1.3.1rc1

ACA-Py 1.3.1 is a maintenance release that focuses on improving reliability, developer experience, and project documentation. It includes important fixes, updated links and metadata, and minor enhancements, particularly in support of long-term stability and governance clarity.

This release includes:

• Extensive updates to outdated or redirected links in documentation and code comments, moving references from Hyperledger to the OpenWallet Foundation and other current locations.
• Expanded options for running the ACA-Py demo, with support added for Microsoft Dev Tunnels and improved out-of-band connection flows.
• Updates to project governance documentation, including the Code of Conduct, Security Policy, and Maintainers Guide, aligned with the OpenWallet Foundation processes.
• Logging improvements for better observability, especially around public DID handling, routing keys, and outbound websocket messages.
• Demo enhancements, including migration to prompt_toolkit 3.x and fixes to markdown and code formatting issues.
• A fix ensuring webhook events for V2 credential and presentation exchange are correctly emitted after database persistence, preventing race conditions.
• Minor bug fixes and test coverage improvements, including regression test additions and index error handling.

This release also prepares for future long-term support (LTS) work, with internal updates to Docker tags, versioning, and CI metadata. No breaking changes are introduced. As always, routine Dependabot updates were also included to keep dependencies current and secure.

1.3.1 Deprecation Notices

In the next ACA-Py release, we will be dropping from the core ACA-Py repository the AIP 1.0 RFC 0037 Issue Credentials v1.0 and RFC 0037 Present Proof v1.0 DIDComm protocols. Each of the protocols will be moved to the ACA-Py Plugins repo. All ACA-Py implementers that use those protocols SHOULD update as soon as possible to the AIP 2.0 versions of those protocols (RFC 0453 Issue Credential v2.0 and RFC 0454 Present Proof v2.0, respectively). Once the protocols are removed from ACA-Py, anyone still using those protocols MUST adjust their configuration to load those protocols from the respective plugins.

1.3.1 Breaking Changes

There are no breaking changes in this release.

What's Changed

• 🐛 Fix v2 cred ex and pres ex webhook events to emit after db write by @ff137 in #3699
• chore(deps): Update qrcode[pil] requirement from ~=8.1 to ~=8.2 in /demo by @dependabot in #3707
• chore(deps): Bump qrcode from 8.1 to 8.2 by @dependabot in #3705
• chore(deps): Bump postgres from fe3f571 to 304ab81 in /demo/docker-test/db by @dependabot in #3704
• chore(deps): Bump python from e2c7fb0 to 0a886c1 in /scenarios by @dependabot in #3703
• Update images and tags to version 1.3.0 by @jamshale in #3708
• chore(deps): Bump github/codeql-action from 3.28.16 to 3.28.17 in the all-actions group by @dependabot in #3709
• 🎨 Add missing anoncreds field to V20CredExRecordDetail model by @ff137 in #3710
• Feat(demo): migrate to prompt_toolkit 3.x (Fixes #3681) by @andrepestana-aot in #3713
• chore(deps): Bump python from 0a886c1 to d188cfc in /scenarios by @dependabot in #3715
• chore(deps): Bump postgres from 304ab81 to 8648313 in /demo/docker-test/db by @dependabot in #3716
• chore(deps): Bump SonarSource/sonarqube-scan-action from 5.1.0 to 5.2.0 in the all-actions group by @dependabot in #3718
• ⬆️ Update lock file by @ff137 in #3720
• Regress test to check #2818 issue by @andrepestana-aot in #3721
• 🔊 Improve logging in Handlers by @ff137 in #3722
• TestDeleteTails testcase fixes and indexError fix by @ann-aot in #3727
• chore(deps): Bump github/codeql-action from 3.28.17 to 3.28.18 in the all-actions group by @dependabot in #3729
• 🎨 Fix codeblock typing in DIDResolution.md by @ff137 in #3730
• 🔊 Improve logging related to public DIDs and routing keys by @ff137 in #3719
• Cleanup markdown errors in docs/demo/readme by @swcurran in #3734
• Add websocket outbound debug log by @jamshale in #3736
• chore(deps-dev): Bump pydevd-pycharm from 251.25410.122 to 252.16512.37 by @dependabot in #3743
• chore(deps): Bump uuid-utils from 0.10.0 to 0.11.0 by @dependabot in #3742
• Remove unnecessary hash pinning by @jamshale in #3744
• Fix broken links in the aca-py.org site / documentation by @swcurran in #3745
• Tag and Recreate ACA-Py LTS Release by @pradeepp88 in #3735
• Cleaned up more broken links and updates some code permalinks by @swcurran in #3748
• Updates to links in the docs and code comments to URLs that have been redirected -- mostly from Hyperledger to OWF and DIF by @swcurran in #3750
• Update the ACA-Py Security, Code of Conduct, and Maintainers Documents by @swcurran in #3749
• Demo: Change mediation connection to out-of-band by @jamshale in #3751
• 1.3.1rc0 by @swcurran in #3752
• Remove header from http/ws responses by @jamshale in #3753
• chore(deps-dev): Bump pydevd-pycharm from 252.16512.37 to 252.18003.35 by @dependabot in #3758
• chore(deps-dev): Bump pytest-xdist from 3.6.1 to 3.7.0 by @dependabot in #3756
• Repair lts workflow by @jamshale in #3759
• chore(deps): Bump aiohttp from 3.11.18 to 3.12.6 by @dependabot in #3757
• Update webvh package version by @PatStLouis in #3763
• alice/faber demo supports Microsoft dev tunnels by @davidchaiken in #3755
• chore(deps): Bump the all-actions group with 3 updates by @dependabot in #3760
• ⚡ Skip upgrade check for status checks by @ff137 in #3761
• chore: Remove did:indy Stub by @TheTechmage in #3764
• 1.3.1rc1 by @swcurran in #3765

New Contributors

• @andrepestana-aot made their first contribution in #3713
• @ann-aot made their first contribution in #3727

Full Changelog: 1.3.0...1.3.1rc1

main-lts

ACA-Py 1.3.1 is a maintenance release that focuses on improving reliability, developer experience, and project documentation. It includes important fixes, updated links and metadata, and minor enhancements, particularly in support of long-term stability and governance clarity.

