{
  "version": "https://jsonfeed.org/version/1.1",
  "title": "CloakAPI changelog",
  "home_page_url": "https://cloakapi.io/changelog",
  "feed_url": "https://cloakapi.io/changelog.json",
  "description": "Releases, postmortems, and spec amendments — the full CloakAPI public engineering log.",
  "language": "en",
  "items": [
    {
      "id": "cloakapi-changelog-2026-07-05-chat-front-door",
      "url": "https://cloakapi.io/changelog#2026-07-05",
      "title": "CloakAPI Chat — a private front door you can try without signing up",
      "content_text": "A client-side chat is now the easiest way to try CloakAPI: open it, type, and personal data is tokenised in your browser before anything is sent. Try free with no signup — an anonymous demo pool is available immediately, protected by per-IP and global daily caps so it stays up for everyone. Names, emails, and IDs are tokenised on your device before the request leaves the browser; the gateway is a blind token relay that forwards only those tokens and never sees your data in the clear. Streaming responses, token by token. Register to claim $2 in credit and lift the demo caps.",
      "date_published": "2026-07-05T12:00:00Z",
      "tags": ["Chat", "Gateway", "Release"]
    },
    {
      "id": "cloakapi-changelog-2026-07-05-local-tools",
      "url": "https://cloakapi.io/changelog#2026-07-05-local",
      "title": "Local proxy, browser extension, and Complete-local desktop",
      "content_text": "Three ways to keep tokenisation on your own machine, so only tokens ever leave it. Local proxy (drop-in): point your OpenAI- or Anthropic-compatible SDK at a localhost port and PII is tokenised on your machine by the native Rust engine — only tokens leave. Default port 8799, configurable via CLOAK_PROXY_LISTEN. The proxy ships as a Docker image and a Linux binary on the downloads page; macOS and Windows builds are coming soon via CI. Browser extension: files you attach to claude.ai (pdf / docx / xlsx) are extracted and tokenised entirely in your browser, so the file itself never reaches our gateway — store listings are pending review, sideload builds available now. Desktop app adds a Complete-local mode (the model runs on your own hardware \u2014 your prompt never leaves your machine) alongside Gateway mode; Windows build refreshed, macOS and Linux via CI. The homepage gains a first-class \"Three ways to use CloakAPI\" section: API, Chat (with the desktop app as a power-up), and the browser extension.",
      "date_published": "2026-07-05T11:00:00Z",
      "tags": ["Proxy", "Desktop", "Release"]
    },
    {
      "id": "cloakapi-changelog-2026-07-04-gateway-passthrough",
      "url": "https://cloakapi.io/changelog#2026-07-04",
      "title": "Pre-tokenised passthrough, fail-closed backstop, and wider coverage",
      "content_text": "The gateway now trusts client-tokenised traffic end to end — issuing signed receipts and billing without ever tokenising or storing raw PII itself — while adding a fail-closed backstop for anything that still arrives with personal data in the clear. Pre-tokenised passthrough: traffic already tokenised on your device gets a signed receipt and metered billing, with the gateway relaying only tokens. Fail-closed backstop: if the gateway still detects raw PII in a sensitive category it blocks the request rather than forwarding it, and monitor-alarms the rest — defence in depth. International coverage hardened across roughly 20 markets — national IDs, tax and VAT IDs, IBAN, cards, and phone numbers are tokenised with the correct categories. Honest privacy wording across the site. Fixed: the $2 signup trial credit is now reliably granted on email verification.",
      "date_published": "2026-07-04T12:00:00Z",
      "tags": ["Gateway", "Spec"]
    },
    {
      "id": "cloakapi-changelog-2026-05-04-iter14-sweep",
      "url": "https://cloakapi.io/changelog#2026-05-04",
      "title": "Launch readiness sweep — iter-14",
      "content_text": "Nine-wave audit run on 2026-05-04. Receipt verifier shipped on signedreceipts.org. 4 backend gaps closed (compliance-pack lifecycle, audit-log filter + CSV export, transparency-log toggle + auto-advance, privacy-tier preview/cancel/commit). IP allowlist enforcement on API keys. Sanctum abilities + Spatie permissions on 63 mutation routes. F1–F6 auth flow audit with invite-signup security holes patched. Concurrent dashboard sessions (10-token retention + 30-day stale-prune). SES outbound mail in Stockholm. Stripe live keys + webhook with HMAC verification. Trust portal with CAIQ-lite, SLA, BCP, insurance-status. BAA template + HIPAA primer. Full security doc suite on docs.cloakapi.io/security/threat-model/. OpenReceipt + cloakapi-cli (Apache-2.0). Browser extensions packaged (unsigned, sideload); Linux desktop binary (AppImage + .deb) in progress, targeting iter-15. Mobile-responsive portal shell. 30+ surfaces stripped of fixture data.",
      "date_published": "2026-05-04T12:00:00Z",
      "tags": ["Gateway", "Portal", "Desktop", "Trust", "Spec", "Sweep"]
    },
    {
      "id": "cloakapi-changelog-2026-05-03-iter13-sweep",
      "url": "https://cloakapi.io/changelog#2026-05-03",
      "title": "Pre-launch sweep — iter-13",
      "content_text": "11 role-based test accounts seeded for Wave-5 walkthrough. Admin gate fixed (roles[] array threaded through shapeUser). Login race condition fixed (await invalidateAll before goto).",
      "date_published": "2026-05-03T12:00:00Z",
      "tags": ["Portal", "Sweep"]
    },
    {
      "id": "cloakapi-changelog-2026-05-02-production-deploy",
      "url": "https://cloakapi.io/changelog#2026-05-02",
      "title": "Production deployment — Hetzner CX43, Nuremberg",
      "content_text": "All seven public subdomains deployed to bare-metal in Nuremberg. SES SMTP wired with Stockholm region and DMARC alignment. Cloudflare DNS configured for the full cloakapi.io zone. TLS certs issued via Let's Encrypt.",
      "date_published": "2026-05-02T12:00:00Z",
      "tags": ["Gateway", "Release"]
    },
    {
      "id": "cloakapi-changelog-2026-04-29-dpa-trust",
      "url": "https://cloakapi.io/changelog#2026-04-29",
      "title": "DPA, sub-processor list, and trust portal first cut",
      "content_text": "trust.cloakapi.io ships the full GDPR Article 28 DPA template, a 21-row sub-processor list with change-notification subscription, and the live per-tenant transparency-log toggle.",
      "date_published": "2026-04-29T12:00:00Z",
      "tags": ["Trust", "Release"]
    },
    {
      "id": "cloakapi-changelog-2026-04-25-onboarding-privacy",
      "url": "https://cloakapi.io/changelog#2026-04-25",
      "title": "Onboarding wizard + privacy posture model",
      "content_text": "Six-step onboarding wizard with provider validation and API-key generation. Privacy posture model (Max / Balanced / Continuity / No Tokenization) lands as the first configurable privacy tier in the portal.",
      "date_published": "2026-04-25T12:00:00Z",
      "tags": ["Portal", "Release"]
    }
  ]
}
