Skip to main content

Module trust

Module trust 

Source
Expand description

Pinned-root trust model for the registry index (audit C1).

The registry index is the system’s trust root: it names artifact URLs, checksums, detached signatures, and the public keys that verify those signatures. If the index itself is unauthenticated, an attacker who controls the index (MITM on a plaintext URL, a malicious $VANTA_REGISTRY, a compromised mirror) can supply their own keypair and sign malicious bytes — signature verification then provides zero protection.

This module implements a minimal but real pinned-root model:

  1. A small set of root public keys is pinned out-of-band — compiled in (COMPILED_IN_ROOT_KEYS) and/or loaded from the user-owned trusted config at <trust_dir>/roots.toml (load_root_keys). Roots are never sourced from the fetched index.
  2. A fetched index must carry a detached signature that index_signed_by_root verifies against one of the pinned roots before its entries are trusted.
  3. A per-artifact signing key (carried in the index) is only trusted if the index that carried it was itself verified against a pinned root (transitive trust), or that key is itself in the pinned set (artifact_key_is_trusted). Otherwise it is treated as unverified.

Verification is fail-closed throughout: any parse/length/scheme failure denies trust rather than granting it.

Constants§

COMPILED_IN_ROOT_KEYS
Compiled-in trusted root public keys (minisign format, one full key text per entry — the same shape minisign writes, including the untrusted comment: line).

Functions§

artifact_key_is_trusted
Whether a per-artifact signing key (carried by the index) may be trusted.
index_signed_by_root
Whether index_bytes carries a detached signature produced by one of the pinned roots. Tries every root and returns true on the first that verifies; returns false if none do (including when roots is empty).
load_root_keys
Load the set of pinned root public-key texts: the compiled-in roots plus any the operator placed in the user-owned <trust_dir>/roots.toml. These are the only keys ever trusted to authenticate an index; they are never read from a fetched index.