This release includes:

• Extensive updates to outdated or redirected links in documentation and code comments, moving references from Hyperledger to the OpenWallet Foundation and other current locations.
• Expanded options for running the ACA-Py demo, with support added for Microsoft Dev Tunnels and improved out-of-band connection flows.
• Updates to project governance documentation, including the Code of Conduct, Security Policy, and Maintainers Guide, aligned with the OpenWallet Foundation processes.
• Logging improvements for better observability, especially around public DID handling, routing keys, and outbound websocket messages.
• Demo enhancements, including migration to prompt_toolkit 3.x and fixes to markdown and code formatting issues.
• A fix ensuring webhook events for V2 credential and presentation exchange are correctly emitted after database persistence, preventing race conditions.
• Minor bug fixes and test coverage improvements, including regression test additions and index error handling.

This release also prepares for future long-term support (LTS) work, with internal updates to Docker tags, versioning, and CI metadata. No breaking changes are introduced. As always, routine Dependabot updates were also included to keep dependencies current and secure.

1.3.1 Deprecation Notices

In the next ACA-Py release, we will be dropping from the core ACA-Py repository the AIP 1.0 RFC 0037 Issue Credentials v1.0 and RFC 0037 Present Proof v1.0 DIDComm protocols. Each of the protocols will be moved to the ACA-Py Plugins repo. All ACA-Py implementers that use those protocols SHOULD update as soon as possible to the AIP 2.0 versions of those protocols (RFC 0453 Issue Credential v2.0 and RFC 0454 Present Proof v2.0, respectively). Once the protocols are removed from ACA-Py, anyone still using those protocols MUST adjust their configuration to load those protocols from the respective plugins.

1.3.1 Breaking Changes

There are no breaking changes in this release.

What's Changed

• 🐛 Fix v2 cred ex and pres ex webhook events to emit after db write by @ff137 in #3699
• chore(deps): Update qrcode[pil] requirement from ~=8.1 to ~=8.2 in /demo by @dependabot in #3707
• chore(deps): Bump qrcode from 8.1 to 8.2 by @dependabot in #3705
• chore(deps): Bump postgres from fe3f571 to 304ab81 in /demo/docker-test/db by @dependabot in #3704
• chore(deps): Bump python from e2c7fb0 to 0a886c1 in /scenarios by @dependabot in #3703
• Update images and tags to version 1.3.0 by @jamshale in #3708
• chore(deps): Bump github/codeql-action from 3.28.16 to 3.28.17 in the all-actions group by @dependabot in #3709
• 🎨 Add missing anoncreds field to V20CredExRecordDetail model by @ff137 in #3710
• Feat(demo): migrate to prompt_toolkit 3.x (Fixes #3681) by @andrepestana-aot in #3713
• chore(deps): Bump python from 0a886c1 to d188cfc in /scenarios by @dependabot in #3715
• chore(deps): Bump postgres from 304ab81 to 8648313 in /demo/docker-test/db by @dependabot in #3716
• chore(deps): Bump SonarSource/sonarqube-scan-action from 5.1.0 to 5.2.0 in the all-actions group by @dependabot in #3718
• ⬆️ Update lock file by @ff137 in #3720
• Regress test to check #2818 issue by @andrepestana-aot in #3721
• 🔊 Improve logging in Handlers by @ff137 in #3722
• TestDeleteTails testcase fixes and indexError fix by @ann-aot in #3727
• chore(deps): Bump github/codeql-action from 3.28.17 to 3.28.18 in the all-actions group by @dependabot in #3729
• 🎨 Fix codeblock typing in DIDResolution.md by @ff137 in #3730
• 🔊 Improve logging related to public DIDs and routing keys by @ff137 in #3719
• Cleanup markdown errors in docs/demo/readme by @swcurran in #3734
• Add websocket outbound debug log by @jamshale in #3736
• chore(deps-dev): Bump pydevd-pycharm from 251.25410.122 to 252.16512.37 by @dependabot in #3743
• chore(deps): Bump uuid-utils from 0.10.0 to 0.11.0 by @dependabot in #3742
• Remove unnecessary hash pinning by @jamshale in #3744
• Fix broken links in the aca-py.org site / documentation by @swcurran in #3745
• Tag and Recreate ACA-Py LTS Release by @pradeepp88 in #3735
• Cleaned up more broken links and updates some code permalinks by @swcurran in #3748
• Updates to links in the docs and code comments to URLs that have been redirected -- mostly from Hyperledger to OWF and DIF by @swcurran in #3750
• Update the ACA-Py Security, Code of Conduct, and Maintainers Documents by @swcurran in #3749
• Demo: Change mediation connection to out-of-band by @jamshale in #3751
• 1.3.1rc0 by @swcurran in #3752
• Remove header from http/ws responses by @jamshale in #3753
• chore(deps-dev): Bump pydevd-pycharm from 252.16512.37 to 252.18003.35 by @dependabot in #3758
• chore(deps-dev): Bump pytest-xdist from 3.6.1 to 3.7.0 by @dependabot in #3756
• Repair lts workflow by @jamshale in #3759
• chore(deps): Bump aiohttp from 3.11.18 to 3.12.6 by @dependabot in #3757
• Update webvh package version by @PatStLouis in #3763
• alice/faber demo supports Microsoft dev tunnels by @davidchaiken in #3755
• chore(deps): Bump the all-actions group with 3 updates by @dependabot in #3760
• ⚡ Skip upgrade check for status checks by @ff137 in #3761
• chore: Remove did:indy Stub by @TheTechmage in #3764
• 1.3.1rc1 by @swcurran in #3765

New Contributors

• @andrepestana-aot made their first contribution in #3713
• @ann-aot made their first contribution in #3727

Full Changelog: 1.3.0...1.3.1rc1

1.3.1rc0

ACA-Py 1.3.1 is a maintenance release that focuses on improving reliability, developer experience, and project documentation. It includes important fixes, updated links and metadata, and minor enhancements, particularly in support of long-term stability and governance clarity.

This release includes:

• Extensive updates to outdated or redirected links in documentation and code comments, moving references from Hyperledger to the OpenWallet Foundation and other current locations.
• Updates to project governance documentation, including the Code of Conduct, Security Policy, and Maintainers Guide, aligned with the OpenWallet Foundation processes.
• Logging improvements for better observability, especially around public DID handling, routing keys, and outbound websocket messages.
• Demo enhancements, including migration to prompt_toolkit 3.x and fixes to markdown and code formatting issues.
• A fix ensuring webhook events for V2 credential and presentation exchange are correctly emitted after database persistence, preventing race conditions.
• Minor bug fixes and test coverage improvements, including regression test additions and index error handling.

This release also prepares for future long-term support (LTS) work, with internal updates to Docker tags, versioning, and CI metadata. No breaking changes are introduced. As always, routine Dependabot updates were also included to keep dependencies current and secure.

1.3.1 Deprecation Notices

In the next ACA-Py release, we will be dropping from the core ACA-Py repository the AIP 1.0 RFC 0037 Issue Credentials v1.0 and RFC 0037 Present Proof v1.0 DIDComm protocols. Each of the protocols will be moved to the ACA-Py Plugins repo. All ACA-Py implementers that use those protocols SHOULD update as soon as possible to the AIP 2.0 versions of those protocols (RFC 0453 Issue Credential v2.0 and RFC 0454 Present Proof v2.0, respectively). Once the protocols are removed from ACA-Py, anyone still using those protocols MUST adjust their configuration to load those protocols from the respective plugins.

1.3.1 Breaking Changes

There are no breaking changes in this release.

What's Changed

• 🐛 Fix v2 cred ex and pres ex webhook events to emit after db write by @ff137 in #3699
• chore(deps): Update qrcode[pil] requirement from ~=8.1 to ~=8.2 in /demo by @dependabot in #3707
• chore(deps): Bump qrcode from 8.1 to 8.2 by @dependabot in #3705
• chore(deps): Bump postgres from fe3f571 to 304ab81 in /demo/docker-test/db by @dependabot in #3704
• chore(deps): Bump python from e2c7fb0 to 0a886c1 in /scenarios by @dependabot in #3703
• Update images and tags to version 1.3.0 by @jamshale in #3708
• chore(deps): Bump github/codeql-action from 3.28.16 to 3.28.17 in the all-actions group by @dependabot in #3709
• 🎨 Add missing anoncreds field to V20CredExRecordDetail model by @ff137 in #3710
• Feat(demo): migrate to prompt_toolkit 3.x (Fixes #3681) by @andrepestana-aot in #3713
• chore(deps): Bump python from 0a886c1 to d188cfc in /scenarios by @dependabot in #3715
• chore(deps): Bump postgres from 304ab81 to 8648313 in /demo/docker-test/db by @dependabot in #3716
• chore(deps): Bump SonarSource/sonarqube-scan-action from 5.1.0 to 5.2.0 in the all-actions group by @dependabot in #3718
• ⬆️ Update lock file by @ff137 in #3720
• Regress test to check #2818 issue by @andrepestana-aot in #3721
• 🔊 Improve logging in Handlers by @ff137 in #3722
• TestDeleteTails testcase fixes and indexError fix by @ann-aot in #3727
• chore(deps): Bump github/codeql-action from 3.28.17 to 3.28.18 in the all-actions group by @dependabot in #3729
• 🎨 Fix codeblock typing in DIDResolution.md by @ff137 in #3730
• 🔊 Improve logging related to public DIDs and routing keys by @ff137 in #3719
• Cleanup markdown errors in docs/demo/readme by @swcurran in #3734
• Add websocket outbound debug log by @jamshale in #3736
• chore(deps-dev): Bump pydevd-pycharm from 251.25410.122 to 252.16512.37 by @dependabot in #3743
• chore(deps): Bump uuid-utils from 0.10.0 to 0.11.0 by @dependabot in #3742
• Remove unnecessary hash pinning by @jamshale in #3744
• Fix broken links in the aca-py.org site / documentation by @swcurran in #3745
• Tag and Recreate ACA-Py LTS Release by @pradeepp88 in #3735
• Cleaned up more broken links and updates some code permalinks by @swcurran in #3748
• Updates to links in the docs and code comments to URLs that have been redirected -- mostly from Hyperledger to OWF and DIF by @swcurran in #3750
• Update the ACA-Py Security, Code of Conduct, and Maintainers Documents by @swcurran in #3749
• Demo: Change mediation connection to out-of-band by @jamshale in #3751
• 1.3.1rc0 by @swcurran in #3752

New Contributors

• @andrepestana-aot made their first contribution in #3713
• @ann-aot made their first contribution in #3727

Full Changelog: 1.3.0...1.3.1rc0

1.3.0

ACA-Py 1.3.0 introduces significant improvements across wallet types, AnonCreds support, multi-tenancy, DIDComm interoperability, developer experience, and software supply chain management. This release strengthens stability, modernizes protocol support, and delivers important updates for AnonCreds credential handling. A small number of breaking changes are included and are detailed below.

