Skip to main content

Changelog

All notable changes to QuantumLock™.

[2.0.0] - 2025-12-30

🚀 Major Release: Post-Quantum Security

This release introduces post-quantum cryptography and a completely redesigned license artifact format.

Added

Post-Quantum Cryptography

  • ML-DSA-65 signatures (FIPS 204) for quantum-resistant security
  • Hybrid signing with RSA-PSS + ML-DSA dual signatures
  • Key registry with rotation and status management
  • Support for ML-DSA-44, ML-DSA-65, and ML-DSA-87 security levels

License Artifacts v1

  • JWT-like structure with header, payload, and signatures
  • Entitlement system with feature, quantity, quota, tier, and module types
  • Device binding with hardware fingerprint verification
  • Grace periods for subscription renewals
  • Metadata support for custom fields
  • Compact format for efficient storage and transmission

Revocation System

  • Epoch-based revocation with cryptographic proofs
  • Anti-rollback protection using OS secure storage
  • StatusProof for offline validation
  • Delta sync for efficient revocation updates

API v2

  • POST /api/v1/v2/artifacts - Create licenses
  • GET /api/v1/v2/artifacts/{id} - Get license
  • POST /api/v1/v2/validate - Validate licenses
  • POST /api/v1/v2/revoke - Revoke licenses
  • GET /api/v1/v2/revocation - Get revocation set
  • POST /api/v1/v2/status-proof - Get offline proof
  • GET /api/v1/v2/keys - Get public keys

Changed

  • Minimum Python version now 3.9+
  • API key format changed to ql_ prefix
  • Default signature algorithm now includes PQC

Deprecated

  • API v1 endpoints (will be removed in v3.0)
  • Simple license key format

Security

  • All licenses now include post-quantum signatures by default
  • Revocation epoch stored in OS secure storage
  • Hardware binding uses salted SHA-256

[1.5.0] - 2025-09-15

Added

  • Grace period support for subscriptions
  • Bulk license generation API
  • License usage analytics

Fixed

  • Rate limiting edge cases
  • Timezone handling in expiration

[1.4.0] - 2025-06-01

Added

  • Hardware fingerprint binding
  • License transfer API
  • Webhook notifications

Changed

  • Improved validation performance
  • Updated cryptography library

[1.3.0] - 2025-03-01

Added

  • Multi-feature license support
  • Customer metadata fields
  • Audit logging

Fixed

  • Memory leak in long-running processes
  • Unicode handling in customer names

[1.2.0] - 2024-12-01

Added

  • CLI tool for administrators
  • Batch validation endpoint
  • License export/import

[1.1.0] - 2024-09-01

Added

  • Python SDK
  • Offline validation (basic)
  • Dashboard analytics

[1.0.0] - 2024-06-01

Added

  • Initial release
  • REST API for license generation
  • Basic validation
  • Customer portal

Versioning

We follow Semantic Versioning:

  • MAJOR: Breaking changes
  • MINOR: New features (backwards compatible)
  • PATCH: Bug fixes (backwards compatible)

Upgrade Guide

See Upgrade Guide for migration instructions between versions.