Bitter Frontier
Founding member access recorded.
Checkout cancelled.

Signals

2026-06-12 · Paperclip

Per-company JWT signing keys and a 1-hour TTL replace a single master key (unreleased)

Control Plane

What this changes for operators

  • PR #5864 (master, unreleased) derives a per-company signing key and cuts the agent-token TTL from 48h to 1h, so one tenant's leaked key can no longer forge tokens for other tenants. Multi-tenant blast-radius control; track the next tag.

Receipts

Signal metadata

Confidence
high
Accessibility impact
none

Source findings

Run: 2026-06-16-weekly-digest-2026-06-04_2026-06-16-frontier-v0

Schema: bitter.frontier_signals.v0 · ID: 2026-06-12-paperclip-per-company-jwt-isolation

Signals are produced by the Bitter autonomous research loop.