Updates were made to to the askar-anoncreds wallet type (Askar plus the latest AnonCreds Rust library), addressing issues with multi-ledger configurations, multitenant deployments, and credential handling across different wallet types. Wallet profile management was strengthened by enforcing unique names to avoid conflicts in multitenant environments.

AnonCreds handling saw extensive refinements, including fixes to credential issuance, revocation management, and proof presentation workflows. The release also introduces support for did:indy Transaction Version 2 and brings better alignment between the ledger API responses and the expected schemas. Several API documentation updates and improvements to type hints further enhance the developer experience when working with AnonCreds features.

Support for multi-tenancy continues to mature, with fixes that better isolate tenant wallets from the base wallet and improved connection reuse across tenants.

Logging across ACA-Py has been significantly improved to deliver clearer, more actionable logs, while error handling was enhanced to provide better diagnostics for validation failures and resolver setup issues.

Work toward broader interoperability continued, with the introduction of support for the Verifiable Credentials Data Model (VCDM) 2.0, as well as enhancements to DIDDoc handling, including support for BLS12381G2 key types. A new DIDComm route for fetching existing invitations was added, and a number of minor protocol-level improvements were made to strengthen reliability.

The release also includes many improvements for developers, including a new ACA-Py Helm Chart to simplify Kubernetes deployments, updated tutorials, and more updates to demos (such as AliceGetsAPhone). Dependency upgrades across the project further solidify the platform for long-term use.

Significant work was also done in this release to improve the security and integrity of ACA-Py's software supply chain. Updates to the CI/CD pipelines hardened GitHub Actions workflows, introduced pinned dependencies and digests for builds, optimized Dockerfile construction, and improved dependency management practices. These changes directly contribute to a stronger security posture and have improved ACA-Py's OpenSSF Scorecard evaluation, ensuring higher levels of trust and verifiability for those deploying ACA-Py in production environments.

1.3.0 Deprecation Notices

• In the next ACA-Py release, we will be dropping from the core ACA-Py repository the AIP 1.0 RFC 0037 Issue Credentials v1.0 and RFC 0037 Present Proof v1.0 DIDComm protocols. Each of the protocols will be moved to the ACA-Py Plugins repo. All ACA-Py implementers that use those protocols SHOULD update as soon as possible to the AIP 2.0 versions of those protocols (RFC 0453 Issue Credential v2.0 and RFC 0454 Present Proof v2.0, respectively). Once the protocols are removed from ACA-Py, anyone still using those protocols MUST adjust their configuration to load those protocols from the respective plugins.

1.3.0 Breaking Changes

This release includes a small number of breaking changes:

• The DIDComm RFC 0160 Connections protocol is removed, in favour of the newer, more complete RFC 0434 Out of Band and RFC 0023 DID Exchange. Those still requiring RFC 0160 Connections protocol support must update their startup parameters to include the Connections Protocol Plugin. See the documentation for details, but once the ACA-Py instance startup options are extended to include the Connections protocol plugin, Controllers using the Connections protocol should continue to work as they had been. That said, we highly recommend implementers seeking interoperability move to the RFC 0434 Out of Band and RFC 0023 DID Exchange Protocols as soon as possible.
• Schema objects related to did:indy operations have been renamed to improve clarity and consistency. Clients interacting with did:indy endpoints should review and adjust any schema validations or mappings in their applications.

1.3.0 ACA-Py Controller API Changes

• did:indy support added, including a new POST /did/indy/create endpoint.
• Routes that support pagination (such as endpoints for fetching connections or credential/presentation exchange records), now include descending as an optional query parameter and have deprecated the count and start query parameters in favor of the more standard limit and offset parameters.
• validFrom and validUntil added to the Credential and VerifiableCredential objects.
• For consistency (and developer sanity), all Anoncreds references in the ACA-Py codebase have been changed to the more common AnonCreds (see PR #3573). Controller references may have to be updated to reflect the update.

Specifics of the majority of the changes can be found by looking at the diffs for the swagger.json and openapi.json files that are part of the 1.3.0 Release Pull Request. Later pull requests might introduce some additional changes.

What's Changed

• BREAKING: remove connection protocol by @dbluhm in #3184
• ⬆️ Upgrade dependencies by @ff137 in #3455
• Restore connection route tests by @dbluhm in #3461
• chore(deps): Bump sphinx-notfound-page from 1.0.2 to 1.0.4 in /docs by @dependabot in #3464
• chore(deps-dev): Bump ruff from 0.9.2 to 0.9.3 by @dependabot in #3467
• Update dockerfile image after release by @jamshale in #3469
• fix: ensure profile names are unique by @dbluhm in #3470
• Upgrade askar and did_webvh by @jamshale in #3474
• chore(deps): Bump dawidd6/action-download-artifact from 7 to 8 in the all-actions group by @dependabot in #3473
• ✨ Add ordering options to askar scan and fetch_all methods by @ff137 in #3173
• 🎨 Deprecate count/start query params and implement limit/offset by @ff137 in #3208
• Update aries-askar / Generate poetry.lock with poetry 2.0 by @jamshale in #3478
• Anoncreds Issuance - Extra options. by @jamshale in #3483
• Fixing BaseAnonCredsResolver get_revocation_list abstract method by @thiagoromanos in #3484
• feat: add did management design doc by @dbluhm in #3375
• chore(deps): Bump mkdocs-material from 9.5.50 to 9.6.1 by @dependabot in #3486
• chore(deps): Bump sphinx-notfound-page from 1.0.4 to 1.1.0 by @dependabot in #3487
• chore(deps-dev): Bump pytest-asyncio from 0.25.2 to 0.25.3 by @dependabot in #3488
• chore(deps-dev): Bump pydevd from 3.2.3 to 3.3.0 by @dependabot in #3489
• chore(deps-dev): Bump pydevd-pycharm from 251.17181.23 to 251.18673.39 by @dependabot in #3490
• fix typo in error message of indy credential offer by @zoblazo in #3485
• Fix Class import for AnonCreds Registry routes by @PatStLouis in #3495
• Upgrade to bookworm by @jamshale in #3498
• chore(deps): Bump mkdocs-material from 9.6.1 to 9.6.3 by @dependabot in #3504
• Groupe...

