AgentWallet ·

Changelog

Every AgentWallet release, dated and tagged. New payout rails, MCP tools, AP2 mandate types, policy primitives, SDK changes — written by the engineers who shipped them. We ship roughly weekly; breaking changes are versioned and announced one minor ahead. Below is the public-facing changelog; deeper engineering notes (migration scripts, deprecation timelines, internal-only changes) live in the dashboard for authenticated customers.

  • v0.6.1 (May 2026) — Per-route SEO recovery: pre-rendered HTML now serves 46 unique routes with per-page title, h1, meta and JSON-LD; SPA fallback narrowed to /app, /invite and auth aliases; legacy /agentwallet-ai/* 301s confirmed live.
  • v0.6.0 (Apr 2026) — All 17 payout rails wired through one dispatcher (RAIL_REGISTRY in lib/payouts.ts) — ACH, FedNow, Wire, SEPA, SEPA Instant, Faster Payments, Pix, UPI, IMPS, Interac, BECS, PromptPay, push-to-card, reloadable-card and 3 more, every rail schema-driven via /capabilities/{schema,quote}.
  • v0.5.9 (Apr 2026) — Inbound and outbound Payouts.com webhooks: shared HMAC verifier (sha256= and Stripe-style schemes, fail-closed); reverse spend on failed/returned/refunded; payout.submitted|completed|failed|returned|cancelled fan-out to operator endpoints.
  • v0.5.8 (Apr 2026) — Two-step confirm for payouts ≥ $10,000: first call returns {step:"confirm", confirmationToken}, second call must echo the same idempotencyKey + token (HMAC-bound to amount/cap/currency).
  • v0.5.7 (Mar 2026) — Live schema/quote panel in SendPayoutDialog: per-field inputs rendered from providerDerivedSchema (regex/enum/conditional); debounced quote shows fee/FX/recipient-receives/total-debit before submit.
  • v0.5.6 (Mar 2026) — Eager policy cascade: PATCH /principals/:id now locks all child agents FOR UPDATE in the same tx and re-clamps each via clampAgentParamsToPrincipal, so a principal-tighten takes effect immediately on every running agent (not on next individual write).
  • v0.5.5 (Feb 2026) — Per-agent AgentMail inbox auto-provisioned on POST /principals/:id/agents (best-effort, doesn't fail agent create). Inbox tab in the dashboard shows threads, message reader, Compose dialog and a copy-to-clipboard pill for the agent's address.
  • v0.5.4 (Feb 2026) — Outbound webhook signing: X-Payouts-Signature: t=…,v1=hex over the JSON body keyed by per-endpoint secret. In-process worker (5s tick) leases pending/failed deliveries, exponential backoff (30s → 1h cap), dead-letter after 8 attempts.
  • v0.5.3 (Jan 2026) — 4-layer policy cascade hardened: Account ⊇ Principal ⊇ Agent enforced server-side on every write. clampPrincipalToolsToApproved runs on every POST/PATCH /principals (silent intersect, matches existing agent-clamp UX). New GET /accounts/mine/capabilities for the Owner UI.
  • v0.5.2 (Jan 2026) — TOTP MFA shipped: /auth/login and /auth/finalize-signup return discriminated union {step:"ok"|"mfa"|"mfa-enroll"}. Enroll via /mfa/associate, verify via /auth/mfa-verify exchanging mfa_token + otp for a real token set. mfa_token lives in the session row, never in the browser.
  • v0.5.1 (Dec 2025) — Comms protocols: shared HMAC verifier lib/webhook-verify.ts (timestamp Stripe-style and sha256=hex body schemes, both fail-closed). Browser-toolset wiring (agent.inbox.threads / .thread / agent.sms.messages) for MCP/A2A scraping of OTP emails + SMS codes during checkout flows.
  • v0.5.0 (Dec 2025) — Auth0 + Payouts.com single-email signup: SPA collects 7 KYB fields + Cloudflare Turnstile → /auth/signup creates Auth0 user → branded HTML email via SendGrid → user clicks → /api/auth/activate PATCHes Auth0 email_verified=true → /finalize-signup calls Payouts /v1/auth/register → password-grants Auth0 → MFA → /app. Only one verification email is ever sent.
  • v0.4.x (Q4 2025) — Account+Member writes race-safe via ON CONFLICT on (auth_user_id). RFC 7807 problem+json errors site-wide. Session fixation defence: req.session.regenerate() on every login/finalize. Header-based CSRF (x-requested-with: aw-spa) with no token to manage.
  • v0.3.x (Q3 2025) — AES-256-GCM-encrypted pending password stashed in the session row between signup and finalize-signup. Auth0 id_token validated via JWKS (jose) — claims read directly, no AUTH0_API_AUDIENCE required.
  • v0.2.x (Q3 2025) — pnpm workspaces, Node.js 24, TypeScript 5.9, Express 5, Postgres + Drizzle ORM, Zod (zod/v4) + drizzle-zod, Orval codegen from OpenAPI spec, esbuild CJS bundle.
  • v0.1.x (Q2 2025) — Initial public marketing site, single React + Vite SPA, Anthropic-style design (cream + terracotta + Fraunces serif), 17 marketing pages prerendered for SEO.

Frequently asked questions

How often does AgentWallet ship?
Roughly weekly. Patch and minor releases (v0.6.x) ship as they land; breaking changes are versioned and announced at least one minor release ahead with a published deprecation timeline. Every customer-visible change appears in this changelog on the day it goes live.
Does AgentWallet follow semantic versioning?
Yes. We're pre-1.0 so the second digit (currently 0.6.x) signals breaking surface-area changes; the third digit signals additive features and bug fixes. We will hit 1.0 once the v1.x policy gate, ledger and rail surface are frozen — currently scheduled for the second half of 2026.
Where do I see deprecations?
Deprecations appear in this changelog the day they're announced, in a dedicated section of the developer docs, and as a Deprecation HTTP response header on the deprecated endpoint. We keep deprecated endpoints live for at least one full minor release (typically 90+ days) before removal.
Can I subscribe to changelog updates?
Yes — three options. (1) Subscribe to the changelog.published webhook event from any registered webhook endpoint. (2) Opt into the monthly digest email to the account owner. (3) The dashboard surfaces unread entries in the bell-icon dropdown on every login. An RSS feed is on the roadmap.
What's on the near-term roadmap?
Scoped, not promised. In flight: members + invitations + RBAC on the Company tier, the event-sourced ledger runtime spend gate (auth → policy → velocity → balance → JIT-resource-create OR Approval → reserve → rail → commit), split approval kinds (capability grants vs allocation top-ups as distinct queues), Payouts.com KYB completion flow inside the SPA, on-chain agent identity registration on Base Sepolia, and the per-agent MCP server rollout. Planned next: deepening rail coverage (additional country corridors and currencies on the routing layer), broader webhook event types across the agent lifecycle, and expanded conformance coverage for the AP2 mandate chain. We publish completed work in this changelog as it ships, not before — anything not listed in the changelog is still in development.
What's explicitly NOT on the roadmap?
Three things we've considered, decided no, and the docs are honest about. (1) A B2C consumer wallet — AgentWallet is for autonomous software acting under a business Principal, not for end-users holding a balance app on their phone. (2) A merchant-acquiring product — we issue cards and move money out; we do not compete with Stripe / Adyen on accepting cards from cardholders. (3) A non-Postgres database tier — one ledger, one source of truth, one ACID boundary; we will not split the runtime across Postgres + a NoSQL store. Q4 2026 exploratory items (Solana USDC rail, agent-to-agent streaming, JS-evaluated programmable spend rules, native browser MCP, agent reputation system) are explicitly tagged as 'investigating, not committing.'
How do I read a version tag in this changelog?
v0.MAJOR.PATCH. The middle digit (currently 6) signals a breaking surface-area change — new required field, removed endpoint, changed response shape. The trailing digit is additive features and bug fixes only, never breaking. We will hit 1.0 once the v1.x policy gate, ledger schema and rail surface are frozen — currently scheduled for the second half of 2026. Until 1.0, deprecations always ship with a Deprecation HTTP response header, a dedicated docs entry and at least one full minor release (90+ days typical) of overlap before removal.