Diagrid has recently unveiled Dapr 1.18, a transformative release that introduces what they refer to as Verifiable Execution. This set of capabilities aims to embed cryptographic trust, provenance, and tamper-evident execution records into distributed applications and AI agents. Marking one of the most pivotal updates since the release of Dapr 1.10, version 1.18 introduces features like Workflow History Signing, Workflow History Propagation, and Workflow Attestation. These features empower organizations to verify how workflows were executed, identify which entities performed specific actions, and ascertain whether execution histories were manipulated. This release is now available as an open-source update and through Diagrid’s managed Catalyst Cloud platform.
The emergence of agentic AI has created a pressing need for trust within distributed systems. Although these systems have achieved remarkable resilience over the past decade, the challenge of verifying how complex tasks executed by AI agents have been completed has lingered. Dapr 1.18 strives to address this by introducing robust cryptographic chains of custody that extend across workflows, services, and AI agents, providing organizations with a verifiable record of execution that can be independently assessed.
Traditionally, workflow engines and distributed systems have prioritized durability and fault tolerance. Modern workflow systems today can endure infrastructure failures, recover from crashes, and automatically retry failed operations. However, as AI systems begin to make significant, business-critical decisions, questions around provenance and accountability are becoming increasingly paramount.
Consider a scenario where an AI agent approves a financial transaction or accesses sensitive data. Organizations now require answers to essential questions: Who initiated this action? Has the history of execution been altered? Can downstream systems trust the outcomes? Are auditors able to independently verify the sequence of events? Dapr 1.18 effectively addresses these concerns.
The Workflow History Signing feature enables workflow execution histories to be cryptographically signed using identities reliant on the open SPIFFE standard. This development creates tamper-evident records that can easily be verified independently. Building on this, Workflow History Propagation extends the lineage of execution across various services, workflows, and application boundaries, giving downstream systems insight into request origins and the actions that shaped them. Additionally, Workflow Attestation allows workflows and tasks to operate within a trusted execution context, thereby enabling compliance checks and policy enforcement rooted in verified provenance.
Collectively, these groundbreaking features culminate in what Diagrid envisions as Verifiable Execution, transforming workflow history into a reliable and auditable asset, akin to the data it generates.
This release reflects a seismic shift within the software industry. Over the recent years, practices like software signing, Software Bills of Materials (SBOMs), and artifact attestations have become essential components of software supply chain security. Organizations are now increasingly demanding to know the origins of the software they use, how it was constructed, and whether it has been tampered with.
As AI systems gain more autonomy, increasing emphasis is placed on the need for explainability, regulatory compliance, and operational accountability. In highly regulated sectors such as healthcare and finance, demonstrating how an AI-driven decision was made is becoming as critical as the decision itself. Dapr 1.18 broadens the scope of supply chain security from mere software artifacts to include runtime execution, allowing workflows and AI agents to furnish verifiable evidence of their actions and decisions.
Dapr 1.18 also marks the graduation of the Jobs API to stable status after undergoing thorough performance testing, positioning it as fully production-ready for scheduling future and recurring work. Additionally, the update introduces Component and Configuration Hot Reloading, now generally available, which allows organizations to amend configurations on-the-fly without having to restart applications or interrupt ongoing workloads.
Enhancements to the Actor runtime model have made it possible for applications to establish a single bidirectional gRPC stream to receive callbacks from the Dapr sidecar. This advancement eliminates the need for exposing inbound server ports, significantly mitigating networking complexity and reducing the attack surface.
On the infrastructure front, Dapr 1.18 adds support for IPv6 and dual-stack networking, alongside compliance with RFC 7230 for handling hop-by-hop HTTP headers during service calls. These improvements significantly enhance interoperability and security for modern environments.
The timing of this release is particularly noteworthy, coinciding with increasing industry efforts to establish the infrastructure necessary for trustworthy AI systems. Organizations such as Microsoft, the Agentic AI Foundation (AAIF), and the Cloud Native Computing Foundation (CNCF) are actively focusing on governance, interoperability, identity verification, and provenance as core tenets for agent-based AI systems.
With Dapr 1.18, Diagrid positions itself at the forefront of the next phase of cloud-native computing. This evolution is no longer just about durable execution but emphasizes verifiable execution, where trust, provenance, and cryptographic accountability are intimately woven into the very fabric of the platforms that support AI and distributed applications.
Inspired by: Source

