evan.jarrett.net
ATProto Signature Verification Plugins and Examples#
This directory contains reference implementations and examples for integrating ATProto signature verification into various tools and workflows.
Overview#
ATCR uses ATProto's native signature system to cryptographically sign container images. To integrate signature verification into existing tools (Kubernetes, CI/CD, container runtimes), you can:
- Build plugins for verification frameworks (Ratify, Gatekeeper, Containerd)
- Use external services called by policy engines
- Integrate CLI tools in your CI/CD pipelines
Directory Structure#
examples/plugins/
├── README.md # This file
├── ratify-verifier/ # Ratify plugin for Kubernetes
│ ├── README.md
│ ├── verifier.go
│ ├── config.go
│ ├── resolver.go
│ ├── crypto.go
│ ├── Dockerfile
│ ├── deployment.yaml
│ └── verifier-crd.yaml
├── gatekeeper-provider/ # OPA Gatekeeper external provider
│ ├── README.md
│ ├── main.go
│ ├── verifier.go
│ ├── resolver.go
│ ├── crypto.go
│ ├── Dockerfile
│ ├── deployment.yaml
│ └── provider-crd.yaml
├── containerd-verifier/ # Containerd bindir plugin
│ ├── README.md
│ ├── main.go
│ └── Dockerfile
└── ci-cd/ # CI/CD integration examples
├── github-actions.yml
├── gitlab-ci.yml
└── jenkins-pipeline.groovy
Quick Start#
For Kubernetes (Recommended)#
Option A: Ratify Plugin
cd ratify-verifier
# Build plugin and deploy to Kubernetes
./build.sh
kubectl apply -f deployment.yaml
kubectl apply -f verifier-crd.yaml
Option B: Gatekeeper Provider
cd gatekeeper-provider
# Build and deploy external provider
docker build -t atcr.io/atcr/gatekeeper-provider:latest .
kubectl apply -f deployment.yaml
kubectl apply -f provider-crd.yaml
For CI/CD#
GitHub Actions
# Copy examples/plugins/ci-cd/github-actions.yml to .github/workflows/
cp ci-cd/github-actions.yml ../.github/workflows/verify-and-deploy.yml
GitLab CI
# Copy examples/plugins/ci-cd/gitlab-ci.yml to your repo
cp ci-cd/gitlab-ci.yml ../.gitlab-ci.yml
For Containerd#
cd containerd-verifier
# Build plugin
./build.sh
# Install to containerd plugins directory
sudo cp atcr-verifier /opt/containerd/bin/
Plugins Overview#
Ratify Verifier Plugin ⭐#
Use case: Kubernetes admission control with OPA Gatekeeper
How it works:
- Gatekeeper receives pod creation request
- Calls Ratify verification engine
- Ratify loads ATProto verifier plugin
- Plugin verifies signature and checks trust policy
- Returns allow/deny decision to Gatekeeper
Pros:
- Standard Ratify plugin interface
- Works with existing Gatekeeper deployments
- Can combine with other verifiers (Notation, Cosign)
- Policy-based enforcement
Cons:
- Requires building custom Ratify image
- Plugin must be compiled into image
- More complex deployment
See: ratify-verifier/README.md
Gatekeeper External Provider ⭐#
Use case: Kubernetes admission control with OPA Gatekeeper
How it works:
- Gatekeeper receives pod creation request
- Rego policy calls external data provider API
- Provider verifies ATProto signature
- Returns verification result to Gatekeeper
- Rego policy makes allow/deny decision
Pros:
- Simpler deployment (separate service)
- Easy to update (no Gatekeeper changes)
- Flexible Rego policies
- Can add caching, rate limiting
Cons:
- Additional service to maintain
- Network dependency (provider must be reachable)
- Slightly higher latency
See: gatekeeper-provider/README.md
Containerd Bindir Plugin#
Use case: Runtime-level verification for all images
How it works:
- Containerd pulls image
- Calls verifier plugin (bindir)
- Plugin verifies ATProto signature
- Returns result to containerd
- Containerd allows/blocks image
Pros:
- Works at runtime level (not just Kubernetes)
- CRI-O, Podman support (CRI-compatible)
- No Kubernetes required
- Applies to all images
Cons:
- Containerd 2.0+ required
- More complex to debug
- Less flexible policies
See: containerd-verifier/README.md
CI/CD Integration Examples#
GitHub Actions#
Complete workflow with:
- Image signature verification
- DID trust checking
- Automated deployment on success
GitLab CI#
Pipeline with:
- Multi-stage verification
- Trust policy enforcement
- Manual deployment approval
See: ci-cd/gitlab-ci.yml
Jenkins#
Declarative pipeline with:
- Signature verification stage
- Deployment gates
- Rollback on failure
See: ci-cd/jenkins-pipeline.groovy (coming soon)
Common Components#
All plugins share common functionality:
DID Resolution#
Resolve DID to public key:
func ResolveDIDToPublicKey(ctx context.Context, did string) (*PublicKey, error)
Steps:
- Fetch DID document from PLC directory or did:web
- Extract verification method
- Decode multibase public key
- Parse as K-256 public key
PDS Communication#
Fetch repository commit:
func FetchCommit(ctx context.Context, pdsEndpoint, did, commitCID string) (*Commit, error)
Steps:
- Call
com.atproto.sync.getRepoXRPC endpoint - Parse CAR file response
- Extract commit with matching CID
- Return commit data and signature
Signature Verification#
Verify ECDSA K-256 signature:
func VerifySignature(pubKey *PublicKey, commit *Commit) error
Steps:
- Extract unsigned commit bytes
