Everything in wave Dispatch. A WAVE product — local-first by design.
Fast · Expert · Heavy · Code) map each route to an execution chain (local → heavy → frontier) that runs on your infra. Zero-egress: the edge returns only {route, profile, chain, params}. Additive + flag-gated behind WAVE_PROFILES (off by default → no change to the live edge). See /sovereign · /profiles.profile arg on route / execute / route_vector across all 5 SDKs (snake_case cross-SDK contract; Rust uses *_with_profile siblings). Local proxy honors WAVE_PROFILE + an optional WAVE_HEAVY_ENDPOINT Heavy hop before the frontier.serving_url() resolver; a first-token-entropy confidence gate (llama.cpp logprobs) escalates uncertain routes; bandit route→model posteriors now surface in the ops dashboard.snake_case creds as canonical (api_key · api_secret · app_id · wallet_id · source_wallet) — matching Python / Ruby / Go / Rust. camelCase preserved as back-compat alias. A new check-sdk-versions.sh gate fails CI if any SDK source diverges.release-sdks.yml go-tag job sets git config user.email/name before git tag -a — was silently exit-128'ing without a committer ident. Future releases auto-push sdk/go/v<X> to dispatch-edge.verify-claims.sh now probes @v/v<X>.info first (matches go get) before falling back to @v/list. @latest cache lag is no longer mistakable for real drift.p256 crate), Ruby (OpenSSL stdlib), Go (crypto/ecdsa stdlib) all ship real ES256/P-256 CDP-JWT signing — replaces the marker payload at version parity with JS + Python. WaveDispatch.sign_cdp_jwt · dispatch::sign_cdp_jwt · dispatch.SignCdpJwt exposed for power users. All 5 SDKs now produce real cryptographic JWTs./pricing.json.pay_per_use now exposes account_per_decision_usd: 0.0001 and x402_per_decision_usd: 0.001 separately — the x402 rate covers Base mainnet gas (~$0.001/USDC transfer) so the agent doesn't lose money on every call. Account billing remains $0.0001/decision (Stripe, no gas).scripts/verify-claims.sh now accepts "registry one patch ahead of canonical" as a release-cycle warning instead of a hard fail — breaks a chicken-and-egg gridlock that blocked release PRs while publish workflows fired against tag-pointed shas. Larger forward skew still hard-fails.cryptography)network: base + asset: 0x833589fCD6eDb6E08f4c7C32D4f71b54bdA02913 (mainnet USDC). Real-money settlement via WAVE delegate; PAYMENT_REQUIRE_VERIFIER=1 keeps fail-closed.pip install wave-dispatch[cdp] — cryptography handles PEM PKCS8 + DER→raw r||s. Dispatch.sign_cdp_jwt exposed for power users. Rust/Ruby/Go at version parity (markers); native impls land in 0.6.2.walletHook({provider:"cdp",...}) produces a real ES256-signed CDP-JWT (PEM EC P-256 in, signed JWT out); Dispatch.signCdpJwt exposed for power users. New POST /train + GET /train/<job_id> queue labeled traffic (≥10 rows · 5 known classes) under train:<job_id> with 30-day retention; retraining runs offline on the Mac Studio. See /docs#train.tempo · privy · bridge · cdp join x402 · mpp · acp. PAYMENT_REQUIRE_VERIFIER=1 + WAVE_VERIFY_URL ⇒ fail-closed: verifyPayment delegates all 7 protocols to WAVE's settlement service. New GET /account/claims + POST /account/claim (SSO-authed) surfaces pending Stripe-mint claims with a one-click button.ssoacct:<email> unconditionally — a checkout using the victim's email enabled an ATO on their next SSO sign-in. Now writes to ssoacct_pending:<email>:<new_key> when an existing primary differs. Authorize lookups lowercased for write/read parity.paymentHook + walletHook(cdp/privy/bridge) API at parity with JS + Python. 402 retry happens inside the client; CDP returns a marker payload (use the language's official Coinbase SDK for full CDP-JWT signing).authorize() used to do env.LICENSES.get("lic:" + token) for every Bearer token, overflowing KV's 512-byte key limit when token is a real OAuth JWT (~700-1100 bytes) — every real SSO user 500'd. Now: lookup is gated on wv_-shape, and the SSO principal's token field is the linked license_key (35 chars) instead of the raw JWT.wave-auth-proxy routes api.wave.online/auth/v1/* → Supabase (was 404 for ~9 months, broke Google OAuth WAVE-wide). Supabase site_url + uri_allow_list updated. GitHub provider enabled. Docs added a Privy SSO section (anchor target for the /login button).paymentHook constructor option + 402-retry loop. Plug in CDP / Privy / Bridge providers via Dispatch.walletHook({provider, credentials}), or pass any custom sign(challenge)→headers. Rust / Ruby / Go SDKs at parity (0.5.0) — wallet helper APIs land next.tempo · privy · bridge · cdp. Each flag-gated OFF in prod (WAVE_TEMPO/WAVE_PRIVY/WAVE_BRIDGE/WAVE_CDP); WAVE side already wires settlement. /pricing.json now serves payment_rails:{available,rolling_out,settles_via,chain}./login. New edge-router/auth-sso.ts module hosts both verifiers. /account/key handles either provider via the same ssoacct:<email> linking pattern.str | None — py3.10-only despite requires-python >=3.8)PAYMENT_REQUIRE_VERIFIER — fail-closed in stub mode + filter unverifiable protocols from the 402 challengeMachine-readable: /pricing.json · /llms.txt · /integrate