Diagrid Brings Verifiable Execution for AI Agents and Workflows to Dapr 1.18

Diagrid, developer of the world’s most reliable foundation for mission-critical workflows and autonomous AI agents and the company behind the Distributed Application Runtime (Dapr), a Cloud Native Computing Foundation (CNCF) graduated project, today announced the release of Dapr 1.18, a landmark update that creates a new foundation for trusted AI agents, workflows, and distributed applications. Specifically, the release introduces Workflow History Signing, Workflow History Propagation, and Workflow Attestation, enabling organizations to cryptographically verify how work was performed, what identity had custody, and whether execution history has remained intact.

Also Read: CIO Influence Interview with Hugo Dozois-Caouette, CTO and Co-founder at MaintainX

Dapr 1.18 introduces Workflow History Signing, Workflow History Propagation, and Workflow Attestation, enabling organizations to cryptographically verify how work was performed, what identity had custody, and whether execution history has remained intact.

One of the most significant capability expansions since Dapr 1.0, the latest version delivers new tools that tie reliability and security together into a cohesive story for organizations building cloud native and agentic AI applications at scale.

“The first wave of AI focused on making models intelligent. The next wave will focus on making AI systems trustworthy,” said Yaron Schneider, co-founder and CTO of Diagrid and chair of the Agentic AI Foundation Workflows Working Group. “When an AI agent approves a transaction, accesses sensitive data, or triggers a business process, organizations need the ability to prove what happened in a way that’s tamper-proof. Dapr 1.18 brings that capability to workflows and AI agents through verifiable execution.”

The Missing Layer in AI and Workflow Infrastructure

Over the last decade, the industry has made enormous progress in making distributed systems resilient. Applications can recover from failures, workflows can resume after crashes, and AI agents can retry failed operations and continue execution across long-running processes.

But one critical question has remained largely unanswered: Can execution be verified? When an AI agent makes a decision, invokes a tool, delegates work to another agent, or triggers a workflow, a number of questions arise:

• How can you prove what actually happened and by which identities?
• How can security teams verify that execution history was not modified?
• How can compliance teams establish a chain of custody for critical decisions?
• And how can downstream systems determine whether execution context can be trusted?

Dapr 1.18 introduces a new answer to these questions: Verifiable Execution, driven by three new capabilities:

• Workflow History Signing: Workflow execution history can be cryptographically signed, making execution records tamper-evident and independently verifiable, signed by application identities backed by the open SPIFFE standard.
• Workflow History Propagation: Execution lineage can travel across workflow, service, and application boundaries, allowing downstream systems to understand and validate the origin and history of requests.
• Workflow Attestation: Activities and child workflows can receive attested execution context, enabling policy, security, compliance, and trust decisions based on verified provenance.

Together, these capabilities allow organizations to establish cryptographic chains of execution that extend across workflows, services, and AI agents.

A Foundation for Trusted AI Systems

As organizations increasingly deploy AI agents into production environments, industry efforts have begun focusing on governance, interoperability and trust. Verifiable Execution represents an important step toward bringing cryptographic integrity and provenance to agentic systems.

Organizations are increasingly asked to prove things like AI decision provenance, regulatory compliance, operational accountability, data lineage, and software and infrastructure integrity. The same principles that transformed software delivery through software signing, software attestations, and software supply chain security are now extending into workflow execution and AI systems.

Dapr 1.18 brings those principles to distributed applications, workflows, and AI agents. Other highlights of the latest release include:

• Jobs API Now Stable: The Jobs API for scheduling future and recurring work graduates to stable in 1.18, backed by performance regression tests and ready for production-critical scheduled workloads.
• Component and Configuration Hot-Reloading Now GA: Hot-reloading for components and configurations is now generally available, enabling zero-downtime configuration updates without application restarts. Hot reloading is enabled by default across six resource types, including subscriptions and HTTP endpoints
• Actor API Improvements: Actor applications can now open a single bidirectional gRPC stream to the sidecar to receive all callback types without exposing an inbound server port, simplifying networking and reducing attack surface.
• Runtime Security and Networking: The 1.18 runtime includes IPv6 and dual-stack support, RFC 7230-compliant hop-by-hop header stripping during service invocation.

These capabilities were designed and contributed by engineers from Diagrid in collaboration with the Dapr community. As the primary contributor to Dapr and Dapr Agents, Diagrid has invested heavily in advancing the future of durable execution, distributed systems, and AI orchestration.

By combining durable execution, workflow history propagation, cryptographic history signing, workflow attestation, and verifiable execution provenance, Dapr 1.18 extends durable execution beyond resilience and into trust.

Catch more CIO Insights: What Does “Job-Ready” Really Mean in IT and Cybersecurity?

[To share your insights with us, please write to psen@itechseries.com ]