Technical Deep Dive
Rekor's architecture elegantly separates concerns between the stateless API server and the persistent transparency log backend. The Rekor server itself is written in Go and provides RESTful endpoints for submitting entries (hashes, signatures, public keys, attestations) and querying the log. Its stateless design allows for horizontal scaling and simplified deployment. The true cryptographic heavy lifting, however, is delegated to Trillian, a Google-developed general-purpose transparency log that provides the underlying Merkle tree data structure and append-only guarantees.
When a client submits an entry (e.g., a signature of a container image digest), Rekor packages it into a specific "kind" (like `hashedrekord` or `intoto` for in-toto attestations), creates a canonical JSON representation, and computes its SHA256 hash. This hash becomes the leaf node in Trillian's Merkle tree. The inclusion proof—a Merkle path from the leaf to the current tree root—is returned to the client, along with a signed tree head (STH). The STH is periodically signed by Rekor's private key, creating checkpoints that prevent a malicious log operator from forking history. Anyone can verify that an entry exists in the log by recomputing the Merkle path using publicly available tree data and verifying it against a trusted STH.
The `intoto` entry type is particularly powerful for capturing Software Bill of Materials (SBOM) and build provenance. It implements the in-toto attestation format, allowing build systems to record exactly what materials were used, who performed the build, and what commands were executed. This creates an auditable chain from source code to distributed artifact.
Performance is critical for adoption. The public Rekor instance (rekor.sigstore.dev) handles millions of entries. Key metrics include submission latency, query throughput, and log growth rate.
| Metric | Value (Public Instance) | Target SLA |
|---|---|---|
| Average Entry Submission Latency | < 2 seconds | < 5 seconds |
| Query (Get/Search) Latency | < 500 ms | < 1 second |
| Entries Processed (Cumulative) | ~50 million (est. Q1 2025) | N/A |
| Uptime (Last 90 days) | 99.95% | 99.9% |
| Maximum Entry Size | 1 MB | Configurable in private deployments |
Data Takeaway: The public Rekor instance demonstrates production-grade reliability and performance, with sub-second query times supporting integration into automated CI/CD pipelines. The cumulative entry count shows rapid, organic adoption across the open-source ecosystem.
Rekor's codebase is actively developed on GitHub (`sigstore/rekor`). Recent commits focus on performance optimizations for bulk queries, enhanced search capabilities (including regex support for specific fields), and improved support for new attestation formats like SPDX and CycloneDX for SBOMs. The project's plugin architecture for entry types allows the community to extend its functionality without modifying core code.
Key Players & Case Studies
Sigstore, and Rekor by extension, is stewarded by the Open Source Security Foundation (OpenSSF), with major contributions from Google, Red Hat, VMware, and GitHub. This cross-industry backing is crucial for its adoption as a neutral, public utility. Google's involvement is particularly deep, providing both the initial Trillian technology and significant engineering resources. Dan Lorenc, former CEO of Chainguard and a core Sigstore contributor, has been instrumental in articulating the vision for a transparent software supply chain.
Adoption patterns reveal two primary use cases: securing open-source distribution and hardening enterprise CI/CD.
Open-Source Foundations & Package Repositories: The Python Package Index (PyPI) now signs all uploaded packages with Sigstore by default, with metadata recorded in Rekor. Similarly, the Go module proxy (`proxy.golang.org`) uses Sigstore for transparency. This means any Python package or Go module user can cryptographically verify its origin and integrity against the public log. The Kubernetes release process has fully integrated Sigstore, with all release artifacts signed via Cosign and provenance recorded in Rekor.
Enterprise CI/CD Integration: Companies like GitHub and GitLab have built native Sigstore support into their Actions and CI pipelines. GitHub's `gh attest` command and the `sigstore/cosign-installer` Action make it straightforward for developers to sign artifacts and store evidence in Rekor. Tekton and ArgoCD, popular CI/CD platforms, have plugins that verify Rekor entries before deploying artifacts to production.
Competing and complementary solutions exist, but they often address different parts of the problem or operate under a different trust model.
| Solution | Primary Focus | Trust Model | Key Differentiator vs. Rekor |
|---|---|---|---|
| Sigstore (Rekor) | Public Transparency Log | Decentralized, Public Good | Global, immutable ledger; no pre-established trust required for verification |
| Notary v2 | Container Signing & Distribution | Registry-Centric | Tight integration with OCI registries; supports delegation and role-based trust |
| SPIFFE/SPIRE | Workload Identity | Identity Federation | Issues short-lived, verifiable identities to software workloads; complements provenance |
| Traditional Code Signing (e.g., Authenticode) | Binary Authenticity | Centralized CA Hierarchy | Established in OS ecosystems; often private and expensive; lacks transparency |
| Blockchain-based Provenance | Immutable Record | Distributed Consensus | Uses blockchain for persistence; often higher latency and cost than transparency logs |
Data Takeaway: Rekor's unique value is its combination of public transparency, cryptographic verifiability, and minimal trust requirements. While competitors like Notary v2 excel in registry-integrated signing, and SPIFFE provides powerful identity, Rekor's public ledger model is uniquely suited for creating an ecosystem-wide, auditable record of software events.
Chainguard's commercial offerings, built atop Sigstore, demonstrate the business model emerging around this infrastructure. They provide managed services, policy enforcement (via `policy-controller`), and enterprise support, showing how open-source security primitives can be productized.
Industry Impact & Market Dynamics
Rekor is catalyzing a fundamental shift from "security by obscurity" to "security by transparency" in the software supply chain. This aligns with broader regulatory pushes like the U.S. Executive Order on Improving the Nation's Cybersecurity and the EU's Cyber Resilience Act, which mandate software provenance and SBOMs. Rekor provides the verifiable ledger upon which these compliance requirements can be technically fulfilled.