- Hash with SHA-256
- Verify ECDSA signature over hash
- Check signature is valid for public key
Trust Policy#
Check if DID is trusted:
func IsTrusted(did string, now time.Time) bool
Steps:
- Load trust policy from config
- Check if DID in trusted list
- Verify validFrom/expiresAt timestamps
- Return true if trusted
Trust Policy Format#
All plugins use the same trust policy format:
version: 1.0
trustedDIDs:
did:plc:alice123:
name: "Alice (DevOps Lead)"
validFrom: "2024-01-01T00:00:00Z"
expiresAt: null
did:plc:bob456:
name: "Bob (Security Team)"
validFrom: "2024-06-01T00:00:00Z"
expiresAt: "2025-12-31T23:59:59Z"
policies:
- name: production-images
scope: "atcr.io/*/prod-*"
require:
signature: true
trustedDIDs:
- did:plc:alice123
- did:plc:bob456
minSignatures: 1
action: enforce
- name: dev-images
scope: "atcr.io/*/dev-*"
require:
signature: false
action: audit
Implementation Notes#
Dependencies#
All plugins require:
- Go 1.21+ for building
- ATProto DID resolution (PLC directory, did:web)
- ATProto PDS XRPC API access
- ECDSA K-256 signature verification
Caching#
Recommended caching strategy:
- DID documents: 5 minute TTL
- Public keys: 5 minute TTL
- PDS endpoints: 5 minute TTL
- Signature results: 5 minute TTL
Error Handling#
Plugins should handle:
- DID resolution failures (network, invalid DID)
- PDS connectivity issues (timeout, 404, 500)
- Invalid signature format
- Untrusted DIDs
- Network timeouts
Logging#
Structured logging with:
image- Image being verifieddid- Signer DIDduration- Operation durationerror- Error message (if failed)
Metrics#
Expose Prometheus metrics:
atcr_verifications_total{result="verified|failed|error"}atcr_verification_duration_secondsatcr_did_resolutions_total{result="success|failure"}atcr_cache_hits_totalatcr_cache_misses_total
Testing#
Unit Tests#
Test individual components:
# Test DID resolution
go test ./pkg/resolver -v
# Test signature verification
go test ./pkg/crypto -v
# Test trust policy
go test ./pkg/trust -v
Integration Tests#
Test with real services:
# Test against ATCR registry
go test ./integration -tags=integration -v
# Test with test PDS
go test ./integration -tags=integration -pds=https://test.pds.example.com
End-to-End Tests#
Test full deployment:
# Deploy to test cluster
kubectl apply -f test/fixtures/
# Create pod with signed image (should succeed)
kubectl run test-signed --image=atcr.io/test/signed:latest
# Create pod with unsigned image (should fail)
kubectl run test-unsigned --image=atcr.io/test/unsigned:latest
Performance Considerations#
Latency#
Typical verification latency:
- DID resolution: 50-200ms (cached: <1ms)
- PDS query: 100-500ms (cached: <1ms)
- Signature verification: 1-5ms
- Total: 150-700ms (uncached), <10ms (cached)
Throughput#
Expected throughput (single instance):
- Without caching: ~5-10 verifications/second
- With caching: ~100-500 verifications/second
Scaling#
For high traffic:
- Deploy multiple replicas (stateless)
- Use Redis for distributed caching
- Implement rate limiting
- Monitor P95/P99 latency
Security Considerations#
Network Policies#
Restrict access to:
- DID resolution (PLC directory only)
- PDS XRPC endpoints
- Internal services only
Denial of Service#
Protect against:
- High verification request rate
- Slow DID resolution
- Malicious images with many signatures
- Large signature artifacts
Trust Model#
Understand trust dependencies:
- DID resolution is accurate (PLC directory)
- PDS serves correct records
- Private keys are secure
- Trust policy is maintained
Troubleshooting#
Plugin Not Loading#
# Check plugin exists
ls -la /path/to/plugin
# Check plugin is executable
chmod +x /path/to/plugin
# Check plugin logs
tail -f /var/log/atcr-verifier.log
Verification Failing#
# Test DID resolution
curl https://plc.directory/did:plc:alice123
# Test PDS connectivity
curl https://bsky.social/xrpc/com.atproto.server.describeServer
# Test signature exists
oras discover atcr.io/alice/myapp:latest \
--artifact-type application/vnd.atproto.signature.v1+json
Policy Not Enforcing#
# Check policy is loaded
kubectl get configmap atcr-trust-policy -n gatekeeper-system
# Check constraint is active
kubectl get constraint atcr-signatures-required -o yaml
# Check logs
kubectl logs -n gatekeeper-system deployment/ratify
See Also#
Documentation#
- ATProto Signatures - Technical deep-dive
- Signature Integration - Tool-specific guides
- Integration Strategy - High-level overview
- atcr-verify CLI - CLI tool specification
Examples#
- Verification Scripts - Shell scripts for manual verification
- Kubernetes Webhook - Custom webhook example
External Resources#
- Ratify - Verification framework
- OPA Gatekeeper - Policy engine
- Containerd - Container runtime
Support#
For questions or issues:
- GitHub Issues: https://github.com/atcr-io/atcr/issues
- Documentation: https://docs.atcr.io
- Security: security@atcr.io
Contributing#
Contributions welcome! Please:
- Follow existing code structure
- Add tests for new features
- Update documentation
- Submit pull request
License#
See LICENSE file in repository root.