Skip to main content
Model signing is an experimental feature with ongoing development, which might include breaking changes. We are releasing these capabilities to improve the integrity of our models for our security-conscious users and to facilitate feedback from the community.

Getting started

Before trying to verify the signature, ensure that the tensor files have been downloaded with git-lfs and that no files have been added, removed, or modified in your local git checkout: 
git lfs fetch --all
git lfs pull
git lfs checkout
Install the model_signing (v1.0.1) library with the following command: 
pip install 'model-signing==v1.1.1'

Signature verification

Then verify the signature with the following command ensuring that the IBM identity ‘granite.preview@ibm.com’ was used for signing this model: 
python -m model_signing verify sigstore \
  --signature model.sig \
  --ignore-paths .git \
  --ignore-paths .gitattributes \
  --identity Granite.Preview@ibm.com \
  --identity_provider https://sigstore.verify.ibm.com/oauth2 \
  .