Attestation System

What is an Attestation? A cryptographically signed certificate proving your code passed governance checks.

Why Attestations?

Benefit	Description
Audit Trail	Prove compliance to auditors
Tamper Detection	Cryptographic signatures prevent forgery
CI/CD Gates	Block deployments without valid attestations
Compliance	Meet SOC2, ISO requirements

How It Works

┌─────────────┐     ┌─────────────┐     ┌─────────────┐
│   ranex     │────►│  Governance │────►│ Attestation │
│    scan     │     │   Checks    │     │   Engine    │
└─────────────┘     └─────────────┘     └──────┬──────┘
                                               │
                                               ▼
                                        ┌─────────────┐
                                        │  Sign with  │
                                        │  Ed25519    │
                                        └──────┬──────┘
                                               │
                                               ▼
                                        ┌─────────────┐
                                        │ Store in    │
                                        │ .ranex/     │
                                        │attestations/│
                                        └─────────────┘

Attestations use Ed25519 digital signatures:

Results cannot be forged
Tampering is detectable
Origin is verifiable

Quick Start

Create an Attestation

# Run governance checks and create attestation
ranex attest create

Output:

🔏 Attestation Created
══════════════════════════════════════════════
  ID:        6ad8ba3c-deb9-4b07-818c-e827a2589578
  Timestamp: 2025-11-29T05:09:24.971914824Z
  Checks:    structure, imports, atlas
  Status:    ✅ PASSED (3/3 checks)
  Signature: a3fffad63806f10415126b999ebd7dff...
══════════════════════════════════════════════
Stored: .ranex/attestations/latest.json

Verify an Attestation

ranex attest verify

List All Attestations

ranex attest list

Attestation Contents

{
  "id": "6ad8ba3c-deb9-4b07-818c-e827a2589578",
  "timestamp": "2025-11-29T05:09:24Z",
  "project_path": "/home/user/myproject",
  "checks_completed": ["structure", "imports", "atlas"],
  "results_hash": "e4a0d3f8dcbc5a6d67c0969be1124fab...",
  "summary": {
    "total_checks": 3,
    "passed_checks": 3,
    "failed_checks": 0,
    "passed": true
  },
  "signature": "a3fffad63806f10415126b999ebd7dff...",
  "public_key": "501b4d59ae54d2cb96d90b185a642344..."
}

Commands

Command	Description
`ranex attest create`	Create new attestation
`ranex attest verify`	Verify attestation signature
`ranex attest list`	List all attestations
`ranex attest show [ID]`	Show specific attestation

CI/CD Integration

# GitHub Actions example
- name: Create Attestation
  run: ranex attest create --json > attestation.json

- name: Verify Before Deploy
  run: ranex attest verify --require-recent 1h

Next Steps

Governance & Audit - Full governance system
Getting Started - Installation guide