Here’s a compact, diagram-first blueprint that shows how to turn a CycloneDX SBOM into signed, replay-safe proofs across DSSE/in-toto, Rekor v2 (tile-backed) receipts, and VEX—plus how to run this with the public instance or fully offline. --- ## 1) Mental model (one line per hop) ``` [SBOM: CycloneDX JSON] └─(wrap as DSSE payload; predicate = CycloneDX) └─(optional: in-toto statement for context) └─(sign → cosign/fulcio or your own CA) └─(log entry → Rekor v2 / tiles) └─(checkpoint + inclusion proof + receipt) └─(VEX attestation references SBOM/log) └─(Authority anchors/keys + policies) ``` * **CycloneDX SBOM** is your canonical inventory. ([cyclonedx.org][1]) * **DSSE** provides a minimal, standard signing envelope; in-toto statements add supply-chain context. ([JFrog][2]) * **Rekor v2** stores a hash of your attestation in a **tile-backed transparency log** and returns **checkpoint + inclusion proof** (small, verifiable). ([Sigstore Blog][3]) * **VEX** conveys exploitability (e.g., “not affected”) and should reference the SBOM and, ideally, the Rekor receipt. ([cyclonedx.org][4]) --- ## 2) Exact capture points (what to store) * **SBOM artifact**: `sbom.cdx.json` (canonicalized bytes + SHA256). ([cyclonedx.org][1]) * **DSSE envelope** over SBOM (or in-toto statement whose predicate is CycloneDX): keep the full JSON + signature. ([JFrog][2]) * **Rekor v2 receipt**: * **Checkpoint** (signed tree head) * **Inclusion proof** (audit path) * **Entry leaf hash / UUID** Persist these with your build to enable offline verification. ([Sigstore Blog][3]) * **VEX attestation** (CycloneDX VEX): include references (by digest/URI) to the **SBOM** and the **Rekor entry/receipt** used for the SBOM attestation. ([cyclonedx.org][4]) * **Authority anchors**: publish the verifying keys (or TUF-root if using Sigstore public good), plus your policy describing accepted issuers and algorithms. ([Sigstore][5]) --- ## 3) Field-level linkage (IDs you’ll wire together) * **`subject.digest`** in DSSE/in-toto ↔ **SBOM SHA256**. ([OpenSSF][6]) * **Rekor entry** ↔ **DSSE envelope digest** (leaf/UUID recorded in receipt). ([GitHub][7]) * **VEX `affects` / `analysis`** entries ↔ **components in SBOM** (use purl/coordinates) and include **`evidence`/`justification`** with **Rekor proof URI**. ([cyclonedx.org][4]) --- ## 4) Verification flow (online or air-gapped) **Online (public good):** 1. Verify DSSE signature against accepted keys/issuers. ([Sigstore][5]) 2. Verify Rekor **checkpoint signature** and **inclusion proof** for the logged DSSE digest. ([Go Packages][8]) 3. Validate VEX against the same SBOM digest (and optionally that its own attestation is also logged). ([cyclonedx.org][4]) **Air-gapped / sovereign:** * Mirror/export **Rekor tiles + checkpoints** on a courier medium; keep receipts small by shipping only tiles covering the ranges you need. * Run **self-hosted Rekor v2** or a **local tile cache**; verifiers check **checkpoint signatures** and **consistency proofs** exactly the same way. ([Sigstore Blog][3]) --- ## 5) Public instance vs self-hosted (decision notes) * **Public**: zero-ops, audited community infra; you still archive receipts with your releases. ([Sigstore][5]) * **Self-hosted Rekor v2 (tiles)**: cheaper/simpler than v1, tile export makes **offline kits** practical; publish your **root keys** as organization anchors. ([Sigstore Blog][3]) --- ## 6) Minimal CLI recipe (illustrative) * Generate SBOM → wrap → attest → log → emit receipt: * Create CycloneDX JSON; compute digest. ([cyclonedx.org][1]) * Create **DSSE** or **in-toto** attestation for the SBOM; sign (cosign or your CA). ([JFrog][2]) * Submit to **Rekor v2**; store **checkpoint + inclusion proof + UUID** with the build. ([Sigstore Blog][3]) * Emit **VEX** referencing the SBOM digest **and** the Rekor entry (URI/UUID). ([cyclonedx.org][4]) --- ## 7) Developer guardrails (to keep proofs replay-safe) * **Canonical bytes only** (stable JSON ordering/whitespace) before hashing/signing. ([JFrog][2]) * **Pin algorithms** (e.g., SHA-256 + key types) in policy; reject drift. ([Sigstore][5]) * **Always persist**: SBOM, DSSE envelope, Rekor receipt, VEX, and your **accepted-keys manifest** with version. ([Sigstore Blog][3]) * **Test offline**: verification must pass using only tiles + receipts you ship. ([Go Packages][9]) --- ## 8) Optional niceties * Gate deployments on “image must have **signed SBOM** (attestation)”. Sigstore Policy Controller example exists. ([Stackable Documentation][10]) * Track CVE status via **CycloneDX VEX** in your UI (“affected/not affected” with evidence links to Rekor). ([cyclonedx.org][4]) --- If you want, I can turn this into a **Stella Ops** diagram + drop-in `docs/blueprints/sbom-to-vex-rekor.md` with exact JSON stubs for: DSSE envelope, in-toto statement, Rekor receipt example, and a CycloneDX VEX snippet wired to the receipt. [1]: https://cyclonedx.org/specification/overview/?utm_source=chatgpt.com "Specification Overview" [2]: https://jfrog.com/blog/introducing-dsse-attestation-online-decoder/?utm_source=chatgpt.com "Introducing the DSSE Attestation Online Decoder" [3]: https://blog.sigstore.dev/rekor-v2-ga/?utm_source=chatgpt.com "Rekor v2 GA - Cheaper to run, simpler to maintain" [4]: https://cyclonedx.org/capabilities/vex/?utm_source=chatgpt.com "Vulnerability Exploitability eXchange (VEX)" [5]: https://docs.sigstore.dev/logging/overview/?utm_source=chatgpt.com "Rekor" [6]: https://openssf.org/blog/2024/06/26/a-deep-dive-into-sbomit-and-attestations/?utm_source=chatgpt.com "A Deep Dive into SBOMit and Attestations" [7]: https://github.com/sigstore/rekor?utm_source=chatgpt.com "sigstore/rekor: Software Supply Chain Transparency Log" [8]: https://pkg.go.dev/github.com/sigstore/rekor-tiles/v2/pkg/verify?utm_source=chatgpt.com "verify package - github.com/sigstore/rekor-tiles/v2/pkg/verify" [9]: https://pkg.go.dev/github.com/sigstore/rekor-tiles?utm_source=chatgpt.com "rekor-tiles module - github.com/sigstore/rekor-tiles" [10]: https://docs.stackable.tech/home/stable/guides/viewing-and-verifying-sboms/?utm_source=chatgpt.com "Viewing and verifying SBOMs of the Stackable Data Platform"