What's New

v42.1

v42: Cortex architecture with Durable Objects, compound endpoints (turn/auto/batch/close), Python and JS/TS SDKs, 9 MCP tools, 14 packet types, 4 storage classes, Vectorize semantic search, Lite tier

v42 Cortex -- Major Architecture Upgrade

Memory processing moves to Cloudflare Durable Objects. New compound endpoints reduce API round trips by 60-80%.

• Compound endpoints: /v1/turn (search + store + send), /v1/auto (session resume), /v1/batch (multi-op), /v1/session/close (graceful handoff)
• 4 storage classes: canonical, corrections, working, archive -- with deterministic write path
• 14 packet types for structured memory (FACT, DECISION, DIRECTIVE, NOTE, CORRECTION, and more)
• Compact response mode (~80-150 tokens vs ~500-2000 for full)
• Per-tenant Durable Objects with SQLite-backed hot state
• Vectorize integration for semantic search (768-dimension embeddings)
• Async consolidation workflows (dedup, promotion, archival) on 6-hour schedule
• All v1 endpoints preserved and backward compatible

Python & JS/TS SDKs

Official thin client SDKs for Python and JavaScript/TypeScript.

• pip install goldhold -- Python 3.8+, one dependency (requests)
• npm install goldhold -- Zero dependencies, works in Node 18+, Deno, Bun, Cloudflare Workers
• Both SDKs support all compound endpoints with typed responses and error handling
• Interactive GoldHold.setup() for API key configuration

Lite Tier (Free)

Get started with GoldHold at no cost. No credit card required.

• 1,000 memories, 1 agent, 10 tasks, 50 messages/month
• Full access to compound endpoints and SDKs
• Upgrade to Vault Pro ($9/mo) for unlimited everything

API Docs v2

Updated documentation with compound endpoint reference, SDK quickstarts, storage class guide, packet type reference, and tier comparison.

v36.3

Cross-platform fixes: TZ_OFFSET import, pacemaker timezone bug, Python 3.8 compat, Mac/Linux crontab support, shebangs, namespace whitelist

v36.2 -- Security Hardening + Worker Modularization

Nine new security layers: rate limiting, payload size limits, serial validation, cancellation revocation, duplicate serial detection, graceful storage caps, free tier usage limits, chargeback evidence collection, and silent audit logging. Checkout worker modularized from one 4,736-line file into 27 ES modules. One-command install path. Zero-config setup improvements with --status flag.

v36.1 -- Multi-Agent + Account Security

Account data isolation for shared browsers. Auto-update system with checksum verification and rollback. Guardian inbox channel for direct agent-to-Guardian messaging. Inbox bridge surfaces GUMP mail through any OpenClaw channel. Sub-agent staging pipeline so team work gets filed to memory. Console-free Windows launchers.

v36.0 -- Security Hardening

Rate limiting and payload size enforcement on the messaging relay. New credentials management tab in your account settings -- view your agent ID and rotate API keys without the CLI. Task system reliability improvements.

v35.1 -- Installer Hotfix

Fixes that prevent a clean customer install: setup.py crash fix (ENV_PATH), pip PEP 668 compatibility for Debian 12+/Ubuntu 23.04+, rewritten one-click installers (install-gh.py, install-gh.ps1), Cloudflare User-Agent fix for downloads.

v35.0 -- Security + GUMP Last-Mile Fix

31 fixes across 4 audit passes. Agent messaging now works end-to-end -- your AI reads and responds to messages autonomously. All install paths (quick start, upgrade, advanced) now complete the full setup including scheduled tasks and notification hooks. Security improvements to cross-origin requests and input validation.

v34.0

Agent messaging relay now included in quick install. Tasks, messages, and shared state configure automatically -- no advanced setup required.

v33.0

Operational rules and memory patterns now install automatically during setup. Agents get task management, messaging, and health monitoring out of the box.

v32.0

Tasks, messages, and memory folders. Zero-click device setup. Two-way agent-to-dashboard messaging. 30 managed memory folders. GUMP task queue.

API v1.0.0 | Public Documentation

• Published full API documentation at goldhold.ai/docs
• Documented REST endpoints (now superseded by v2 compound endpoints in v42.0)
• Pagination support documented (offset + limit + has_more)
• CORS policy documented (open for browser-based apps)
• API versioning policy: v1 endpoints maintained 12 months after v2 ships
• MCP tools and SDKs now available (see v42.0 above)

API Key Security Hardening

• API keys now hashed at rest (SHA-256). full key shown once at creation, never stored retrievably
• Key generation rate limited (10 per hour per account)
• Key revocation by UUID only (no hint-based matching)
• Optional key expiration (auto-expire after N days)
• Serial verification endpoint stripped of PII (no email in public response)
• Serial lookup rate limited (20 per minute per IP)

Platform Setup Guides

• 9 platform-specific setup guides: OpenClaw, Claude Desktop, Claude Code, ChatGPT, Cursor, Windsurf, Python/LangChain, Semantic Kernel, REST API
• Each platform activation generates a tracked serial number
• API key auto-populates into all install commands and config snippets
• No more zip downloads. all installs via package managers or config paste

Account Dashboard Overhaul

• Customizable dashboard cards with drag-and-drop reordering
• Cards support compact and expanded shapes with hover menu
• Settings rebuilt: BYOK keys, memory config, relay/sync, notifications, appearance, danger zone
• Project-based task management with namespace isolation
• New onboarding flow with BYOK and advanced settings mentions
• Live dashboard stats from relay endpoints
• Downloads gated behind login with key generation and platform guides

Legal & Compliance

• Added Ethical Use Policy to Terms of Service (section 6a)
• Patent Pending notices added to all technology-related pages and API docs
• Docs link added to site-wide navigation and footers
• API Terms of Service reference and warranty disclaimer in docs
• Corrected patent claim numbers across press and legal pages

v31.12

Security hardening for GUMP webhook hub. Auth required for registration and delivery. Pref merge, agent ID validation, no chat ID leaks.

v31.11

GUMP webhook hub integration. Auto-registers agents on goldhold.ai/hooks/gump during install/upgrade. New CLI commands for webhook management.

v31.10 | Cross-Platform & Install Polish

• Mac & Linux support: Guardian, Watcher, and Pacemaker now run natively on Mac and Linux. No more Windows-only crashes.
• Auto cron setup: Guardian (every 5 min) and Pinecone sync (every 20 min) are automatically installed via crontab during setup. No manual config needed.
• Smarter upgrades: Agent files are only rewritten when content actually changes. Upgrades no longer trigger unnecessary session resets.
• Slash commands: /gh, /gh_status, and /gh_search auto-register in Telegram, Discord, and Slack on install. Channels that don't support commands (WhatsApp, iMessage) are skipped cleanly.
• Context diet: OpenClaw agents load a slim 785-byte boot trigger instead of a 53KB static dump. Saves ~13,000 tokens per restart.
• Installer hardening: Safe workspace detection, upgrade-safe seeding, quiet folder creation, resilient Pinecone validation. 12 bugs found and fixed in field testing.

v31.3

Branding, docs consolidation, watcher backoff, cron config

v31.2 | Security Scrub

Purged all personal data and hardcoded paths from codebase and git history. Removed runtime state files from tracking. Hardened .gitignore. Fixed UTF-8 BOM in 15+ files. Removed forbidden characters from all shipped scripts.

v31.1 | License Enforcement & Anti-Piracy

Server-side license validation, machine fingerprinting, script integrity checking, and version gate API. One-key managed setup with automatic backend provisioning.

v31.0 | Adaptive Heartbeat & Recovery

Adaptive heartbeat system, improved crash recovery, and resilient scheduled task management.

