Signing is for the bad days

A deep dive into why software supply chain signing tools (TUF, in-toto, and Sigstore) appear useless on normal days but become critical during security incidents. TUF protects the last hop from registry to client by splitting signing roles with offline keys, preventing rollback and freeze attacks even when a registry is compromised. in-toto attests the entire build pipeline by recording signed links at each step, which would have caught the xz backdoor and SolarWinds-style build server compromises. Sigstore eliminates long-lived key management by using short-lived OIDC-bound certificates and a public append-only transparency log (Rekor), making forensic investigation fast and tamper-evident. The post also honestly acknowledges limits: recent attacks like Ultralytics and TanStack compromised the CI runner itself, bypassing these controls — but the transparency log still accelerated incident response. The three layers compose: in-toto defines valid builds, Sigstore handles keyless signing, and TUF secures distribution. npm provenance, PyPI attestations, and SLSA are all manifestations of this stack.