Wrapping Sigstore, in-toto, and SLSA: Where Modern Supply-Chain Security Still Fails

Why Provenance Without Intent Is Not Enough Introduction: The Rise of Supply-Chain Frameworks Sigstore, in-toto, and SLSA represent real progress in supply-chain security. They provide: Artifact signing Provenance metadata Policy enforcement Reproducible build standards These frameworks close many historical gaps. But they share a common blind spot: They authenticate artifacts and workflows. They do not verify human intent. This article examines where modern supply-chain frameworks stop — and why intent-verification must sit above them as a governance layer . What These Frameworks Solve Well Sigstore Makes signing accessible Eliminates long-lived keys Anchors signatures in transparency logs in-toto Enforces workflow policy Cryptographically links pipeline steps Tracks who performed each stage SLSA Defines maturity levels Enforces build isolation Encourages reproducibility These frameworks answer: Did the pipeline follow policy? They do not answer: Did a human consciously approve this s