attestation

Star

Here are 157 public repositories matching this topic...

Language:All

Filter by language

All157 Go28 Python21 JavaScript17 TypeScript16 C10 Rust9 Shell8 HTML6 Java6 Kotlin6

Sort:Most stars

Sort options

Most stars Fewest stars Most forks Fewest forks Recently updated Least recently updated

GrapheneOS /Auditor

Star601

Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verification with support for alert emails. It uses hardware-backed keys and attestation support as the foundation and chains trust to the app for software checks.

android security cryptography monitoring integrity hsm secure-boot authenticity attestation verifiedboot remote-attestation secureboot strongbox grapheneos

UpdatedNov 27, 2025
Java

chainloop-dev /chainloop

Star513

SDLC evidence store and policy engine for your Software Supply Chain attestations, SBOMs, VEX, SARIF, QA reports, and more

security open-source-licensing compliance license spdx attestation devsecops ospo oss-compliance sbom in-toto cyclonedx slsa supply-chain-security sbom-distribution slsa-provenance metadata-platform sbom-discovery regulated-industry

UpdatedNov 28, 2025
Go

in-toto /witness

Star506

Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.

security supply-chain verification attestation security-tools

UpdatedNov 26, 2025
Go

keylime /keylime

Star496

A CNCF Project to Bootstrap & Maintain Trust on the Edge / Cloud and IoT

iot security opensource cloud virtualization edge tpm ima attestation

UpdatedNov 27, 2025
Python

google /go-attestation

Star406

Libraries to abstract aspects of working with TPMs for the purposes of attestation

tpm tpm2 attestation device-identifier

UpdatedNov 25, 2025
Go

intel /confidential-computing-zoo

Star338

Confidential Computing Zoo provides confidential computing solutions based on Intel SGX, TDX, HEXL, etc. technologies.

cloud containers sgx enclave attestation key-management tdx confidential-computing

UpdatedNov 26, 2025
C++

bureado /awesome-software-supply-chain-security

Star338

A compilation of resources in the software supply chain security domain, with emphasis on open source

static-analysis awesome-list security-vulnerability dependencies vulnerability-management software-supply-chain cve-scanning attestation package-management reproducible-builds devsecops software-composition-analysis vulnerability-scanning dependency-management oss-compliance sbom supply-chain-security supply-chain-attacks software-supply-chain-security

UpdatedApr 24, 2023

in-toto /attestation

Star311

in-toto Attestation Framework

attestation software-supply-chain-security

UpdatedNov 25, 2025
Rust

ShaneK2 /inVtero.net

Star290

inVtero.net: A high speed (Gbps) Forensics, Memory integrity & assurance. Includes offensive & defensive memory capabilities. Find/Extract processes, hypervisors (including nested) in memory dumps using microarchitechture independent Virtual Machiene Introspection techniques

virtual-machine reverse-engineering hypervisor forensics memory-hacking cloud-computing memory-analysis attestation patch-management microarchitecture secure-hash memory-dump integrity-monitoring

UpdatedSep 30, 2023
C#

Consensys /linea-attestation-registry

Star169

Verax is a shared registry for storing attestations of public interest on EVM chains, designed to enhance data discoverability and consumption for dApps across the network.

typescript sdk smart-contracts solidity web3 evm attestation linea thegraph

UpdatedNov 23, 2025
TypeScript

a-sit-plus /signum

Star148

Kotlin Multiplatform Crypto/PKI/ASN.1 Library with Attestation and Hardware-Backed Crypto Support on Mobile

kotlin jwt cryptography crypto encryption aes signature rsa jose pki asn1 ecdsa ecdh attestation cwt cose kmp kotlin-multiplatform asn-1 key-agreement

UpdatedNov 23, 2025
Kotlin

GrapheneOS /AttestationServer

Star140

attestation.app remote attestation server. Server code for use with the Auditor app:https://github.com/GrapheneOS/Auditor. It provides two services: submission of attestation data samples and a remote attestation implementation with email alerts to go along with the local implementation based on QR code scanning in the app.

android security cryptography monitoring integrity hsm secure-boot authenticity attestation verifiedboot remote-attestation secureboot strongbox grapheneos

UpdatedNov 28, 2025
Java

confidential-containers /trustee

Star120

Attestation and Secret Delivery Components

attestation key-management confidential-computing

UpdatedNov 28, 2025
Rust

coinbase /verifications

Star118

📜 "Coinbase Verifications" is a set of Coinbase-verified onchain attestations that enable access to apps and other onchain benefits.

ethereum attestation did optimism decentralized-identity verifiable-credentials onchain account-verification op-stack ethereum-attestation-service

UpdatedAug 14, 2024
Solidity

mchmarny /s3cme

Star103

Template Go app repo with local test/lint/build/vulnerability check workflow, and on tag image test/build/release pipelines, with ko generative SBOM, cosign attestation, and SLSA build provenance

provenance vulnerability oidc cosine attestation sbom slsa supply-chain-security

UpdatedApr 23, 2024
Go

CycloneDX /cyclonedx-python-lib

Star94

Python implementation of OWASP CycloneDX

python library owasp bom vex spdx hacktoberfest attestation bill-of-materials software-bill-of-materials purl package-url sbom software-library cyclonedx obom mbom saasbom cbom

UpdatedNov 28, 2025
Python

hex-five /multizone-sdk

Star86

MultiZone® Security TEE is the quick and safe way to add security and separation to any RISC-V processors. The RISC-V standard ISA doesn't define TrustZone-like primitives to provide hardware separation. To shield critical functionality from untrusted third-party components, MultiZone provides hardware-enforced, software-defined separation of multi