rtk-ai/rtk

enhancement: sign release binaries with GPG for integrity verification

Open

#1,159 opened on Apr 10, 2026

View on GitHub
 (1 comment) (0 reactions) (0 assignees)Rust (2,914 forks)batch import
area:cieffort-largeenhancementhelp wantedpriority:medium

Repository metrics

Stars
 (48,085 stars)
PR merge metrics
 (Avg merge 11d 1h) (45 merged PRs in 30d)

Description

Problem

RTK releases on GitHub contain pre-built binaries (`.tar.gz` archives) with no cryptographic signature. Users who download these binaries have no way to verify:

  1. Authenticity: The binary was actually built by RTK maintainers
  2. Integrity: The binary was not modified in transit or on GitHub's servers

This is particularly important for a CLI tool that:

  • Sits between the user and their shell commands
  • Executes system commands on behalf of AI agents
  • Has access to file system operations via its hooks

Proposed solution

1. Generate a maintainer GPG key

Create a dedicated signing key for RTK releases (not a personal key).

2. Sign release artifacts

In the CI/CD release workflow (.github/workflows/), after building binaries:

```bash gpg --batch --yes --armor --detach-sign rtk-x86_64-unknown-linux-musl.tar.gz gpg --batch --yes --armor --detach-sign rtk-aarch64-apple-darwin.tar.gz

etc.

```

3. Publish signatures with releases

The `.asc` signature files should be uploaded alongside the binaries in each GitHub Release.

4. Update installer

`install.sh` should download and verify the signature:

```bash

Download signature

curl -fsSL "$DOWNLOAD_URL.asc" -o "$ARCHIVE.asc"

Verify (requires importing the public key first)

gpg --verify "$ARCHIVE.asc" "$ARCHIVE" ```

5. Publish public key

Host the public signing key on the RTK website and a keyserver. Include the key fingerprint in the README.

Alternative: Sigstore/cosign

Instead of GPG, use Sigstore's cosign for keyless signing. This is the modern approach used by many Rust projects:

```bash cosign sign-blob --yes rtk-x86_64-unknown-linux-musl.tar.gz cosign verify-blob --certificate-identity= rtk-x86_64-unknown-linux-musl.tar.gz ```

Acceptance criteria

  • Each release has signed artifacts or a verifiable checksum
  • CI workflow automatically signs during release
  • Public verification key is accessible
  • Installer supports verification (or documents manual verification steps)

Contributor guide