Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
-
Updated
Jun 12, 2024 - Go
Chainloop is an Open Source evidence store for your Software Supply Chain attestations, SBOMs, VEX, SARIF, CSAF files, QA reports, and more.
Attestation and Secret Delivery Components
Python implementation of OWASP CycloneDX
A highly configurable build executor and observer designed to generate signed SLSA provenance attestations about build runs.
A CNCF Project to Bootstrap & Maintain Trust on the Edge / Cloud and IoT
attestation.app remote attestation server. Server code for use with the Auditor app: https://github.com/GrapheneOS/Auditor. It provides two services: submission of attestation data samples and a remote attestation implementation with email alerts to go along with the local implementation based on QR code scanning in the app.
Confidential Computing Zoo provides confidential computing solutions based on Intel SGX, TDX, HEXL, etc. technologies.
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.
Calculate AMD SEV/SEV-ES/SEV-SNP measurement for confidential computing
Verax is a shared registry for storing attestations of public interest on EVM chains, designed to enhance data discoverability and consumption for dApps across the network.
Proof-of-concept implementation of the IETF RATS Reference Interaction Model for Challenge-Response-based Remote Attestation.
Verify and assert policy on YubiKey attestation certificates
Auditor app prebuilt using the latest official release of the Auditor app.
Batch create onchain EAS attestations using the power of CSV and copy/paste. Supports any old ETH wallet as well as fancy new Safe multisig wallets. It's an attest fest, yaay!
OpenAPI definitions for DataTrails
Add a description, image, and links to the attestation topic page so that developers can more easily learn about it.
To associate your repository with the attestation topic, visit your repo's landing page and select "manage topics."