## Signing distribution artifacts with Signstar <p><img data-src="images/archlinux.png" height="128px"></p> <p>foss-north 2026</p> <p>David Runge</p>

## Overview * [Artifacts 🗿](#artifacts-🗿) * [Digital signing 🔏](#digital-signing-🔏) * [Signstar 💫](#signstar-💫) * [Next steps 👣](#next-steps-👣)

### `$whoami` * Freelance software developer * Arch Linux Package Maintainer (2017)/ Developer (2019)/ Main Signing Key (2021) * Rust, Python, packaging

## *"Previously..."* * All Systems Go! 2024 - [Boring Infrastructure: Building a secure signing environment](https://media.ccc.de/v/all-systems-go-2024-263-boring-infrastructure-building-a-secure-signing-environment) * All Systems Go! 2025 - [Verification of OS artifacts without stateful keyrings](https://media.ccc.de/v/all-systems-go-2025-374-verification-of-os-artifacts-without-stateful-keyrings)

## Slides 🔗 <a href="https://pkgbuild.com/~dvzrv/presentations/foss-north-2026/"><img src="images/slides-link.png"></img></a>

## Artifacts 🗿

<object data="images/project-artifact-dark-mode.svg" type="image/svg+xml"> <img src="images/project-artifact-dark-mode.png" /> </object>

### Software distribution * Git tags * Source tarballs * Prebuilt application downloads

### Operating system packaging * Package files * Repository metadata

### OS updates 📀💾 * OS images/virtual machines * installation media

### Common goals 🥅 * [Reproducibility](https://reproducible-builds.org/) * [Authenticity](https://en.wikipedia.org/wiki/Message_authentication)

### Arch Linux package repositories * Three official package repositories (`core`, `extra`, `multilib`) * ~15198 packages 📦️ * ~68 package maintainers 🤹

## Digital signing 🔏

### Technologies 🎛️ * [Minisign](https://github.com/jedisct1/minisign) * [OpenPGP](https://en.wikipedia.org/wiki/Pretty_Good_Privacy#OpenPGP) * [PKCS #7](https://en.wikipedia.org/wiki/PKCS_7) * [Signify](https://en.wikipedia.org/wiki/OpenBSD_security_features#Signify) * [SSH](https://en.wikipedia.org/wiki/Secure_Shell)

### Upstream ↖️

<object data="images/flat-hierarchy-dark-mode.svg" type="image/svg+xml"> <img src="images/flat-hierarchy-dark-mode.png" /> </object>

<object data="images/certificate-authority-dark-mode.svg" type="image/svg+xml"> <img src="images/certificate-authority-dark-mode.png" /> </object>

### Use of OpenPGP in Arch Linux 🔏 * Verification of upstream sources ([RFC0046](https://rfc.archlinux.page/0046-upstream-package-sources/)) 👌 * [Detached OpenPGP signatures](https://openpgp.dev/book/signing_data.html#detached-signatures) for packages ([alpm-package(7)](https://alpm.archlinux.page/specifications/alpm-package.7.html)), installation media and virtual machine images ✅ * Currently no signing of repository metadata ([alpm-repo-db(7)](https://alpm.archlinux.page/specifications/alpm-repo-db.7.html)) ❌️

### Package signing 🔏 * Five [main signing keys](https://archlinux.org/master-keys/) (>=3 for PGPKI) * 68 [package maintainers](https://archlinux.org/people/package-maintainers/) for `extra` and `multilib` repository * 24 [developers](https://archlinux.org/people/developers/) for `core` repository

<object data="images/arch-linux-simple-wot-dark-mode.svg" type="image/svg+xml"> <img src="images/arch-linux-simple-wot-dark-mode.png" /> </object>

<object data="images/current-setup-source-to-binary-dark-mode.svg" type="image/svg+xml"> <img src="images/current-setup-source-to-binary-dark-mode.png" /> </object>

<object data="images/current-setup-key-exfiltration-dark-mode.svg" type="image/svg+xml"> <img src="images/current-setup-key-exfiltration-dark-mode.png" /> </object>

### Motivation for change ✨

## Prevent key exfiltration 🔐 * We are unable to control whether package maintainers use hardware tokens * Private key material held in CI is vulnerable to exfiltration * Guarding one central system is easier than guarding `n` systems

### Automation 🤖 * Centralized package builds (see [RFC0063](https://rfc.archlinux.page/0063-buildbtw-build-service/)) * Signing of repository metadata ([alpm-repo-db(7)](https://alpm.archlinux.page/specifications/alpm-repo-db.7.html)) * Building and signing of installation media * Secure signing of virtual machine images

## Signstar 💫

### Requirements 📓 * Security * Maintainability * Robustness * Decentralized administration * [Hardware Security Module](https://en.wikipedia.org/wiki/Hardware_security_module) (HSM) * Standards compliant OpenPGP ([RFC 9580](https://www.rfc-editor.org/rfc/rfc9580))

<object data="images/future-packaging-setup-dark-mode.svg" type="image/svg+xml"> <img src="images/future-packaging-setup-dark-mode.png" /> </object>

