Skip to content
Latchkey

What Is Artifact Attestation? Signed Claims About a Build

An artifact attestation is a signed statement that asserts something verifiable about a build artifact, such as how it was built or what it contains.

An attestation is a cryptographically signed claim bound to a specific artifact. "This image was built from this commit by this pipeline." "This binary has this SBOM." "This package passed these checks." Because it is signed and tied to the artifact's digest, anyone can verify the claim without trusting the channel it arrived on.

Attestation vs provenance

Provenance is one kind of attestation: a claim about how the artifact was built. Attestation is the broader idea, a signed statement of any verifiable fact about the artifact, including SBOMs, test results, or scan outcomes.

What gets attested

  • Build provenance: the source, builder, and process.
  • An SBOM listing the artifact's components.
  • Vulnerability or policy scan results.
  • Confirmation that required checks passed.

How it binds to the artifact

An attestation references the artifact by its content digest, not its name or tag. That means it stays valid only for the exact bytes it was made for; swap the artifact and the attestation no longer matches.

Verifying at deploy time

A deployment gate can require valid attestations before letting an artifact through: correct signer, matching digest, expected claims. This turns "we hope this image is legit" into "we verified it cryptographically."

Producing attestations in CI

Build platforms emit attestations as the artifact is produced, signing them with the builder's identity, often keylessly through a service like Sigstore. A trustworthy, isolated builder makes those attestations meaningful, because the claims describe a build the attacker could not have tampered with.

Key takeaways

  • An artifact attestation is a signed, verifiable claim bound to an artifact's digest.
  • Provenance is one kind of attestation; SBOMs and scan results are others.
  • Deployment gates can require valid attestations before accepting an artifact.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →