Verifying your download

There are two things you can verify before trusting a build: the template you downloaded, and the runtime image that compiles it. Both are optional — docker pull and a normal make publish work without any of this — but the tools are here when you need to audit for compliance or security review.

The template

Keystone templates ship with a SHA-256 checksum manifest (.keystone/checksums.txt) and a GPG detached signature (.keystone/checksums.txt.sig). The signature proves the checksums came from the Keystone release pipeline; the checksums prove no file was changed after assembly.

Public key

Fingerprint: 799D 1DC8 D477 4935 B557 D9EA C634 6E75 5DD4 C21A

Steps

Import the public key. Copy the block above into a file (e.g. keystone.pub) and import it:

bash gpg --import keystone.pub

Verify the signature, from the template root:

bash gpg --verify .keystone/checksums.txt.sig .keystone/checksums.txt

Success shows Good signature from "Keystone Signing Key".

Verify the checksums, from the template root:

bash shasum -a 256 -c .keystone/checksums.txt # macOS sha256sum -c .keystone/checksums.txt # Linux

Every line should report OK.

Why the key lives here

A public key shipped inside the artifact it verifies creates circular trust — an attacker who compromises the template repo can replace the key, re-sign, and pass verification. Publishing the key here, independently of the template repos, breaks that cycle. Always take the key from this page, not from the template you are checking.

The runtime image

The prebuilt Keystone image is scanned for vulnerabilities before every release, signed with Sigstore cosign, and ships with an SBOM (software bill of materials) attestation. Verify the signature from your project:

make verify

This checks the image your template pins against the Keystone release identity on GitHub Actions — a valid signature means the image was built and published by the official pipeline, not substituted. No action is needed for normal use; docker pull behaves as before.