Skip to content

APS Signing & Provenance

Goal

Assure authenticity + integrity of agent packages.

Format

  • DSSE envelopes (in-toto compatible)
  • Sign: aps sign
  • Verify: aps verify

Artifacts

agent/ aps/agent.yaml aps/provenance.json aps/signature.sig

Trust Model

  • Local key config
  • Future: public key registry / transparency log