v0.7.24 — roster key registry (EA5)

Verify attestations/grants relayed from peers never directly handshook. RosterKeyRegistry pins nodeId→key by source precedence (anchor > handshake > grant-vouched); keys ride the rooted grant chain (granteeKey), the relayer never vouches, unrooted grants vouch for nothing. 9 tests; suite 253/253.

v0.7.23 — earned authority (role-grant chain + §6.5 enforcement)

A node's validator/anchor role is now earned via signed, anchor-rooted grants, not self-asserted. Attestations stamp the resolved role; validateCMB/canonizeCMB gated on resolved rank. Dormant until an anchor is pinned (SYM_FOUNDER_ANCHOR). 17 tests; suite 244/244.

v0.7.22 — durable attestation audit trail (survives restart)

The Admission Attestation trail (attestations + Merkle checkpoints + witness countersignatures) now persists append-only on disk and reloads on startup, so it survives a node restart; the per-attester chain cursor is restored so seq/prev keep linking across the boundary. Guarantee: tamper-evident + omission-evident to the last witnessed checkpoint, and durable across restarts. Core unchanged. Suite 227/227.

v0.7.21 — attestation gossip + omission-evidence (D1-D3)

D1 index + every-gate-attested + local omission-detection; D2 roster gossip (verify end-to-end, rate-limit, relay-once); D3 Merkle checkpoints + roster witnessing + reconcileChain. Guarantee: tamper-evident + omission-evident to the last witnessed checkpoint. Requires @sym-bot/core ^0.3.43. Suite 223/223.

v0.7.20 — Admission Attestations persisted on the gated remix (Phase C)

Requires @sym-bot/core ^0.3.42.

On SVAF admit, the node signs an Admission Attestation and attaches it to the stored remix (cmb.admission): { of, by, at, roster, method, verdict, fields, role, seq, prev }, signed with the node's Ed25519 identity key. of binds the original gated CMB key; per-field fields come from the gate verdict (heuristic) or field_drifts mapped through computeFieldVerdicts (neural). A per-attester hash-chain (seq/prev) makes a dropped attestation a detectable gap. role is the node's claimed role — consumers verify it against the rooted role-grant chain. CMB-envelope sibling, so cmbKey and existing signatures are untouched.

Reject/redundant attestation, the queryable index, and mesh-wide gossip are the next phase. Suite 210/210.

v0.7.19 — opaque payload survives the SVAF-admit remix path

Completes the cross-device payload fix begun in 0.7.18 (inbox pull path only).

Fixed: a directed CMB's opaque payload (the substrate-level data riding alongside CAT7 — e.g. the LLM request/response primitive) was dropped whenever the receiver SVAF-admitted it: the fused remix is rebuilt from CAT7 fields and the heuristic fusion returns a fresh cmb with no payload. The same CMB rejected-but-directed surfaced the raw message and kept its payload — so payload delivery silently depended on the receiver's per-node SVAF drift. That was the root of the cross-device "payload arrives on some peers, not others" asymmetry (admit drops it; reject keeps it) — not an OS or transport difference.

_preserveIncomingPayload re-attaches the incoming payload onto the fused remix on both the neural and heuristic store paths. Payload rides alongside CAT7 and is never part of the cmbKey hash, so an admitted llm-request/llm-response remix correctly carries its substrate data.

Regression-tested: tests/frame-handler-payload.test.js (unit) + tests/integration/e2e-payload-receive.js (two-node e2e). Full suite 206/206.

v0.7.18 — inbox payload fix

Fixed

• Inbox pull path preserves the opaque payload. A CMB's payload is a sibling of cmb.fields, but _pushInbox copied only fields — so any CMB pulled via node.inbox() (the sym_receive / sym_fetch path) silently lost its payload, while the channel-push path (reading entry.cmb.payload) kept it. Structured agent-to-agent data now survives cross-device directed delivery on both paths. Regression-tested in tests/inbox.test.js.

v0.7.11 — node.inbox() (SDK send+pull)

Adds node.inbox({peek,limit}) / node.inboxGet(id) — the pull-based receive counterpart to remember() (send). The node buffers every delivered CMB so any consumer pulls received CMBs without subscribing to events; the SDK is now sufficient for send and pull standalone (used by the MCP wrapper, sym-swift, headless scripts). FIFO drain with a cursor (no skip past limit), non-destructive peek. +4 tests.

v0.7.10 — signed CMBs (authenticity + integrity)

Every CMB is now Ed25519-signed by its author. Receivers verify the signature against the sending peer's handshake-announced identity key and that the content-address key still matches the fields — a forged, tampered, or content-swapped CMB is rejected before it can surface or be stored (audit-metered cmb-signature-rejected). Unsigned CMBs pass for interop unless SYM_REQUIRE_SIGNED_CMB (strict mode). Cryptographic layer above transport identity + SVAF. New: signCMB/verifyCMB in @sym-bot/core ^0.3.38. +6 tests; 182 pass. Also fixes two latent svaf-heuristic cold-start bugs (crash on fresh-memory receive; temporal-drift bypass).

v0.7.9 — ingestion flag on surfaced CMBs

Surfaced CMBs now declare whether the receiver ingested the CMB (remixed into memory with lineage → remixed: true) or only delivered it (surfaced but not stored → remixed: false, the directed-but-SVAF-rejected case), alongside the SVAF decision. Consumers check remixed to tell a recallable directed request from a transient one (MMP §9.2.2). Four committed test cases in tests/inbound-cmb-surfacing.test.js; 176 tests pass.