ethersphere · nugaon · Sep 25, 2025 · Feb 27, 2026 · Feb 27, 2026 · Feb 27, 2026
diff --git a/openapi/Swarm.yaml b/openapi/Swarm.yaml
@@ -59,6 +59,11 @@ paths:
             $ref: "SwarmCommon.yaml#/components/parameters/SwarmActHistoryAddress"
           name: swarm-act-history-address
           required: false
+        - in: header
+          schema:
+            $ref: "SwarmCommon.yaml#/components/parameters/SwarmRedundancyLevelParameter"
+          name: swarm-redundancy-level
+          required: false
       requestBody:
         required: true
         content:
@@ -89,6 +94,11 @@ paths:
             $ref: "SwarmCommon.yaml#/components/schemas/SwarmEncryptedReference"
           required: true
           description: Grantee list reference
+        - in: header
+          schema:
+            $ref: "SwarmCommon.yaml#/components/parameters/SwarmRedundancyLevelParameter"
+          name: swarm-redundancy-level
+          required: false
       responses:
         "200":
           description: OK
@@ -139,6 +149,11 @@ paths:
             $ref: "SwarmCommon.yaml#/components/parameters/SwarmDeferredUpload"
           name: swarm-deferred-upload
           required: false
+        - in: header
+          schema:
+            $ref: "SwarmCommon.yaml#/components/parameters/SwarmRedundancyLevelParameter"
+          name: swarm-redundancy-level
+          required: false
       requestBody:
         required: true
         content:
@@ -306,6 +321,12 @@ paths:
         - $ref: "SwarmCommon.yaml#/components/parameters/SwarmPostageStamp"
         - $ref: "SwarmCommon.yaml#/components/parameters/SwarmAct"
         - $ref: "SwarmCommon.yaml#/components/parameters/SwarmActHistoryAddress"
+        - in: header
+          schema:
+            $ref: "SwarmCommon.yaml#/components/parameters/SwarmRedundancyLevelParameter"
+          name: swarm-redundancy-level
+          required: false
+          description: Redundancy level for ACT encryption only
       requestBody:
         description: Chunk binary data that has to have at least 8 bytes.
         content:
@@ -677,6 +698,12 @@ paths:
       summary: Pin the root hash with the given reference
       tags:
         - Pinning
+      parameters:
+        - in: header
+          schema:
+            $ref: "SwarmCommon.yaml#/components/parameters/SwarmRedundancyLevelParameter"
+          name: swarm-redundancy-level
+          required: false
       responses:
         "200":
           description: Pin already exists, so no operation
@@ -885,6 +912,12 @@ paths:
         - $ref: "SwarmCommon.yaml#/components/parameters/SwarmPostageStamp"
         - $ref: "SwarmCommon.yaml#/components/parameters/SwarmAct"
         - $ref: "SwarmCommon.yaml#/components/parameters/SwarmActHistoryAddress"
+        - in: header
+          schema:
+            $ref: "SwarmCommon.yaml#/components/parameters/SwarmRedundancyLevelParameter"
+          name: swarm-redundancy-level
+          required: false
+          description: Redundancy level for ACT encryption only
       requestBody:
         required: true
         description: The SOC binary data is composed of the span (8 bytes) and the at most 4KB payload.
@@ -983,6 +1016,12 @@ paths:
         - $ref: "SwarmCommon.yaml#/components/parameters/SwarmPostageBatchId"
         - $ref: "SwarmCommon.yaml#/components/parameters/SwarmAct"
         - $ref: "SwarmCommon.yaml#/components/parameters/SwarmActHistoryAddress"
+        - in: header
+          schema:
+            $ref: "SwarmCommon.yaml#/components/parameters/SwarmRedundancyLevelParameter"
+          name: swarm-redundancy-level
+          required: false
+          description: Redundancy level for ACT encryption only
       responses:
         "201":
           description: Created
@@ -1080,6 +1119,11 @@ paths:
             $ref: "SwarmCommon.yaml#/components/schemas/SwarmReference"
           required: true
           description: "Root hash of content (can be of any type: collection, file, chunk)"
+        - in: header
+          schema:
+            $ref: "SwarmCommon.yaml#/components/parameters/SwarmRedundancyLevelParameter"
+          name: swarm-redundancy-level
+          required: false
       responses:
         "200":
           description: Returns if the content is retrievable
@@ -1109,6 +1153,11 @@ paths:
             $ref: "SwarmCommon.yaml#/components/parameters/SwarmPostageBatchId"
           name: swarm-postage-batch-id
           description: Postage batch to use for re-upload. If none is provided and the file was uploaded on the same node before, it will reuse the same batch. If not found, it will return error. If a new batch is provided, the chunks are stamped again with the new batch.
+        - in: header
+          schema:
+            $ref: "SwarmCommon.yaml#/components/parameters/SwarmRedundancyLevelParameter"
+          name: swarm-redundancy-level
+          required: false
       responses:
         "200":
           description: OK

diff --git a/pkg/api/accesscontrol.go b/pkg/api/accesscontrol.go
@@ -100,10 +100,11 @@ func (s *Service) actDecryptionHandler() func(h http.Handler) http.Handler {
 			}
 
 			headers := struct {
-				Timestamp      *int64           `map:"Swarm-Act-Timestamp"`
-				Publisher      *ecdsa.PublicKey `map:"Swarm-Act-Publisher"`
-				HistoryAddress *swarm.Address   `map:"Swarm-Act-History-Address"`
-				Cache          *bool            `map:"Swarm-Cache"`
+				Timestamp      *int64            `map:"Swarm-Act-Timestamp"`
+				Publisher      *ecdsa.PublicKey  `map:"Swarm-Act-Publisher"`
+				HistoryAddress *swarm.Address    `map:"Swarm-Act-History-Address"`
+				Cache          *bool             `map:"Swarm-Cache"`
+				RLevel         *redundancy.Level `map:"Swarm-Redundancy-Level"`
 			}{}
 			if response := s.mapStructure(r.Header, &headers); response != nil {
 				response("invalid header params", logger, w)
@@ -125,8 +126,14 @@ func (s *Service) actDecryptionHandler() func(h http.Handler) http.Handler {
 			if headers.Cache != nil {
 				cache = *headers.Cache
 			}
+
+			rLevel := redundancy.PARANOID
+			if headers.RLevel != nil {
+				rLevel = *headers.RLevel
+			}
+
 			ctx := r.Context()
-			ls := loadsave.NewReadonly(s.storer.Download(cache), s.storer.Cache(), redundancy.DefaultLevel)
+			ls := loadsave.NewReadonly(s.storer.Download(cache), s.storer.Cache(), rLevel)
 			reference, err := s.accesscontrol.DownloadHandler(ctx, ls, paths.Address, headers.Publisher, *headers.HistoryAddress, timestamp)
 			if err != nil {
 				logger.Debug("access control download failed", "error", err)
@@ -157,9 +164,10 @@ func (s *Service) actEncryptionHandler(
 	putter storer.PutterSession,
 	reference swarm.Address,
 	historyRootHash swarm.Address,
+	rLevel redundancy.Level,
 ) (swarm.Address, swarm.Address, error) {
 	publisherPublicKey := &s.publicKey
-	ls := loadsave.New(s.storer.Download(true), s.storer.Cache(), requestPipelineFactory(ctx, putter, false, redundancy.NONE), redundancy.DefaultLevel)
+	ls := loadsave.New(s.storer.Download(true), s.storer.Cache(), requestPipelineFactory(ctx, putter, false, redundancy.NONE), rLevel)
 	storageReference, historyReference, encryptedReference, err := s.accesscontrol.UploadHandler(ctx, ls, reference, publisherPublicKey, historyRootHash)
 	if err != nil {
 		return swarm.ZeroAddress, swarm.ZeroAddress, err
@@ -193,7 +201,8 @@ func (s *Service) actListGranteesHandler(w http.ResponseWriter, r *http.Request)
 	}
 
 	headers := struct {
-		Cache *bool `map:"Swarm-Cache"`
+		Cache  *bool             `map:"Swarm-Cache"`
+		RLevel *redundancy.Level `map:"Swarm-Redundancy-Level"`
 	}{}
 	if response := s.mapStructure(r.Header, &headers); response != nil {
 		response("invalid header params", logger, w)
@@ -203,8 +212,14 @@ func (s *Service) actListGranteesHandler(w http.ResponseWriter, r *http.Request)
 	if headers.Cache != nil {
 		cache = *headers.Cache
 	}
+
+	rLevel := redundancy.PARANOID
+	if headers.RLevel != nil {
+		rLevel = *headers.RLevel
+	}
+
 	publisher := &s.publicKey
-	ls := loadsave.NewReadonly(s.storer.Download(cache), s.storer.Cache(), redundancy.DefaultLevel)
+	ls := loadsave.NewReadonly(s.storer.Download(cache), s.storer.Cache(), rLevel)
 	grantees, err := s.accesscontrol.Get(r.Context(), ls, publisher, paths.GranteesAddress)
 	if err != nil {
 		logger.Debug("could not get grantees", "error", err)
@@ -239,11 +254,12 @@ func (s *Service) actGrantRevokeHandler(w http.ResponseWriter, r *http.Request)
 	}
 
 	headers := struct {
-		BatchID        []byte         `map:"Swarm-Postage-Batch-Id" validate:"required"`
-		SwarmTag       uint64         `map:"Swarm-Tag"`
-		Pin            bool           `map:"Swarm-Pin"`
-		Deferred       *bool          `map:"Swarm-Deferred-Upload"`
-		HistoryAddress *swarm.Address `map:"Swarm-Act-History-Address" validate:"required"`
+		BatchID        []byte            `map:"Swarm-Postage-Batch-Id" validate:"required"`
+		SwarmTag       uint64            `map:"Swarm-Tag"`
+		Pin            bool              `map:"Swarm-Pin"`
+		Deferred       *bool             `map:"Swarm-Deferred-Upload"`
+		HistoryAddress *swarm.Address    `map:"Swarm-Act-History-Address" validate:"required"`
+		RLevel         *redundancy.Level `map:"Swarm-Redundancy-Level"`
 	}{}
 	if response := s.mapStructure(r.Header, &headers); response != nil {
 		response("invalid header params", logger, w)
@@ -255,6 +271,11 @@ func (s *Service) actGrantRevokeHandler(w http.ResponseWriter, r *http.Request)
 		historyAddress = *headers.HistoryAddress
 	}
 
+	rLevel := redundancy.PARANOID
+	if headers.RLevel != nil {
+		rLevel = *headers.RLevel
+	}
+
 	var (
 		tag      uint64
 		err      error
@@ -344,8 +365,8 @@ func (s *Service) actGrantRevokeHandler(w http.ResponseWriter, r *http.Request)
 
 	granteeref := paths.GranteesAddress
 	publisher := &s.publicKey
-	ls := loadsave.New(s.storer.Download(true), s.storer.Cache(), requestPipelineFactory(ctx, putter, false, redundancy.NONE), redundancy.DefaultLevel)
-	gls := loadsave.New(s.storer.Download(true), s.storer.Cache(), requestPipelineFactory(ctx, putter, granteeListEncrypt, redundancy.NONE), redundancy.DefaultLevel)
+	ls := loadsave.New(s.storer.Download(true), s.storer.Cache(), requestPipelineFactory(ctx, putter, false, redundancy.NONE), rLevel)
+	gls := loadsave.New(s.storer.Download(true), s.storer.Cache(), requestPipelineFactory(ctx, putter, granteeListEncrypt, redundancy.NONE), rLevel)
 	granteeref, encryptedglref, historyref, actref, err := s.accesscontrol.UpdateHandler(ctx, ls, gls, granteeref, historyAddress, publisher, grantees.Addlist, grantees.Revokelist)
 	if err != nil {
 		logger.Debug("failed to update grantee list", "error", err)
@@ -405,11 +426,12 @@ func (s *Service) actCreateGranteesHandler(w http.ResponseWriter, r *http.Reques
 	}
 
 	headers := struct {
-		BatchID        []byte         `map:"Swarm-Postage-Batch-Id" validate:"required"`
-		SwarmTag       uint64         `map:"Swarm-Tag"`
-		Pin            bool           `map:"Swarm-Pin"`
-		Deferred       *bool          `map:"Swarm-Deferred-Upload"`
-		HistoryAddress *swarm.Address `map:"Swarm-Act-History-Address"`
+		BatchID        []byte            `map:"Swarm-Postage-Batch-Id" validate:"required"`
+		SwarmTag       uint64            `map:"Swarm-Tag"`
+		Pin            bool              `map:"Swarm-Pin"`
+		Deferred       *bool             `map:"Swarm-Deferred-Upload"`
+		HistoryAddress *swarm.Address    `map:"Swarm-Act-History-Address"`
+		RLevel         *redundancy.Level `map:"Swarm-Redundancy-Level"`
 	}{}
 	if response := s.mapStructure(r.Header, &headers); response != nil {
 		response("invalid header params", logger, w)
@@ -421,6 +443,11 @@ func (s *Service) actCreateGranteesHandler(w http.ResponseWriter, r *http.Reques
 		historyAddress = *headers.HistoryAddress
 	}
 
