v1.4.2

What's Changed

• Better error handling for undecryptable key requests by @corrideat in #65

Full Changelog: v1.4.1...v1.4.2

v1.4.1

What's Changed

• Fix memory leak in serdes (bump to 1.0.1)
• Fix review re-run suggestion to echo the original command by @taoeffect in #57

Full Changelog: v1.4.0...v1.4.1

v1.4.0

What's Changed

• Key rotation improvements by @corrideat in #33
• Update error message by @corrideat in #37
• Add tests for permission escalation by @corrideat in #43
• automated pr review by @taoeffect in #49

AI Summary

🔐 Key Management & Security (Shelter Protocol)

Significant internal improvements to how end-to-end encryption keys are requested, shared, and rotated.

• Key Rotation Improvements: Refactored key revocation and rotation logic with the new deleteKeyHelper and updateKey utilities to handle out-of-order processing and foreign key synchronization.
• Key Request V2: Introduced a V2 format for OP_KEY_REQUEST and OP_KEY_REQUEST_SEEN. This includes an unencrypted outer layer for accounting and an encrypted inner layer for security.
• Invite Accounting: Added skipInviteAccounting flag to key operations, allowing for specific key requests that do not consume limited-use invite tokens.
• Permission Escalation Protection: Added explicit tests and validation logic to prevent a signing key from creating or updating a key with higher permissions than itself.
• Secret Storage: Root state now explicitly tracks secretKeys in a dedicated record, improving how serialized secret keys are managed.

🛠 Core Library & Internal Logic

• New Lifecycle Helper: Added chelonia/contract/withRetained, a high-level selector that automatically handles contract retain and release (lifecycle management) around a callback function.
• Message Metadata: Introduced a saveMessageMetadata configuration option, primarily for server-side use, to store receipt dates and other per-message info.
• Post-Operation Hooks: Implemented _postOpHook support, allowing contracts to trigger logic after specific operations (including individual operations within an OP_ATOMIC batch).
• Improved Error Messaging: Standardized error formats for "Forked Chain" and "Unexpected Data" errors to include the relevant contractID.

📖 Developer Experience

• AI Agent Guide: Added AGENTS.md, a comprehensive technical guide designed to help AI coding assistants (like Claude, GPT, or Devin) understand the architecture, SBP selectors, and coding conventions of the library.
• Build System: Improved the build workflow to ignore test files in the dist directory and updated .gitignore to exclude test artifacts from build outputs.
• Testing: Expanded test coverage for utility functions and permission validation.

New Contributors

• @taoeffect made their first contribution (to this repo - much of this code was copied/moved from @taoeffect's work in group-income) in #49
• @devin-ai-integration[bot] made their first contribution in #52

Full Changelog: v1.3.0...v1.4.0

v1.3.0

What's Changed

• Add operation hook by @corrideat in #31

Full Changelog: v1.2.9...v1.3.0

v1.2.9

What's Changed

• Re-attempt pub and sub operations by @corrideat in #28

Full Changelog: v1.2.8...v1.2.9

v1.2.8

What's Changed

• Add iterKeys and keyCount selectors by @corrideat in #24

Full Changelog: v1.2.7...v1.2.8

v1.2.7

What's Changed

• Update turtledash by @corrideat in #20

Full Changelog: v1.2.6...v1.2.7

v1.2.6

What's Changed

• Whitespace by @corrideat in #16
• deserializedHEAD API by @corrideat in #18

Full Changelog: v1.2.5...v1.2.6

v1.2.5

What's Changed

• Fixes an issue when attempting to decrypt OP_KEY_UPDATE updates that don't contain a meta field by @corrideat in #13

Full Changelog: v1.2.4...v1.2.5

v1.2.4

What's Changed

• Add disableAutoDedup + fix error types by @corrideat in #11

Full Changelog: v1.2.3...v1.2.4