Evidence Signing

Evidence packages in Truss are cryptographically signed to ensure integrity and non-repudiation.

Signature format

Each evidence package carries a SHA-256 signature:

sig:sha256:abcdef1234567890...

Dual-signing

For cross-org evidence sharing, two parties can sign the same evidence package:

truss evidence sign <evidence-id>
truss evidence verify <evidence-id>

Re-validation

Signatures can be re-validated at any time against the original mandate and agent keys:

truss verify evidence <evidence-id>

See the verify command for available verification options.

PreviousSelf-Hosted DeploymentNextJurisdiction & Regulatory Queries