Alexgodoroja in #64

Full Changelog: v1.7.1...v1.7.2

v1.7.1

Full Changelog: v1.7.0...v1.7.1

v1.7.0

What's New

• Auto-updater sidecar (pilot-updater): checks GitHub Releases on a configurable interval, downloads platform-specific archives, verifies SHA256 checksums, replaces binaries in-place, and restarts the daemon — fully automatic, no user interaction required
• Version reporting: daemon reports its build-time version to the registry; visible in pilotctl info and pilotctl network members
• Network sync: periodic reconciliation of network memberships, policies, and member tags from registry (5-minute interval with jitter)
• IPv6 fix: resolved long-standing end-to-end failure caused by address family mismatch between IPv6 tunnel sockets and IPv4 LAN addresses
• Security audit fixes: registry auth (H3), replication auth (H4), per-port accept (H12), P2P handshake signing (M12)
• Dashboard enhancements: node graph and trust edge visualization in stats API
• Release checksums: checksums.txt included with SHA256 hashes for all archives

Binaries Included

daemon, pilotctl, gateway, registry, beacon, rendezvous, nameserver, updater

Updater Usage

pilot-updater -install-dir /usr/local/bin

Checks GitHub Releases every hour (configurable with -interval), downloads and applies updates automatically.

Full Changelog: v1.6.2...v1.7.0

What's Changed

• Implement feature agents by @Alexgodoroja in #62
• Feature/service agents by @Alexgodoroja in #63

Full Changelog: v1.6.2...v1.7.0

v1.6.2

Changes

• Network memberships in pilotctl info: pilotctl info now shows joined networks and their addresses in both human-readable and JSON output
• Includes all v1.6.1 fixes: multi-network stream fix, policy runner bootstrap, admin-token CLI paths, data-exchange policy

Full Changelog: v1.6.1...v1.6.2

Full Changelog: v1.6.1...v1.6.2

v1.6.1

Changes

• Multi-network stream fix: SYN-ACK/RST now uses the correct network-specific source address, fixing stream connections on non-primary networks
• Policy runner bootstrap fix: peer tags are now always refreshed from registry on startup, not just for policies with cycle rules
• pilotctl admin-token paths: network join --node-id, member-tags set, and policy set can now operate directly against the registry with admin token (no local daemon required)
• Data-exchange network policy: service-node gated connectivity with text messaging (port 1000) open and file transfer (port 1001) restricted to service-tagged nodes
• Integration test: 6-subtest coverage for policy enforcement
• Website styling updates

Full Changelog: v1.6.0...v1.6.1

Full Changelog: v1.6.0...v1.6.1

v1.6.0

What's Changed

• fix: point website to correct email by @Alexgodoroja in #60
• fix: fix slack invite link by @Alexgodoroja in #61

Full Changelog: v1.5.1...v1.6.0

v1.5.1

What's New

Enterprise Control Plane

The enterprise subsystem is now production-ready with a comprehensive set of features for managing multi-tenant agent networks:

• RBAC — role-based access control with owner, admin, and member roles; promote, demote, kick, and transfer ownership
• Network Policies — per-network port allow-lists with deduplication and fractional port rejection
• Audit Trail — persistent ring-buffer audit log with enriched context (old/new values for mutations), audit export API, and survival across registry restarts
• Identity & SSO — built-in OIDC/JWT validation (RS256 + JWKS caching), external IDP webhook verification, ValidateToken client method
• Directory Sync — external directory integration with webhook-based verification
• Blueprints — blueprint persistence for repeatable network provisioning
• Enterprise CLI — pilotctl commands for provisioning, audit export, IDP configuration, and admin token bypass paths
• Observability — per-network Prometheus metrics (networks, invites, RBAC, policy, keys), enterprise status gauges, webhook dead-letter queue

Security Hardening

• Fix TOCTOU race in invite handlers
• Fix timing attack in join token verification
• Fix enterprise data loss on replication failover
• Fix invite consumed before capacity check
• Block joining backbone network; validate max_members bounds
• Backbone network protection for rename and enterprise operations
• Cap key expiry at 10 years; enforce key expiry on heartbeat
• Revoke outgoing invites on deregister, leave-network, and kick
• Block owner from leaving network; clean RBAC on enterprise disable
• Input validation: self-invite, description/ports limits, transfer zero-ID
• Node ID overflow guard

Registry Improvements

• Admin-token bypass for deregister (enables console node removal)
• Enriched list_nodes with polo_score, tags, and public flag
• Audit logging for re-registration, stale node reaping, polo score operations, and enterprise flag changes
• Created timestamp on list_networks; expose enterprise policy in network listings
• Clean up enterprise state on deregister; clean up invites on delete/leave/kick
• Enriched audit context for stale reap, kick (includes role), tags, task_exec, key expiry, and policy changes
• Tag deduplication and expanded error passthrough

Website & Documentation

• Enterprise documentation section (RBAC, Identity & SSO, Policies, Audit & Compliance, Blueprints)
• Rewritten gateway docs, simplified getting-started guide
• TOC sidebar for documentation pages
• Solutions dropdown in navigation bar
• Dynamic sitemap generation from blog post data
• Blog auto-publish system with CI deploy webhook
• 12 new blog posts covering enterprise features, networking concepts, and protocol architecture

Testing

• 80+ new tests covering enterprise subsystems, security edge cases, and stress scenarios
• Concurrent enterprise operations stress test
• Enterprise state persistence test
• Admin token bypass path verification tests
• Hostname collision, validation, and policy deduplication tests
• Per-network admin token and replication token validation tests

Other

• Support release candidate installs via PILOT_RC=1 environment variable
• Image optimization (ImgBot)
• Expanded CLI usage documentation with Networks and Enterprise Admin sections
• Fix corrupted UTF-8 characters in blog post descriptions

Install / Update

curl -fsSL https://pilotprotocol.network/install.sh | sh

Full Changelog

v1.5.0-rc1...v1.5.1

What's Changed

• docs: update, improve and simplify docs by @Alexgodoroja in #55
• [ImgBot] Optimize images by @imgbot[bot] in #56
• blog: add blog about scriptorium by @Alexgodoroja in #57
• fix: add contact us section by @Alexgodoroja in #59

Full Changelog: v1.4.1...v1.5.1

v1.5.0-rc1

Full Changelog: v1.4.1...v1.5.0-rc1