Skip to content

mokkunsuzuki-code/stage374

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Stage374: Production Sigstore Signing & Rekor Inclusion Verification Gate

Stage374 extends Stage373 by performing real Sigstore signing and Rekor transparency-log inclusion verification for the Stage373 final-acceptance attestation.

Purpose

Stage373 created a canonical attestation that binds:

  • Stage372 result SHA256
  • Stage372 manifest SHA256
  • Stage372 binding SHA256
  • Stage373 attestation SHA256

Stage374 moves from preparation to production verification.

It:

  • re-hashes the Stage373 attestation
  • uses GitHub Actions OIDC
  • signs the attestation with Cosign
  • generates a Sigstore bundle
  • verifies the signed blob
  • verifies the expected workflow identity
  • verifies the GitHub Actions OIDC issuer
  • verifies transparency-log inclusion through Cosign
  • creates safe execution and Rekor receipts
  • sets external_transparency_bound: true only after complete verification

Current Initial State

Before the GitHub Actions workflow is run:

  • decision: production_execution_pending
  • external_transparency_bound: false
  • stage372_final_acceptance: false

This is the correct safe initial state.

Successful Current-State Decision

Because Stage372 remains:

  • decision: final_acceptance_pending
  • timestamp_verified: false

a successful Stage374 external verification produces:

  • decision: pending_state_transparency_bound
  • external_transparency_bound: true
  • stage372_final_acceptance: false

Stage374 does not convert Stage372 pending status into timestamp verification.

GitHub Actions OIDC

The production workflow uses:

  • contents: read
  • id-token: write
  • Cosign v3.1.1
  • fixed target path
  • fixed workflow identity
  • fixed OIDC issuer
  • no repository write permission

Expected Identity

https://github.com/mokkunsuzuki-code/stage374/.github/workflows/stage374-production-sigstore.yml@refs/heads/main

Expected OIDC Issuer

https://token.actions.githubusercontent.com

Public Evidence

  • docs/sigstore-production/stage374_production_sigstore_input.json
  • docs/sigstore-production/stage374_cosign_execution_receipt.json
  • docs/sigstore-production/stage374_rekor_inclusion_receipt.json
  • docs/sigstore-production/stage373_attestation.sigstore.bundle.json
  • docs/sigstore-production/stage374_production_external_binding_result.json
  • docs/sigstore-production/stage374_production_external_binding_summary.txt

The bundle and successful receipts are published only after downloading and validating the GitHub Actions artifact.

Safety Boundary

Stage374 does not publish:

  • private keys
  • OIDC tokens
  • GitHub tokens
  • access tokens
  • API keys
  • raw QKD key material
  • raw timestamp binaries
  • raw environment variables
  • browser authentication codes
  • free-form shell commands

ML-DSA

Stage374 does not perform ML-DSA signing.

Production ML-DSA dual-signature verification and downgrade prevention belong to Stage375.

License

MIT License.

Current Verified Production State

Stage374 completed real GitHub Actions OIDC signing and external transparency verification.

Current result:

  • decision: pending_state_transparency_bound
  • external_transparency_bound: true
  • stage372_final_acceptance: false
  • GitHub Actions run: 29295518405
  • Cosign version: 3.1.1
  • signature verification: successful
  • workflow identity verification: successful
  • OIDC issuer verification: successful
  • Rekor inclusion verification: successful

Stage374 preserves the Stage372 pending state. External transparency binding does not convert the pending timestamp result into final timestamp acceptance.

Execution Scope

execute_external_operations: false applies only to the local Python gate.

External operations are:

  • disabled in the local gate
  • authorized only in the fixed GitHub Actions workflow
  • executed through GitHub Actions OIDC
  • recorded through public, secret-free verification receipts

Rekor Audit Details

The Stage374 GitHub Actions workflow extracts public Rekor details from the Sigstore bundle, including:

  • Rekor log ID
  • Rekor log index
  • integrated time
  • inclusion-proof root hash
  • inclusion-proof tree size
  • Signed Entry Timestamp SHA256

entry_uuid is not invented when it is not present in the Sigstore bundle.

About

Stage374: Production Sigstore Signing and Rekor Inclusion Verification Gate using GitHub Actions OIDC, Cosign bundles, identity verification, and fail-closed external transparency binding.

Topics

Resources

License

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages