Merkle Manifests: Why Build Servers Lie (How to Cryptographically Prove It)

Verifying CI/CD Artifacts Against Human-Signed Source Trees Introduction: The Build Server Is Not a Source of Truth Most CI/CD security models assume the build server is honest. This is a dangerous assumption. The SolarWinds supply-chain attack demonstrated that a build system can compile malicious code, sign it with legitimate keys, and distribute it as a trusted update — all while appearing compliant with every security control in the pipeline. From the pipeline’s perspective: The code was signed The artifact passed integrity checks The deployment followed policy And yet the artifact was malicious. This reveals a structural flaw: If the same system that produces artifacts also attests to their integrity, integrity becomes meaningless. This article introduces Merkle Manifests — a cryptographic pattern that breaks this trust loop by verifying build outputs against a human-signed source of truth , not against the build system’s claims. Why “Signed by the Server” Is Not Security Digital

Merkle Manifests: Why Build Servers Lie (How to Cryptographically Prove It)

Related Articles

The Quiet Advantage of Learning in Small, Practical Steps

2. Readers-writers Problem

The Part Nobody Could Scale

Claude Code Now Lets You Code From Your Phone. Here’s What I Learned the Hard Way.

Stop Watching Tutorials: The Real Way to Learn Coding Faster

Related Articles

How-To
The Quiet Advantage of Learning in Small, Practical Steps
Medium Programming • 2h ago

How-To
2. Readers-writers Problem
Medium Programming • 5h ago

How-To
The Part Nobody Could Scale
Medium Programming • 6h ago

How-To
Claude Code Now Lets You Code From Your Phone. Here’s What I Learned the Hard Way.
Medium Programming • 6h ago

How-To
Stop Watching Tutorials: The Real Way to Learn Coding Faster
Medium Programming • 7h ago