Introducing Verifiable Execution in Dapr 1.18

2026-06-11 · Source: Cloud Native Computing Foundation · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cloud Computing & IT Infrastructure, Cybersecurity & Data Privacy · Depth: Intermediate, medium

Summary

Dapr 1.18, released on June 11, 2026, introduces "Verifiable Execution," a new set of capabilities designed to bring attestation, provenance, and tamper-evident execution history to cloud-native workflows and AI agents. This release addresses the challenge of verifying execution in a tamper-proof way, moving beyond traditional observability which relies on trust. The core features include Workflow History Signing, which generates cryptographic signatures over workflow history records to detect modifications; Workflow History Propagation, enabling execution lineage to travel with requests across distributed systems; and Workflow Attestation, allowing workflows and activities to receive cryptographically verifiable execution context for trust-based decision-making. These capabilities build upon Dapr's existing SPIFFE-based workload identity, extending cryptographic trust from communication to execution itself, which is particularly crucial for autonomous AI agents that delegate work and interact across multiple services.

Key takeaway

For MLOps Engineers or AI Security Engineers deploying autonomous AI agents, Dapr 1.18's "Verifiable Execution" capabilities are critical. You should integrate Workflow History Signing and Attestation to establish cryptographic proof of execution lineage and prevent tampering. This ensures your AI systems can make decisions based on verified provenance, significantly enhancing trust and compliance in regulated or sensitive environments. Experiment with these new features to build more trustworthy AI applications.

Key insights

Dapr 1.18 introduces Verifiable Execution to cryptographically assure workflow history and provenance in distributed systems and AI agents.

Principles

• Observability alone is insufficient for trust.
• Cryptographic identity underpins execution trust.
• Provenance must be a first-class citizen.

Method

Dapr 1.18 enables Verifiable Execution via Workflow History Signing for tamper detection, Workflow History Propagation for lineage tracking, and Workflow Attestation for verified context.

In practice

• Banks can restrict wire transfers to approved workflows.
• Healthcare processors can validate claim execution history.
• AI agents can verify delegated work provenance.

Topics

• Dapr 1.18
• Verifiable Execution
• Workflow Attestation
• AI Agents
• SPIFFE Identity
• Cloud Native Security

Best for: AI Architect, CTO, VP of Engineering/Data, AI Engineer, MLOps Engineer, AI Security Engineer

Related on AIssential

• Shafi Goldwasser Provides 'A Cryptographic Perspective on Trustworthy AI' — Cryptography offers a robust framework for defining, achieving, and proving trustworthiness in AI systems against adversarial threats.
• The Air-Gapped Chronicles: The Model Zoo Ambush — When Your ‘Pretrained’ AI Ships the Attack — AI supply chain attacks exploit opaque model artifacts and lack of provenance, necessitating rigorous security measures beyond traditional AppSec.
• Zero Trust for AI Agents — Securing autonomous AI agents requires adapting Zero Trust principles to dynamic, multi-layered threats.
• Hardcoding Security into Every Commit: The Future of Snyk Secrets — AI agents generate and execute secrets, expanding the attack surface and demanding proactive, integrated security solutions beyond traditional scanning.
• Tilebox Launches Verifiable AI Workflows for Satellite Data — Operational geospatial AI requires verifiable workflows with inspectable records, enabling trust and reproducibility beyond mere fast answers.
• How a Penetration Test Builds Customer Trust & Strengthens ISO 42001 Certification — AI-powered attacks and agentic frameworks create novel, adaptive security risks that demand specialized penetration testing beyond traditional audits.

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Cloud Native Computing Foundation.