Skip to content

feat: v0.12.0 — Post-quantum crypto + government hardening#11

Merged
bradleygauthier merged 1 commit intomainfrom
feat/v0.12.0-government-grade
Apr 7, 2026
Merged

feat: v0.12.0 — Post-quantum crypto + government hardening#11
bradleygauthier merged 1 commit intomainfrom
feat/v0.12.0-government-grade

Conversation

@bradleygauthier
Copy link
Copy Markdown
Contributor

@bradleygauthier bradleygauthier commented Apr 7, 2026

ML-KEM-768 (FIPS 203), ML-DSA-65 (FIPS 204), HybridEncryptor, input bounds, plugin hash verification, tenant-locked vault.

@bradleygauthier
feat: v0.12.0 — post-quantum crypto, input hardening, plugin security
4a18f9b 
DELIVERED (not removed):
- ML-KEM-768 key encapsulation (FIPS 203) via liboqs-python
- ML-DSA-65 digital signatures (FIPS 204) via liboqs-python
- HybridEncryptor: ML-KEM-768 + AES-256-GCM combined
- [pq] installation extra

HARDENED:
- SearchRequest validators (top_k max 1000, threshold 0-1, query max 10K)
- Batch endpoint limited to 100 items
- Plugin hash verification via manifest.json + SHA3-256
- Tenant-locked vault mode (tenant_id in constructor)

518 tests. Lint clean. Build verified.
@bradleygauthier bradleygauthier merged commit 44375f8 into main Apr 7, 2026
@bradleygauthier bradleygauthier deleted the feat/v0.12.0-government-grade branch April 7, 2026 01:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bradleygauthier