+	rLevel := redundancy.PARANOID
+	if headers.RLevel != nil {
+		rLevel = *headers.RLevel
+	}
+
 	var (
 		tag      uint64
 		err      error
@@ -498,8 +525,8 @@ func (s *Service) actCreateGranteesHandler(w http.ResponseWriter, r *http.Reques
 	}
 
 	publisher := &s.publicKey
-	ls := loadsave.New(s.storer.Download(true), s.storer.Cache(), requestPipelineFactory(ctx, putter, false, redundancy.NONE), redundancy.DefaultLevel)
-	gls := loadsave.New(s.storer.Download(true), s.storer.Cache(), requestPipelineFactory(ctx, putter, granteeListEncrypt, redundancy.NONE), redundancy.DefaultLevel)
+	ls := loadsave.New(s.storer.Download(true), s.storer.Cache(), requestPipelineFactory(ctx, putter, false, redundancy.NONE), rLevel)
+	gls := loadsave.New(s.storer.Download(true), s.storer.Cache(), requestPipelineFactory(ctx, putter, granteeListEncrypt, redundancy.NONE), rLevel)
 	granteeref, encryptedglref, historyref, actref, err := s.accesscontrol.UpdateHandler(ctx, ls, gls, swarm.ZeroAddress, historyAddress, publisher, list, nil)
 	if err != nil {
 		logger.Debug("failed to create grantee list", "error", err)

diff --git a/pkg/api/bytes.go b/pkg/api/bytes.go
@@ -123,7 +123,7 @@ func (s *Service) bytesUploadHandler(w http.ResponseWriter, r *http.Request) {
 	encryptedReference := reference
 	historyReference := swarm.ZeroAddress
 	if headers.Act {
-		encryptedReference, historyReference, err = s.actEncryptionHandler(r.Context(), putter, reference, headers.HistoryAddress)
+		encryptedReference, historyReference, err = s.actEncryptionHandler(r.Context(), putter, reference, headers.HistoryAddress, headers.RLevel)
 		if err != nil {
 			logger.Debug("access control upload failed", "error", err)
 			logger.Error(nil, "access control upload failed")

diff --git a/pkg/api/bzz.go b/pkg/api/bzz.go
@@ -271,7 +271,7 @@ func (s *Service) fileUploadHandler(
 	reference := manifestReference
 	historyReference := swarm.ZeroAddress
 	if act {
-		reference, historyReference, err = s.actEncryptionHandler(r.Context(), putter, reference, historyAddress)
+		reference, historyReference, err = s.actEncryptionHandler(r.Context(), putter, reference, historyAddress, rLevel)
 		if err != nil {
 			logger.Debug("access control upload failed", "error", err)
 			logger.Error(nil, "access control upload failed")
@@ -406,7 +406,7 @@ func (s *Service) serveReference(logger log.Logger, address swarm.Address, pathV
 	}
 
 	ctx := r.Context()
-	ls := loadsave.NewReadonly(s.storer.Download(cache), s.storer.Cache(), redundancy.DefaultLevel)
+	ls := loadsave.NewReadonly(s.storer.Download(cache), s.storer.Cache(), rLevel)
 	feedDereferenced := false
 
 	ctx, err := getter.SetConfigInContext(ctx, headers.Strategy, headers.FallbackMode, headers.ChunkRetrievalTimeout, logger)

diff --git a/pkg/api/chequebook.go b/pkg/api/chequebook.go
@@ -22,7 +22,6 @@ import (
 
 const (
 	errChequebookBalance           = "cannot get chequebook balance"
-	errChequebookNoAmount          = "did not specify amount"
 	errChequebookNoWithdraw        = "cannot withdraw"
 	errChequebookNoDeposit         = "cannot deposit"
 	errChequebookInsufficientFunds = "insufficient funds"

diff --git a/pkg/api/chunk.go b/pkg/api/chunk.go
@@ -14,6 +14,7 @@ import (
 
 	"github.com/ethersphere/bee/v2/pkg/accesscontrol"
 	"github.com/ethersphere/bee/v2/pkg/cac"
+	"github.com/ethersphere/bee/v2/pkg/file/redundancy"
 	"github.com/ethersphere/bee/v2/pkg/soc"
 	"github.com/ethersphere/bee/v2/pkg/storer"
 