1.3.0rc2

ACA-Py 1.3.0 introduces significant improvements across wallet types, AnonCreds support, multi-tenancy, DIDComm interoperability, developer experience, and software supply chain management. This release strengthens stability, modernizes protocol support, and delivers important updates for AnonCreds credential handling. A small number of breaking changes are included and are detailed below.

Updates were made to to the askar-anoncreds wallet type (Askar plus the latest AnonCreds Rust library), addressing issues with multi-ledger configurations, multitenant deployments, and credential handling across different wallet types. Wallet profile management was strengthened by enforcing unique names to avoid conflicts in multitenant environments.

AnonCreds handling saw extensive refinements, including fixes to credential issuance, revocation management, and proof presentation workflows. The release also introduces support for did:indy Transaction Version 2 and brings better alignment between the ledger API responses and the expected schemas. Several API documentation updates and improvements to type hints further enhance the developer experience when working with AnonCreds features.

Support for multi-tenancy continues to mature, with fixes that better isolate tenant wallets from the base wallet and improved connection reuse across tenants.

Logging across ACA-Py has been significantly improved to deliver clearer, more actionable logs, while error handling was enhanced to provide better diagnostics for validation failures and resolver setup issues.

Work toward broader interoperability continued, with the introduction of support for the Verifiable Credentials Data Model (VCDM) 2.0, as well as enhancements to DIDDoc handling, including support for BLS12381G2 key types. A new DIDComm route for fetching existing invitations was added, and a number of minor protocol-level improvements were made to strengthen reliability.

The release also includes many improvements for developers, including a new ACA-Py Helm Chart to simplify Kubernetes deployments, updated tutorials, and more updates to demos (such as AliceGetsAPhone). Dependency upgrades across the project further solidify the platform for long-term use.

Significant work was also done in this release to improve the security and integrity of ACA-Py's software supply chain. Updates to the CI/CD pipelines hardened GitHub Actions workflows, introduced pinned dependencies and digests for builds, optimized Dockerfile construction, and improved dependency management practices. These changes directly contribute to a stronger security posture and have improved ACA-Py's OpenSSF Scorecard evaluation, ensuring higher levels of trust and verifiability for those deploying ACA-Py in production environments.

1.3.0 Deprecation Notices

• In the next ACA-Py release, we will be dropping from the core ACA-Py repository the AIP 1.0 RFC 0037 Issue Credentials v1.0 and RFC 0037 Present Proof v1.0 DIDComm protocols. Each of the protocols will be moved to the ACA-Py Plugins repo. All ACA-Py implementers that use those protocols SHOULD update as soon as possible to the AIP 2.0 versions of those protocols (RFC 0453 Issue Credential v2.0 and RFC 0454 Present Proof v2.0, respectively). Once the protocols are removed from ACA-Py, anyone still using those protocols MUST adjust their configuration to load those protocols from the respective plugins.

1.3.0 Breaking Changes

This release includes a small number of breaking changes:

• The DIDComm RFC 0160 Connections protocol is removed, in favour of the newer, more complete RFC 0434 Out of Band and RFC 0023 DID Exchange. Those still requiring RFC 0160 Connections protocol support must update their startup parameters to include the Connections Protocol Plugin. See the documentation for details, but once the ACA-Py instance startup options are extended to include the Connections protocol plugin, Controllers using the Connections protocol should continue to work as they had been. That said, we highly recommend implementers seeking interoperability move to the RFC 0434 Out of Band and RFC 0023 DID Exchange Protocols as soon as possible.
• Schema objects related to did:indy operations have been renamed to improve clarity and consistency. Clients interacting with did:indy endpoints should review and adjust any schema validations or mappings in their applications.

1.3.0 ACA-Py Controller API Changes

• did:indy support added, including a new POST /did/indy/create endpoint.
• Routes that support pagination (such as endpoints for fetching connections or credential/presentation exchange records), now include descending as an optional query parameter and have deprecated the count and start query parameters in favor of the more standard limit and offset parameters.
• validFrom and validUntil added to the Credential and VerifiableCredential objects.
• For consistency (and developer sanity), all Anoncreds references in the ACA-Py codebase have been changed to the more common AnonCreds (see PR #3573). Controller references may have to be updated to reflect the update.

Specifics of the majority of the changes can be found by looking at the diffs for the swagger.json and openapi.json files that are part of the 1.3.0 Release Pull Request. Later pull requests might introduce some additional changes.

What's Changed

• Devcointainer and docs update by @esune in #3629
• chore(deps-dev): Bump pytest-cov from 6.0.0 to 6.1.1 by @dependabot in #3631
• chore(deps): Bump tj-actions/changed-files from 46.0.3 to 46.0.4 in the all-actions group by @dependabot in #3635
• ⬆️ Weekly dependency updates by @ff137 in #3634
• chore(deps): Update qrcode[pil] requirement from ~=8.0 to ~=8.1 by @dependabot in #3632
• AliceGetsAPhone demo works in local docker environment by @davidchaiken in #3623
• Use current version of aca-py in devcontainer by @esune in #3638
• ✨ Don't shutdown on ledger error by @ff137 in #3636
• ✨ Improve logging in core components by @ff137 in #3332
• 🐛 Fix publishing all pending AnonCreds revocations by @ff137 in #3626
• Add BLS12381G2 keys to multikey manager by @gmulhearn in #3640
• 🎨 Rename Anoncreds to AnonCreds by @ff137 in #3573
• 🎨 Replace print statements in Banner with info log by @ff137 in #3643
• chore(deps): Bump tj-actions/changed-files from 46.0.4 to 46.0.5 in the all-actions group by @dependabot in #3648
• 👷 Fix Docker Caching by @rblaine95 in #3653
• 👷 Split Docker Builds by @rblaine95 in #3654
• 🐛 Fix public did no longer being correctly configured by @ff137 in #3646
• 👷 🧑‍💻 Optimize Docker build to reduce cache invalidation by @rblaine95 in #3655
• 🎨 Fix swagger tag names for AnonCreds endpoints by @ff137 in #3661
• 🧪 Fix test warnings by @ff137 in #3656
• 🎨 Add type hints to anoncreds module by @ff137 in #3652
• 🎨 Add type hints to messaging/jsonld by @ff137 in #3650
• chore(deps): Bump markdown from 3.7 to 3.8 by @dependabot in #3644
• 🎨 Make ledger config more readable by @ff137 in #3664
• (fix) VM resolution strategy correction for e...