v30.5

Setup UX overhaul: auto-create index, fix uppercase name bug, resolve missing scripts, friendly errors.

v30.4

Security: removed personal data from tracking. Added VBS wrappers for scheduled tasks. Cleaned runtime artifacts.

v30.3

Bug fixes: Guardian log path misrouting through symlinks, WORKSPACE detection through junctions. Improvements: human-readable receipts in Guardian and Doctor, audit status tagging.

v30.2.1 | Bug Fixes + Memory Quality

Fixed: Guardian log path misrouting when scripts/ is symlinked. Watcher couldn't see Guardian runs and looped repairs. WORKSPACE detection now handles junctions correctly. Improved: Guardian and Doctor receipts now write human-readable sentences instead of terse machine JSON. All audit findings carry explicit status tags for mechanical compliance checking.

v30.2

Self-awareness system: forced compliance auditing at all enforcement layers. Two-axis adaptive heartbeat. Slash command redesign. Token deduplication. Serial number download tracking: every zip download gets a unique serial (GH-{PLATFORM}-{timestamp}-{random}), stored in KV with full audit trail, indexed per customer, auto-pushed to GHL.

v30.1

TotalRecall: reconstruct any day from all 8 memory pillars. git commits, receipts, daily notes, captains logs, system logs, LAST_SESSION, Pinecone vectors, GUMP relay. Chronological timeline grouped by hour, verification for gaps and conflicts, summary and JSON modes.

v30.0

Account dashboard overhaul: step-by-step onboarding for Pinecone/GitHub/R2, auto-provisioned relay key on sign-in, Messages and Network tabs fixed, sidebar removed, header Sign Out and Install buttons, dashboard moves to top after connect, CORS and auth retry fixes

v30.0

Account dashboard overhaul: step-by-step onboarding for Pinecone, GitHub, and R2 with inline inputs, auto-provisioned OpenJar relay key on sign-in (no more manual key entry), Messages and Network tabs fixed, sidebar removed, Sign Out and Install GoldHold buttons in header, dashboard moves to top after Pinecone connect, CORS and auth retry fixes for relay

v29.0

GoldHold Folders: 30 default folders (21 life, 7 agent, 2 system), scribe/concierge rules, taste observation, tone matching, security tiers, vault integration, conversation-based onboarding, setup.py creates folders on install

v28.0

Security + integrity sweep: 273 em-dashes fixed, 40 emojis stripped, 11 BOMs cleaned, 3 install-breaking bugs resolved, doc lint gate enforced

v27.0

Test release. version number bump only

Encrypted Credential Vault

Your API keys are encrypted at rest, bound to your machine. No more plaintext secrets.

Inter-Agent Communication

Agents can share memories with each other. What one learns, others can find.

Security Page

New /security page explaining how your data is handled, verified, and protected.

BYOK Search Fixed

Bring-your-own-key users can now search across all memory banks seamlessly.

Reliability Improvements

Fixed race conditions, false-failure alerts, and background process stability.

Payments Are Live

• Sign up and pay directly on the site. no manual setup
• 7-day free trial on all paid plans, cancel anytime
• Manage your subscription, update payment, and view invoices from your account
• Promo codes accepted at checkout

Vault. Cloud File Storage

• Drop files into a folder. they're automatically uploaded, indexed, and searchable
• Find any document by describing what's in it, not by remembering the filename
• 10GB free storage, no egress fees (Cloudflare R2)
• Your originals are never deleted. soft-delete with timestamped archive

Works With Every AI Platform

Use the same memory across different AI tools. What one agent learns, they all remember.

API Keys & Namespace Isolation

• Generate, rotate, and revoke API keys from your dashboard
• Your data is isolated. other users and agents can't see it
• You never touch raw database credentials

Automatic Health Monitoring

• Runs in the background. checks sync status, connection health, and data integrity
• Auto-fixes common issues without you lifting a finger
• Health dashboard with letter grades so you know where things stand