@@ -32,11 +33,12 @@ func (s *Service) chunkUploadHandler(w http.ResponseWriter, r *http.Request) {
 	logger := s.logger.WithName("post_chunk").Build()
 
 	headers := struct {
-		BatchID        []byte        `map:"Swarm-Postage-Batch-Id"`
-		StampSig       []byte        `map:"Swarm-Postage-Stamp"`
-		SwarmTag       uint64        `map:"Swarm-Tag"`
-		Act            bool          `map:"Swarm-Act"`
-		HistoryAddress swarm.Address `map:"Swarm-Act-History-Address"`
+		BatchID        []byte            `map:"Swarm-Postage-Batch-Id"`
+		StampSig       []byte            `map:"Swarm-Postage-Stamp"`
+		SwarmTag       uint64            `map:"Swarm-Tag"`
+		Act            bool              `map:"Swarm-Act"`
+		HistoryAddress swarm.Address     `map:"Swarm-Act-History-Address"`
+		RLevel         *redundancy.Level `map:"Swarm-Redundancy-Level"`
 	}{}
 	if response := s.mapStructure(r.Header, &headers); response != nil {
 		response("invalid header params", logger, w)
@@ -187,7 +189,11 @@ func (s *Service) chunkUploadHandler(w http.ResponseWriter, r *http.Request) {
 	reference := chunk.Address()
 	historyReference := swarm.ZeroAddress
 	if headers.Act {
-		reference, historyReference, err = s.actEncryptionHandler(r.Context(), putter, reference, headers.HistoryAddress)
+		rLevel := redundancy.PARANOID
+		if headers.RLevel != nil {
+			rLevel = *headers.RLevel
+		}
+		reference, historyReference, err = s.actEncryptionHandler(r.Context(), putter, reference, headers.HistoryAddress, rLevel)
 		if err != nil {
 			logger.Debug("access control upload failed", "error", err)
 			logger.Error(nil, "access control upload failed")

diff --git a/pkg/api/dirs.go b/pkg/api/dirs.go
@@ -104,7 +104,7 @@ func (s *Service) dirUploadHandler(
 	encryptedReference := reference
 	historyReference := swarm.ZeroAddress
 	if act {
-		encryptedReference, historyReference, err = s.actEncryptionHandler(r.Context(), putter, reference, historyAddress)
+		encryptedReference, historyReference, err = s.actEncryptionHandler(r.Context(), putter, reference, historyAddress, rLevel)
 		if err != nil {
 			logger.Debug("access control upload failed", "error", err)
 			logger.Error(nil, "access control upload failed")

diff --git a/pkg/api/feed.go b/pkg/api/feed.go
@@ -170,11 +170,12 @@ func (s *Service) feedPostHandler(w http.ResponseWriter, r *http.Request) {
 	}
 
 	headers := struct {
-		BatchID        []byte        `map:"Swarm-Postage-Batch-Id" validate:"required"`
-		Pin            bool          `map:"Swarm-Pin"`
-		Deferred       *bool         `map:"Swarm-Deferred-Upload"`
-		Act            bool          `map:"Swarm-Act"`
-		HistoryAddress swarm.Address `map:"Swarm-Act-History-Address"`
+		BatchID        []byte            `map:"Swarm-Postage-Batch-Id" validate:"required"`
+		Pin            bool              `map:"Swarm-Pin"`
+		Deferred       *bool             `map:"Swarm-Deferred-Upload"`
+		Act            bool              `map:"Swarm-Act"`
+		HistoryAddress swarm.Address     `map:"Swarm-Act-History-Address"`
+		RLevel         *redundancy.Level `map:"Swarm-Redundancy-Level"`
 	}{}
 	if response := s.mapStructure(r.Header, &headers); response != nil {
 		response("invalid header params", logger, w)
@@ -283,7 +284,11 @@ func (s *Service) feedPostHandler(w http.ResponseWriter, r *http.Request) {
 	encryptedReference := ref
 	historyReference := swarm.ZeroAddress
 	if headers.Act {
-		encryptedReference, historyReference, err = s.actEncryptionHandler(r.Context(), putter, ref, headers.HistoryAddress)
+		rLevel := redundancy.PARANOID
+		if headers.RLevel != nil {
+			rLevel = *headers.RLevel
+		}
+		encryptedReference, historyReference, err = s.actEncryptionHandler(r.Context(), putter, ref, headers.HistoryAddress, rLevel)
 		if err != nil {
 			logger.Debug("access control upload failed", "error", err)
 			logger.Error(nil, "access control upload failed")