1.3.0rc1

Release 1.3.0 is a significant release that adds many updates, fixes and an important breaking change (starting to remove support for AIP 1.0 from ACA-Py) from the 1.2.LTS branch of ACA-Py. The full list of changes are in in the categorized list of pull requests for the release. As always, ACA-Py remains fully up to date with its dependencies. Fixes and improvements focused around the latest wallet type (askar-anoncreds), AnonCreds processing in general, and AnonCreds revocation in particular. New to this release is a ACA-Py Helm Chart that can be used in deploying ACA-Py.

1.3.0 Deprecation Notices

• In the next ACA-Py release, we will be dropping from the core ACA-Py repository the AIP 1.0 RFC 0037 Issue Credentials v1.0 and RFC 0037 Present Proof v1.0 DIDComm protocols. Each of the protocols will be moved to the ACA-Py Plugins repo. All ACA-Py implementers that use those protocols SHOULD update as soon as possible to the AIP 2.0 versions of those protocols (RFC 0453 Issue Credential v2.0 and RFC 0454 Present Proof v2.0, respectively). Once the protocols are removed from ACA-Py, anyone still using those protocols MUST adjust their configuration to load those protocols from the respective plugins.

1.3.0 Breaking Changes

In this release, the DiDComm RFC 0160 Connections is removed, in favour of the newer, more complete RFC 0434 Out of Band and RFC 0023 DID Exchange. Those still requiring RFC 0160 Connections protocol support must update their startup parameters to include the Connections Protocol Plugin. See the documentation for details, but once the ACA-Py instance startup options are extended to include the Connections protocol plugin, Controllers using the Connections protocol should continue to work as they had been. That said, we highly recommend implementers move to the RFC 0434 Out of Band and RFC 0023 DID Exchange Protocols as soon as possible.

1.3.0 ACA-Py Controller API Changes:

• Added: did:indy support, including a new POST /did/indy/create endpoint
• Routes that support pagination (such as endpoints for fetching connections or credential/presentation exchange records), now include descending as an optional query parameter.
• validFrom and validUntil added to the Credential and VerifiableCredential objects

Specifics of the majority of the can be found by looking at the diffs for the swagger.json and openapi.json files that are part of the 1.3.0.rc Release Pull Request. Later pull requests might introduce some additional changes.

What's Changed

• BREAKING: remove connection protocol by @dbluhm in #3184
• ⬆️ Upgrade dependencies by @ff137 in #3455
• Restore connection route tests by @dbluhm in #3461
• chore(deps): Bump sphinx-notfound-page from 1.0.2 to 1.0.4 in /docs by @dependabot in #3464
• chore(deps-dev): Bump ruff from 0.9.2 to 0.9.3 by @dependabot in #3467
• Update dockerfile image after release by @jamshale in #3469
• fix: ensure profile names are unique by @dbluhm in #3470
• Upgrade askar and did_webvh by @jamshale in #3474
• chore(deps): Bump dawidd6/action-download-artifact from 7 to 8 in the all-actions group by @dependabot in #3473
• ✨ Add ordering options to askar scan and fetch_all methods by @ff137 in #3173
• 🎨 Deprecate count/start query params and implement limit/offset by @ff137 in #3208
• Update aries-askar / Generate poetry.lock with poetry 2.0 by @jamshale in #3478
• Anoncreds Issuance - Extra options. by @jamshale in #3483
• Fixing BaseAnonCredsResolver get_revocation_list abstract method by @thiagoromanos in #3484
• feat: add did management design doc by @dbluhm in #3375
• chore(deps): Bump mkdocs-material from 9.5.50 to 9.6.1 by @dependabot in #3486
• chore(deps): Bump sphinx-notfound-page from 1.0.4 to 1.1.0 by @dependabot in #3487
• chore(deps-dev): Bump pytest-asyncio from 0.25.2 to 0.25.3 by @dependabot in #3488
• chore(deps-dev): Bump pydevd from 3.2.3 to 3.3.0 by @dependabot in #3489
• chore(deps-dev): Bump pydevd-pycharm from 251.17181.23 to 251.18673.39 by @dependabot in #3490
• fix typo in error message of indy credential offer by @zoblazo in #3485
• Fix Class import for AnonCreds Registry routes by @PatStLouis in #3495
• Upgrade to bookworm by @jamshale in #3498
• chore(deps): Bump mkdocs-material from 9.6.1 to 9.6.3 by @dependabot in #3504
• Grouped upgrades - Week 7, 2025 by @jamshale in #3508
• Catch and log universal resolver setup error by @jamshale in #3511
• Allow schema id to be used during anoncreds issuance by @jamshale in #3497
• ➕ Re-add git to Dockerfile by @ff137 in #3515
• 🎨 Include the validation error in Unprocessable Entity reason by @ff137 in #3517
• 👷 Dependabot: don't ignore major releases by @ff137 in #3521
• ⚡ Remove --cov from pytest.ini_options by @ff137 in #3522
• ✅ Fix demo playground example tests by @ff137 in #3531
• ⬆️ Upgrade sphinx versions in docs by @ff137 in #3530
• Create ReuseConnection.md by @MonolithicMonk in #3534
• Add reuse document to MkDocs YML to add to doc site by @swcurran in #3535
• chore(deps): Bump pytest-asyncio from 0.23.8 to 0.25.3 in /demo/playground/examples by @dependabot in #3533
• Add did:indy transaction version 2 support by @jamshale in #3253
• chore(deps): Bump prompt-toolkit from 2.0.10 to 3.0.50 by @dependabot in #3526
• chore(deps): Update sphinx requirement from ~=8.1.3 to ~=8.2.1 by @dependabot in #3539
• chore(deps): Bump ossf/scorecard-action from 2.4.0 to 2.4.1 in the all-actions group by @dependabot in #3541
• Add vcdm 2.0 model and context by @PatStLouis in #3436
• Remove base wallet type must be new wallet type restriction by @jamshale in #3542
• fix: connection reuse with multi-tenancy by @dbluhm in #3543
• fix: tenant access to endpoints leading to access the base wallet by @thiagoromanos in #3545
• ⬆️ Upgrade poetry to 2.1 by @ff137 in #3538
• 🐛 Fix: allow multitenant askar-anoncreds wallets to present indy credentials by @ff137 in #3549
• 🐛 Fix: allow anoncreds wallet to delete indy credentials by @ff137 in #3551
• Fix prompt for alice/faber demo by @ianco in #3553
• Fix revocation accum sync when endorsement txn fails by @jamshale in https://github.com/openwallet-foundati...

