docs.zktx.io

Appearance

SLSA on Blockchain

Overview

SLSA on Blockchain is a web front and backend that facilitates signing transactions with an external wallet during the deployment of smart contracts on the blockchain. It is part of SLSA (Supply-chain Levels for Software Artifacts), created for signing blockchain transactions. The information delivered to the web front includes details for creating transactions and signed provenance.

SLSA on Blockchain

  • The action that runs in the GitHub workflow uses generator_generic_slsa3.yml developed by the SLSA framework.
  • Sigstore is an open source project designed to enhance software supply chain security by enabling secure signing and verification of software artifacts, using ephemeral signing keys and recording signing events in a tamper-resistant public log for auditing.
  • Rekor provides an immutable, tamper-resistant ledger for recording signed metadata within a software project's supply chain, enabling secure validation and transparency of software artifacts through a RESTful API and CLI, and supporting various manifest schemas and PKI tooling.

Github

Get started with SLSA on Blockchain and learn by github

Copyright © 2024 zktx.io