Changelog
Unreleased
1.0.0-rc.4 - 2026-06-27
- Split the congested admin dashboard into mobile-friendly Overview, Users, Login History, and Readiness pages with shared tab navigation and direct sidebar links.
- Added trusted-proxy client IP resolution so new login records use Caddy's forwarded viewer address instead of the API container address.
- Added session last-activity tracking, 60-minute idle expiration, 12-hour absolute expiration, automatic stale-session closure, accurate active-session counts, and filtered session-history APIs.
- Improved Login History with active/all/closed views, search, current session counts, distinct IP counts, closure reasons, friendly browser/device labels, and superadmin force-logout controls.
- Fixed restored or expired browser sessions falsely rendering empty admin, audit, and document views by validating the stored token at the application shell and redirecting unauthorized users to sign in again.
- Added a destructive-test database guard that refuses to run API tests against non-test PostgreSQL databases, plus a documented isolated SQLite Docker test command.
- Corrected full database restore to reset the PostgreSQL
publicschema before loading a snapshot, allowing older valid backups to restore across newer foreign-key migrations. - Added an admin/superadmin Relayer page with live ClearCoin REST, RPC, and gRPC probes, Oracle readiness blockers, worker controls, delivery queue inspection, retry actions, runtime counters, and event history.
- Replaced the relayer health stub with a production-oriented queue worker supporting atomic claims, deterministic payload hashes, bounded retries, stale-claim recovery, pause/resume/run-once controls, external signer integration, Cosmos TxService broadcast, and RPC confirmation.
- Added service-token authentication between CAP and the relayer, durable per-report relay state, audit events, compatibility migrations, protected operator APIs, and OpenAPI coverage.
- Added safe prepare and broadcast modes so the relayer remains non-broadcasting until the deployed Oracle protobuf message and external signer are explicitly configured.
- Expanded relayer documentation with public ClearCoin endpoint use, queue semantics, signer contract, failure handling, key boundaries, emergency disablement, and a controlled Oracle commissioning procedure.
- Added a complete superadmin MinIO backup and restore section to the Platform Backups page, with separate inventories, timestamped ZIP archives, bucket/object counts, authenticated downloads, and exact-filename restore confirmation.
- Added portable MinIO manifests that preserve all accessible current buckets, object names, bytes, content types, and user metadata, with per-object SHA-256 integrity verification before restore.
- Added pre-restore MinIO safety archives, full bucket/object replacement, automatic recovery after failed restores, and audit events for MinIO backup creation, download, and restoration.
- Corrected database restore sequencing so compatibility migrations run after the selected PostgreSQL snapshot is restored.
1.0.0-rc.3 - 2026-06-27
- Added a superadmin-only database Backup page for creating, listing, downloading, and restoring timestamped PostgreSQL custom-format backups.
- Added persistent host-mounted
backups/storage for local Docker Compose and VPS2 deployments, with Git exclusions for sensitive dump files. - Added pre-restore safety snapshots, exact-filename confirmation, active connection termination, automatic recovery after failed restores, and post-restore schema compatibility checks.
- Added audit events and OpenAPI endpoints for database backup creation, download, and restoration.
- Added a database backup and restore guide covering contents, limitations, retention, MinIO separation, VPS2 transfer, and disaster-recovery verification.
- Added an authenticated document library where auditors, admins, and superadmins can open PDFs in the browser, download files, and explicitly refresh the register.
- Added superadmin-controlled guest document access at both the user-account and individual-document levels.
- Added document lifecycle controls: admins and superadmins can soft delete, while only superadmins can restore or permanently delete a previously soft-deleted file.
- Added audit events for document viewing, downloading, guest visibility changes, soft deletion, restoration, and permanent deletion.
- Prevented soft-deleted documents from being newly attached to reports and documented the document-access and deletion authority model.
- Restyled the CAP stakeholder presentation with an executive navy, cool-gray, and ClearCoin mint business theme, portable Aptos typography, improved content hierarchy, and rebuilt light-mode product screenshot slides.
- Added a downloadable 13-slide CAP stakeholder PowerPoint covering platform purpose, user roles, attestation workflow, evidence integrity, product screenshots, architecture, security controls, current limitations, roadmap, and stakeholder decisions.
- Added public stakeholder-presentation download links to the home page, Help Center, and Resource Library for desktop and mobile visitors.
- Added an extensive public Help Center for non-technical auditors, administrators, management, guests, and general users, with role boundaries, complete workflows, platform component explanations, report statuses, safety guidance, and troubleshooting.
- Added Help Center links to the desktop and mobile navigation, top bar, home page, and sign-in page.
- Fixed the document upload success path so the form resets without dereferencing React's cleared submit event after an asynchronous upload.
- Expanded the relayer architecture documentation with a detailed explanation of relayer responsibilities, current dry-run behavior, future Oracle broadcast flow, CAP/API integration, ClearCoin connectivity, key management, failure handling, idempotency, observability, and production readiness requirements.
- Updated application, API, portal package, Docker Compose, deployment, test, and documentation version metadata for
1.0.0-rc.3. - Added an
ENABLE_VPS2_DEPLOYrepository-variable gate so release tags do not deploy to VPS2 until automatic deployment is explicitly enabled.
1.0.0-rc.2
- Added visible resource-library links in the top bar, home page, and login page so the online documentation hub is discoverable before and after sign-in.
- Moved the user manual into
docs/User's Manual.mdand refreshed the in-app resource library so the manual is read online with the other documentation. - Added an in-app resource library at
/resourcesthat bundles and displays every repository Markdown guide for online access from the portal. - Added a novice junior developer guide defining Git, GitHub, GitHub Actions, workflows, commits, pushes, tags, pull requests, secrets, CI failures, and the CAP daily development and deployment routine.
- Expanded VPS2 CI/CD documentation into a beginner tutorial covering GitHub Actions, repository secrets, SSH keys, Tailscale-based VPS2 access as
john@clearcoin-vps2, Docker group setup forjohn, optional deploy-user setup, VPS2 bootstrap, first and subsequent deployment behavior, container inventory, Portainer usage, Caddy topology, deployment tags, verification, rollback, and troubleshooting. - Added optional Tailscale OAuth login to the VPS2 deployment workflow so GitHub-hosted runners can deploy to a Tailscale-only VPS2 when
TS_OAUTH_CLIENT_IDandTS_OAUTH_SECRETare configured.
1.0.0-rc.1
- Added GitHub Actions CI for API tests, OpenAPI drift checks, time-service tests, relayer tests, and Docker image builds.
- Added GitHub Actions VPS2 deployment workflow that publishes API, portal, time-service, and relayer images to GHCR and deploys them over SSH to Docker on VPS2.
- Added
docker-compose.vps2.yml,scripts/deploy-vps2.sh, and VPS2 CI/CD documentation with secrets, bootstrap, verification, rollback, and backup expectations. - Added report management approval workflow with required approve/reject reasons and approval-gated submission.
- Added evidence lifecycle hardening: validation freezes report evidence and locks attached documents, and frozen reports reject additional evidence attachments.
- Added admin-gated audit log listing and CSV/JSON export endpoints, and replaced the static audit page with a live export-capable view.
- Added relayer status proxy at
GET /api/chain/relayer-statusfor operator checks without direct browser access to the relayer container. - Updated OpenAPI, endpoint docs, user manual, deployment docs, readiness docs,
VERSION, package metadata, and environment examples for1.0.0-rc.1.
0.7.0
- Added protected admin release-readiness API with platform checks for version, chain ID, superadmin seed accounts, auditor availability, storage configuration, platform time, and audit trail activity.
- Added an admin dashboard readiness panel with version, operational counts, generated timestamp, and pass/warn/fail check details.
- Centralized the API version in settings so OpenAPI metadata and runtime configuration stay aligned.
- Added release-candidate readiness documentation with the remaining pre-RC workstreams and
1.0.0-rc.1gate. - Added API tests for readiness RBAC and OpenAPI version alignment.
- Upgraded Next.js and Next.js ESLint tooling from
14.2.30to14.2.35to stay on the patched Next 14 line before release-candidate testing.
0.6.0
- Added authenticated document permissions: guests can view evidence, but cannot upload or hash documents.
- Changed document uploads to bind to the current signed-in user and reject duplicate PDFs by SHA-256 hash.
- Added report evidence attachment API and UI so uploaded PDF hashes can be bound to real reports.
- Replaced static report list/detail pages with live authenticated report views.
- Added report workflow actions for validate, submit to queue, and management reject with visible validation errors.
- Added audit events for report evidence attachment, report actions, user CRUD, soft delete, and forced logout.
- Improved mobile table behavior for reports and report evidence by using stable widths and horizontal scrolling.
0.5.0
- Fixed mobile login and admin fetch failures by routing browser API calls through same-origin
/apipaths. - Added a Next.js API rewrite so direct portal access can proxy API requests without relying on device-local
localhost. - Reworked document upload into a client-side PDF upload workflow with visible success/error feedback.
- Added an evidence register that refreshes after upload and displays document size, SHA-256 hash, upload time, and lock state.
- Updated report creation to submit through same-origin API routing.
0.4.0
- Added named superadmin seed accounts for Darrell Choates and John McClenon, Jr. with password-backed authentication.
- Added
guestrole for investors and prospective auditors without auditor permissions. - Added login session tracking with login time, logout time, session duration, IP address, and browser user-agent details.
- Added superadmin forced logout controls for individual sessions and all active sessions for a user.
- Added soft-delete behavior for user deletion and blocked deletion of superadmin accounts.
- Expanded admin dashboard with guest CRUD, password reset, soft delete, forced logout, and login history views.
0.3.0
- Added role-based authentication for auditor, admin, and superadmin development accounts.
- Added auditor and admin dashboards with role-aware navigation and superadmin user CRUD.
- Fixed portal sign-in/sign-out behavior with stored sessions and role-based dashboard routing.
- Added mobile hamburger navigation, header version display, and footer version/developer attribution.
- Added active/inactive user enforcement and startup compatibility migration for existing local databases.
- Updated OpenAPI coverage and tests for RBAC and admin user management.
0.2.0
- Changed ClearCoin chain ID configuration from
clearcoin-maintoclearcoinacross API defaults, relayer defaults, environment examples, documentation, and portal UI. - Added a dedicated CAP Platform Time Service as the authoritative platform date and time source.
- Added API proxy endpoint
GET /api/platform-time/currentbacked by the time service. - Added local time-service port
39226, Docker health checks, environment settings, OpenAPI updates, and tests. - Added
User's Manual.mdwith end-to-end guidance for auditors and ClearCoin management.
0.1.1
- Added a committed OpenAPI specification at
docs/openapi.json. - Added Docker Compose Swagger UI service on port
39225for API inspection. - Documented OpenAPI and Swagger URLs in README and API endpoint docs.
- Added Swagger UI origin to API CORS configuration for local development.
0.1.0
- Initial CAP MVP scaffold with Docker Compose, Next.js portal, FastAPI API, Go relayer, PostgreSQL, Redis, MinIO, and Caddy.
- Added auditor report lifecycle, PDF upload hashing, audit logs, health checks, documentation, and tests.