1.3.0rc0

Release 1.3.0 is a significant release that adds many updates, fixes and an important breaking change (starting to remove support for AIP 1.0 from ACA-Py) from the 1.2.LTS branch of ACA-Py. The full list of changes are in in the categorized list of pull requests for the release. As always, ACA-Py remains fully up to date with its dependencies. Fixes and improvements focused around the latest wallet type (askar-anoncreds), AnonCreds processing in general, and AnonCreds revocation in particular.

1.3.0 Deprecation Notices

• In the next ACA-Py release, we will be dropping from the core ACA-Py repository the AIP 1.0 RFC 0037 Issue Credentials v1.0 and RFC 0037 Present Proof v1.0 DIDComm protocols. Each of the protocols will be moved to the ACA-Py Plugins repo. All ACA-Py implementers that use those protocols SHOULD update as soon as possible to the AIP 2.0 versions of those protocols (RFC 0453 Issue Credential v2.0 and RFC 0454 Present Proof v2.0, respectively). Once the protocols are removed from ACA-Py, anyone still using those protocols MUST adjust their configuration to load those protocols from the respective plugins.

1.3.0 Breaking Changes

In this release, the DiDComm RFC 0160 Connections is removed, in favour of the newer, more complete RFC 0434 Out of Band and RFC 0023 DID Exchange. Those still requiring RFC 0160 Connections protocol support must update their startup parameters to include the Connections Protocol Plugin. See the documentation for details, but once the ACA-Py instance startup options are extended to include the Connections protocol plugin, Controllers using the Connections protocol should continue to work as they had been. That said, we highly recommend implementers move to the RFC 0434 Out of Band and RFC 0023 DID Exchange Protocols as soon as possible.

1.3.0 ACA-Py Controller API Changes:

• Added: did:indy support, including a new POST /did/indy/create endpoint
• Routes that support pagination (such as endpoints for fetching connections or credential/presentation exchange records), now include descending as an optional query parameter.
• validFrom and validUntil added to the Credential and VerifiableCredential objects

Specifics of the majority of the API changes can be found by looking at the diffs for the swagger.json and openapi.json files that are part of the 1.3.0.rc Release Pull Request. Later pull requests might introduce some additional changes.

What's Changed

• BREAKING: remove connection protocol by @dbluhm in #3184
• ⬆️ Upgrade dependencies by @ff137 in #3455
• Restore connection route tests by @dbluhm in #3461
• chore(deps): Bump sphinx-notfound-page from 1.0.2 to 1.0.4 in /docs by @dependabot in #3464
• chore(deps-dev): Bump ruff from 0.9.2 to 0.9.3 by @dependabot in #3467
• Update dockerfile image after release by @jamshale in #3469
• fix: ensure profile names are unique by @dbluhm in #3470
• Upgrade askar and did_webvh by @jamshale in #3474
• chore(deps): Bump dawidd6/action-download-artifact from 7 to 8 in the all-actions group by @dependabot in #3473
• ✨ Add ordering options to askar scan and fetch_all methods by @ff137 in #3173
• 🎨 Deprecate count/start query params and implement limit/offset by @ff137 in #3208
• Update aries-askar / Generate poetry.lock with poetry 2.0 by @jamshale in #3478
• Anoncreds Issuance - Extra options. by @jamshale in #3483
• Fixing BaseAnonCredsResolver get_revocation_list abstract method by @thiagoromanos in #3484
• feat: add did management design doc by @dbluhm in #3375
• chore(deps): Bump mkdocs-material from 9.5.50 to 9.6.1 by @dependabot in #3486
• chore(deps): Bump sphinx-notfound-page from 1.0.4 to 1.1.0 by @dependabot in #3487
• chore(deps-dev): Bump pytest-asyncio from 0.25.2 to 0.25.3 by @dependabot in #3488
• chore(deps-dev): Bump pydevd from 3.2.3 to 3.3.0 by @dependabot in #3489
• chore(deps-dev): Bump pydevd-pycharm from 251.17181.23 to 251.18673.39 by @dependabot in #3490
• fix typo in error message of indy credential offer by @zoblazo in #3485
• Fix Class import for AnonCreds Registry routes by @PatStLouis in #3495
• Upgrade to bookworm by @jamshale in #3498
• chore(deps): Bump mkdocs-material from 9.6.1 to 9.6.3 by @dependabot in #3504
• Grouped upgrades - Week 7, 2025 by @jamshale in #3508
• Catch and log universal resolver setup error by @jamshale in #3511
• Allow schema id to be used during anoncreds issuance by @jamshale in #3497
• ➕ Re-add git to Dockerfile by @ff137 in #3515
• 🎨 Include the validation error in Unprocessable Entity reason by @ff137 in #3517
• 👷 Dependabot: don't ignore major releases by @ff137 in #3521
• ⚡ Remove --cov from pytest.ini_options by @ff137 in #3522
• ✅ Fix demo playground example tests by @ff137 in #3531
• ⬆️ Upgrade sphinx versions in docs by @ff137 in #3530
• Create ReuseConnection.md by @MonolithicMonk in #3534
• Add reuse document to MkDocs YML to add to doc site by @swcurran in #3535
• chore(deps): Bump pytest-asyncio from 0.23.8 to 0.25.3 in /demo/playground/examples by @dependabot in #3533
• Add did:indy transaction version 2 support by @jamshale in #3253
• chore(deps): Bump prompt-toolkit from 2.0.10 to 3.0.50 by @dependabot in #3526
• chore(deps): Update sphinx requirement from ~=8.1.3 to ~=8.2.1 by @dependabot in #3539
• chore(deps): Bump ossf/scorecard-action from 2.4.0 to 2.4.1 in the all-actions group by @dependabot in #3541
• Add vcdm 2.0 model and context by @PatStLouis in #3436
• Remove base wallet type must be new wallet type restriction by @jamshale in #3542
• fix: connection reuse with multi-tenancy by @dbluhm in #3543
• fix: tenant access to endpoints leading to access the base wallet by @thiagoromanos in #3545
• ⬆️ Upgrade poetry to 2.1 by @ff137 in #3538
• 🐛 Fix: allow multitenant askar-anoncreds wallets to present indy credentials by @ff137 in #3549
• 🐛 Fix: allow anoncreds wallet to delete indy credentials by @ff137 in #3551
• Fix prompt for alice/faber demo by @ianco in #3553
• Fix revocation accum sync when endorsement txn fails by @jamshale in #3547
• chore(deps): Bump dawidd6/action-download-artifac...

1.2.4

This patch release addresses three bugs backported from the main branch:

• Fixes a problem in the handling of connection reuse in multitenancy environments. This is a backport of the PR fix: connection reuse with multi-tenancy #3543. This fixes the issue when using multi-tenancy, calls to POST /out-of-band/receive-invitation?use_existing_connection=true failing with a record not found error, despite connection reuse actually being completed in the background.
• Fixes a problem when using acapy with multitenant enabled and admin-insecure-mode. Without this fix, tenant endpoints (like [GET] /wallet/did for example) could be accessed without a bearer token. For details see: fix: tenant access to endpoints leading to access the base wallet #3545.
• Fixes the AnonCreds holder revocation list endpoint which was erroneously using the to timestamp for the from, preventing the creation of valid non-revocation proofs. For details, see: Repair anoncreds holder revocation list request

1.2.4 Deprecation Notices

The same deprecation notices from the 1.1.0 release about AIP 1.0 protocols still apply. The protocols remain in this 1.2.4 release, but the Connections Protocol has been removed from the ACA-Py main branch, and is available as a plugin. The Issue Credential v1 and Present Proof v1 protocols will soon be changed similarly. Please review these notifications carefully!

1.2.4 Breaking Changes

There are no breaking changes in this release.

What's Changed

• fix: cherry-pick fixes from main to 1.2.lts by @thiagoromanos in #3577
• 1.2.LTS Repair anoncreds holder revocation list request by @jamshale in #3580
• 1.2.4 by @swcurran in #3582

Full Changelog: 1.2.3...1.2.4

0.12.6

This patch release addresses a bug in the handling connection reuse in multitenancy environments. This is a backport of the PR fix: connection reuse with multi-tenancy #3543. This fixes the issue when using multi-tenancy, calls to POST /out-of-band/receive-invitation?use_existing_connection=true failing with a record not found error, despite connection reuse actually being completed in the background.

0.12.6 Breaking Changes

There are no breaking changes in this release.

What's Changed

• fix: cherry-pick fixes from main to 0.12.lts by @thiagoromanos in #3578
• 0.12.6 by @swcurran in #3583

Full Changelog: 0.12.5...0.12.6

1.2.3

This patch release addresses a bug in the publishing of AnonCreds revocation entries that caused the ledger and issuer wallet to become out of sync. As a result, revoked credentials were not being correctly flagged as revoked when presented. Previously, this issue was mitigated by an automatic “sync-revocation” process, which generally resolved the problem. However, we recently identified scenarios where the presence of an Indy Endorser in the revocation publication flow caused the “sync-revocation” process to fail silently.

This patch resolves that issue. Once applied, if a revocation batch results in an out-of-sync state, the “sync-revocation” process will automatically run to correct it.

For more details, see Issue 3546.

1.2.3 Deprecation Notices

The same deprecation notices from the 1.1.0 release about AIP 1.0 protocols still apply. The protocols remain in this 1.2.3 release, but the Connections Protocol has been removed from the ACA-Py main branch, and is available as a plugin. The Issue Credential v1 and Present Proof v1 protocols will soon be changed similarly. Please review these notifications carefully!

1.2.3 Breaking Changes

There are no breaking changes in this release.

What's Changed

• 1.2.LTS Fix revocation accum sync when endorsement txn fails (#3547) by @jamshale in #3555
• 1.2.3 by @swcurran in #3559

Full Changelog: 1.2.2...1.2.3