Distributed
Artifact
Signing

Building trust into binaries.

How can we verify the authenticity of downloads on the web?

When downloading files from the internet, we have little or no way of knowing whether a file has been tampered with. This opens a massive vulnerability to data breaches and malware.

What is Code Signing?

Code Signing is a method that software vendors use to try to demonstrate to their users that their software is safe to use. All trust is placed in these large centralised companies. This trust is not always well-founded:


How can we trust anything,
if not our own files?

The Solution

Binsignia offers a way to cross-reference binary checksums to ensure that files have not been tampered with. This adds a new layer of security on top of plain checksums. This approach has the benefit of being able

How it Works

Code Signing is a method that software vendors use to try to demonstrate to their users that their software is safe to use. All trust is placed in these large centralised companies. This trust is not always well-founded:

For Everyone

Code Signing is a method that software vendors use to try to demonstrate to their users that their software is safe to use. All trust is placed in these large centralised companies. This trust is not always well-founded: