Changelog · ZKAuth Docs

Changelog

What is new across the ZKAuth engine and client. Every entry is drawn from the real project history, newest first.

2026-06-17zkauth-client v1.4.16Latest

Developer handoff and hosted flow polish

AddedAdded a safe AI handoff brief and public /llms.txt so developers can give Cursor, Claude, ChatGPT, Perplexity, Grok, Zed, or another coding tool the project context without exposing secrets.

ImprovedPublished zkauth-client v1.4.16 and aligned the developer docs with the hosted engine flow: project setup, callback redirects, email verification, new-device approval, password reset, usage, logs, and webhooks.

SecurityRe-ran the engine security suite covering replay freshness, tenant binding, OPAQUE, WebAuthn, recovery-code hardening, API-key validation, and sensitive logging.

SecurityRefreshed dashboard and engine dependency lockfiles and reviewed the current dependency audit results.

2026-04-30zkauth-client v1.4.13

Client release

ImprovedStabilized the SDK integration suite across the hosted register and login paths.

ImprovedCircuit pre-loading in the browser for faster first proof.

2026-04-29Hosted platform

Verification milestone

ImprovedFull hosted verification suite passing across ZK login, OPAQUE, WebAuthn, teams, and webhooks.

FixedLogin benchmark stabilized across repeated local runs.

2026-04-27Operations

Release hardening

FixedTightened the deployment process to an authorized release author.

2026-02-20Engine

Runtime reliability

FixedResolved serverless cold-start startup issues.

ImprovedPinned the Node 20 runtime for consistent ZKP verifier initialization.

2026 (early)ZKAuth-H research upgrade

Hybrid authentication

AddedOPAQUE (PAKE) credential persistence and single-use login sessions.

AddedWebAuthn passkey persistence with single-use challenges.

ImprovedPer-tenant email uniqueness for clean multi-tenant isolation.

RemovedKnowledge-based (cognitive question) recovery, and unused legacy tables.

2025-12-06Developer platform

Usage visibility

AddedPer-project API usage logging and per-client usage tracking.

2025-12-05Engine

Performance & email

ImprovedTuned Argon2id parameters for faster login without changing the password-verification model.

AddedEmail verification redirect flow with asynchronous delivery.

ImprovedMulti-tenant email handling and verification.

2025-12-04Security

Stronger hashing

SecurityMigrated password key derivation from PBKDF2 to Argon2id.

2025-12-02Launch

ZKAuth engine

AddedTenant-bound Groth16 zero-knowledge authentication with replay protection.

AddedMulti-tenant client isolation and live/test API keys, deployed on Vercel.