### Project history 📜 * 2024 * Start of work 🦀 * Concepts * Libraries for initial target HSM ([NetHSM](https://www.nitrokey.com/products/nethsm)) * 2025 * [RFC0059](https://rfc.archlinux.page/0059-automated-digital-signing-of-os-artifacts/) * Addition of [YubiHSM2](https://www.yubico.com/se/product/yubihsm-2/) support

<object data="images/signing-artifacts-with-signstar-dark-mode.svg" type="image/svg+xml"> <img src="images/signing-artifacts-with-signstar-dark-mode.png" /> </object>

### Physical host requirements 📓 * [UEFI](https://en.wikipedia.org/wiki/UEFI): [Unified Kernel Image](https://uapi-group.org/specifications/specs/unified_kernel_image/) (UKI) + [Secure Boot](https://en.wikipedia.org/wiki/UEFI#Secure_Boot) ⛓️ * [TPM2](https://en.wikipedia.org/wiki/Trusted_Platform_Module): Host-specific encryption of partitions and non-administrative secrets / SSH private key 🔐

## Signstar host setup 🧪 * Read-only, auto-updating image-based OS ([SignstarOS](https://gitlab.archlinux.org/archlinux/signstar-os)) 💽 * Central, fully validated configuration file format 📝 * Access exclusively through SSH authentication 🤝 * No login shell, only forced commands 🫡 * HSM backend 🔐

<object data="images/configuration-during-build-dark-mode.svg" type="image/svg+xml"> <img src="images/configuration-during-build-dark-mode.png" /> </object>

### Force commands ```sshd_config Match user signer AuthorizedKeysFile /etc/ssh/signer.authorized_keys ForceCommand /usr/bin/signstar-sign ```

### Dedicated user roles 🛠️ * signing (one-to-one relation) * metrics/logs * backup * admin * shareholder * download network configuration

### HSM configuration 🧪 * Admin credentials only available on Signstar host during (re)configuration * Decentralized administration using [Shamir's Secret Sharing](https://en.wikipedia.org/wiki/Shamir%27s_secret_sharing) (SSS) * Limited set of features (targeting signing) * Rust bindings 🦀

<object data="images/signstar-admin-creds-sss-build-dark-mode.svg" type="image/svg+xml"> <img src="images/signstar-admin-creds-sss-build-dark-mode.png" /> </object>

<object data="images/signstar-config-runtime-build-dark-mode.svg" type="image/svg+xml"> <img src="images/signstar-config-runtime-build-dark-mode.png" /> </object>

## Backup 💾

<object data="images/signstar-request-backup-dark-mode.svg" type="image/svg+xml"> <img src="images/signstar-request-backup-dark-mode.png" /> </object>

<object data="images/signstar-restore-backup-dark-mode.svg" type="image/svg+xml"> <img src="images/signstar-restore-backup-dark-mode.png" /> </object>

## SignstarOS 💫 * read-only rootfs, LUKS encrypted `/var` using [systemd-repart](https://man.archlinux.org/man/systemd-repart.8) on first boot * A/B updates using [systemd-sysupdate](https://man.archlinux.org/man/systemd-sysupdate.8) * VPN tunnel for diverting logs and metrics over [WireGuard](https://wireguard.com) * built using [mkosi](https://github.com/systemd/mkosi)

## Next steps 👣

### 2026 * Provisioning of YubiHSM2 devices based on configuration * Finish system service for continuous state handling * Consolidate documentation * Rollout for testing 🚀

### Future features ✨ * Finish SSS integration * Logging and metrics integration * Configuration format for `signstar-request-signature` * PKCS#7 (for Secure Boot signed shim)

### Post Quantum Cryptography (PQC) * NetHSM wants to add support in the future ([nethsm#14](https://github.com/Nitrokey/nethsm/issues/14)) * YubiHSM2 has no support, unclear if new device is planned (Hi, Yubico 👋)

### Attestation log 🪵 * Hook into signing process * Integrate with existing services (e.g. [rekor](https://github.com/sigstore/rekor))

<object data="images/attestation-log-dark-mode.svg" type="image/svg+xml"> <img src="images/attestation-log-dark-mode.png" /> </object>

### Far future: Threshold signing 🌌 * Arch Linux has a [reproducible builds](https://reproducible.archlinux.org/) effort * Provide signature only if `n` out of `m` build machines are able to reproduce an identical artifact * Gatekeep reproducibility * profit! 🥳

## Thanks 🙏 * Wiktor Kwapisiewicz ([@wiktor@metacode.biz](https://metacode.biz/@wiktor)) * [Valve Software](https://www.valvesoftware.com/en/)

## Contact ☎️ * <https://signstar.archlinux.page> * [Signstar on Arch Linux's GitLab](https://gitlab.archlinux.org/archlinux/signstar) * [David Runge \<dave@sleepmap.de\>](mailto:dave@sleepmap.de) * [@dvzrv@chaos.social](https://chaos.social/@dvzrv)