Skip to main content

OCI-native file artifacts

Every file, provably authentic.

Sign and attest file archives in OCI registries. Carry cryptographic provenance wherever they go.

Get StartedView on GitHub
99.99%less bandwidth on partial reads
Integrity LedgerSigned chain of custody
Signed
Sigstore signature
sig-2f9a
Manifest
Manifest digest
sha256:9d2f...c8e1
Index
Index blob digests
idx:3c91
Per-file
SHA256 on read
file:7b1e
Per-file verification, end-to-end.Verified

The gap

You sign your container images. What about everything else?

Config files. ML models. Deployment artifacts. Certificates. They move between systems with no provenance, no integrity, and full downloads every time.

Unsigned fileNo provenance
Blob fileVerified
sha2561f8c...b91a

Trust, end-to-end

Make provenance visible, then prove it.

Blob turns file archives into verifiable, browsable artifacts that behave like container images.

Sigstore + SLSA

Prove origin

Attach signatures and attestations to file archives in OCI registries—then verify every file on read.

Per-file SHA256

Verify on read

Tamper with a single byte and verification fails instantly.

Range reads

Only fetch what you use

Browse and stream without downloading a 1GB archive.

SignedSigstore signature
ManifestDigest anchor
Index BlobFile map
Per-fileSHA256 on read
Every file inherits the signature above it.

Flow

Provenance Flow

Same guarantees as container images, for any file.

1

Build

GitHub Actions

2

Sign

Sigstore

3

Attest

SLSA provenance

4

Push

OCI registry

5

Pull

Consumer system

6

Verify + Extract

Policy checks on read

Example: GitHub Actions → GHCR → production host

Performance

Built for speed at file granularity.

Why download 1GB to read a 64KB config? Blob uses HTTP Range Requests to fetch exactly what you need, when you need it.

Traditional archive
1.0 GB
Blob range fetch
~65 KB
26 ns
lookup
43x
faster
99.99%
saved

API

Simple Go API

Push with signing in one call.Pull with policy enforcement and lazy reads.
// Push a directory to registry
c, _ := blob.NewClient(blob.WithDockerConfig())
c.Push(ctx, "ghcr.io/org/configs:v1", "./src")

// Pull with verification policies
sigPolicy, _ := sigstore.GitHubActionsPolicy("myorg/myrepo")
slsaPolicy, _ := slsa.GitHubActionsWorkflow("myorg/myrepo")

c, _ := blob.NewClient(
    blob.WithDockerConfig(),
    blob.WithPolicy(policy.RequireAll(sigPolicy, slsaPolicy)),
)

// Lazy load - only downloads what you read
archive, _ := c.Pull(ctx, "ghcr.io/org/configs:v1")
stats, _ := archive.CopyDir("./output", "configs/")
fmt.Printf("Extracted %d files
", stats.FileCount)