Releases: BryanFiFife/ShieldedID
v1.5.0 - Production Ready - ISO27001 Compliant
Full Changelog: v1.3.0...v1.5.0
Shielded ID v1.3.0 - Privacy-Preserving Digital Identity Stack
v1.2.0 - Production Ready
Production-ready release with full protocol compliance and zero TypeScript errors
Full Changelog: v1.1.0...v1.2.0
Shielded ID v1.0.0 — Privacy-Preserving Digital Identity Stack
🚀 Shielded ID v1.0.0
This is the first stable public release of Shielded ID, a privacy-preserving digital identity protocol and reference implementation.
Shielded ID enables services to verify user claims (e.g. age thresholds, assurance levels, continuity) without collecting or storing personal data.
🔐 What’s Included
- Protocol specification for minimal-disclosure claim verification
- Wallet PWA for credential storage and proof generation
- Verifier SDK (TypeScript) for backend integration
- Registry server for key status and revocation
- Native Zero-Knowledge agent using Bulletproofs (Ristretto255 + Merlin)
- End-to-end demo and full integration recipes
🧠 Privacy & Cryptography
- No PII stored on servers
- Pairwise identifiers (no cross-service correlation)
- Cryptographic revocation with immediate effect
- Real zero-knowledge range proofs via native ZK agent
- Context-bound proofs (origin, nonce, expiry)
- Replay protection enforced
⚠️ ZK proofs are produced by a native/WASM agent. Browsers orchestrate proof requests but do not perform heavy cryptography directly. This is documented and intentional.
🧪 Testing & Assurance
- Full unit and integration test coverage across core services
- Gated end-to-end ZK verification tests (
ZK_E2E=1) - Negative cryptographic tests:
- tampered proofs
- wrong nonce
- wrong verifier context
- expired proofs
- Golden Path verified:
enroll → store → prove → verify → revoke → fail
📦 License
- Licensed under Apache License 2.0
- Includes NOTICE file with third-party attributions
- No copyleft, suitable for commercial and institutional adoption
🎯 Intended Use
Shielded ID is designed for:
- Age-restricted access
- Assurance-level gating
- Fraud reduction without identity dossiers
- Compliance-friendly architectures (GDPR / data minimization)
It is not a replacement for document verification or identity recovery systems.
🧭 Status
- Protocol: Stable
- Reference implementation: Production-ready
- Zero-knowledge: Implemented via native agent (documented constraints)
- Backwards compatibility: Maintained via signed-predicate fallback
This release establishes a truthful, auditable foundation for privacy-preserving identity systems.
Future releases will expand claim types, improve agent portability, and harden operational tooling.