What Is Provenance? Proving Where an Artifact Came From
Provenance is tamper-evident metadata that records how an artifact was built: from what source, by what process, on what platform, and when.
When you download a build artifact, how do you know it really came from the source you trust and was not swapped along the way? Provenance answers that. It is a signed record of the build: the inputs, the builder, the commit, the steps. With provenance, you can verify an artifact's origin instead of taking it on faith.
What provenance records
- The source repository and exact commit the build used.
- The build platform and builder identity.
- The build steps or recipe that ran.
- A timestamp and references to the produced artifacts.
Why it has to be signed
Unsigned metadata is just a claim an attacker can forge. Provenance is signed by the build platform so consumers can verify it has not been altered and that it really came from the builder it names.
The in-toto standard
Provenance is commonly expressed using the in-toto attestation format, a standard structure for "this builder produced this artifact from these inputs." Standardizing the shape lets verification tools consume provenance from any compliant platform.
Verifying provenance
A consumer (or a deployment gate) checks that an artifact has provenance, that the signature is valid, and that the recorded source and builder match what is expected. A mismatch, or missing provenance, is a reason to reject the artifact.
Generating it in CI
The build platform generates provenance as the artifact is produced, capturing the real inputs rather than a claimed recipe. A hardened, isolated builder makes that provenance trustworthy, because the attacker had no opportunity to tamper with the build it describes.
Key takeaways
- Provenance is signed metadata describing exactly how an artifact was built.
- It records source, commit, builder, and steps so origin can be verified.
- The in-toto format standardizes it; signing makes it tamper-evident.