The market for software supply chain security tools is exploding. According to recent analyses, it's projected to grow from approximately $1.2 billion in 2023 to over $3.5 billion by 2027, representing a compound annual growth rate (CAGR) of over 30%. Sigstore, as a suite, is positioned as the underlying standard upon which many commercial solutions will be built.
| Market Segment | 2023 Size (Est.) | 2027 Projection | Key Driver | Sigstore/Rekor Relevance |
|---|---|---|---|---|
| Software Composition Analysis (SCA) | $800M | $2.1B | SBOM mandates | Provides verifiable SBOM storage & attestation |
| CI/CD Security | $250M | $900M | Pipeline compromise attacks | Immutable record of build provenance |
| Container Security | $150M | $500M | Container image tampering | Primary use case for Cosign+Rekor signing |
| Total Addressable Market | ~$1.2B | ~$3.5B | Regulation & High-Profile Attacks | Foundational Infrastructure |
Data Takeaway: Rekor sits at the convergence of several high-growth security markets. Its role as foundational, standards-based infrastructure means its adoption will likely grow even faster than the overall market, as it becomes embedded in platforms and commercial products.
The economic model is classic infrastructure: the core tool is open-source and free (public good), while value-added services like managed private instances, advanced analytics, policy engines, and enterprise support create commercial opportunities. Funding reflects this: Sigstore's contributing companies have invested tens of millions in engineering, while startups like Chainguard have raised significant venture capital ($116 million as of Series B) to build the commercial layer.
Adoption follows an S-curve typical of infrastructure technologies. Early adopters (Kubernetes, PyPI) have already onboarded. We are now in the early majority phase, where mainstream enterprises and cloud providers (AWS, Azure, GCP are all integrating Sigstore services) are building support into their platforms. The tipping point will come when verification against transparency logs becomes a default step in software procurement and deployment tooling.
Risks, Limitations & Open Questions
Despite its strengths, Rekor and the transparency log model face significant challenges.
1. Data Liability and Privacy: A public, immutable log is a double-edged sword. What happens if sensitive information (e.g., internal hostnames, temporary credentials) is accidentally signed and submitted? While Rekor only stores metadata and hashes, attestations can contain structured data. Deletion is impossible by design. Private Rekor deployments solve this for enterprises but sacrifice the global transparency benefit. Techniques like cryptographic redaction or zero-knowledge proofs are areas of research but not yet production-ready.
2. Log Maintenance and Centralization: The public Rekor instance is a central point of failure, currently operated by the Sigstore community. While the log is verifiable, its availability depends on these operators. A sustained DDoS attack could disrupt the service. The long-term governance, funding, and maintenance of this public utility remain open questions. Will it follow the Let's Encrypt model, reliant on sponsorships?
3. Key Management and Identity Bootstrapping: Rekor relies on Fulcio for short-lived certificate issuance. Fulcio's trust root is a set of public CAs and identity providers (like GitHub OIDC). This bootstraps trust from existing identities, but what about automated systems or hardware identities that lack these OIDC logins? The integration with SPIFFE and hardware roots of trust (like TPMs) is progressing but not ubiquitous.
4. Performance at Extreme Scale: Trillian's Merkle tree design is efficient, but as the log grows into hundreds of millions of entries, the size of inclusion proofs increases logarithmically. While still manageable, it adds overhead for clients. Sharding the log is a theoretical solution but breaks the simplicity of a single, global timeline.
5. The "Verification Gap": Transparency logs only provide evidence; they don't enforce verification. An organization must actively choose to check Rekor. Without mandatory verification integrated into deployment tools (kubelet, container runtimes, OS package managers), the security benefit is optional. Widespread enforcement is a cultural and tooling challenge, not just a technical one.
AINews Verdict & Predictions
Rekor is not merely a useful tool; it is a foundational piece of infrastructure that redefines the mechanics of software trust. Its bet on global cryptographic transparency over centralized, opaque authorities is correct for our interconnected, open-source-dependent world. The technical architecture is sound, the adoption trajectory is strong, and it solves a critical, escalating problem.
Our specific predictions for the next 24-36 months:
1. Regulatory Codification: Within two years, we predict that major government software procurement rules will explicitly require or give preference to artifacts with verifiable transparency log entries (like Rekor's). This will mirror the push for SBOMs and become a de facto standard for critical infrastructure software.
2. Runtime Integration: Container runtimes (containerd, CRI-O) and Kubernetes will add native, optional policy hooks to reject images without a valid Rekor entry or with entries that fail policy (e.g., built on untrusted builders). This will close the "verification gap" from the bottom of the stack upward.
3. The Rise of Private, Federated Logs: While the public log thrives, enterprises will increasingly deploy private Rekor instances for internal builds. We foresee the development of "federation" protocols allowing selective sharing of entries between private and public logs, creating a hybrid transparency model.
4. Attestation Becomes the Primary Currency: The focus will shift from simple signature storage to rich in-toto attestations. Rekor will evolve from a log of hashes to a rich, queryable database of software lifecycle events—the definitive record of how every artifact came to be. This will enable new forms of automated compliance and audit.
5. Competition from Cloud Giants: AWS, Google Cloud, and Microsoft Azure will each launch their own managed Sigstore/Rekor services, tightly integrated with their CI/CD and registry offerings. This will accelerate adoption but also create mild fragmentation. The health of the upstream open-source project will be crucial to maintain interoperability.
The key metric to watch is not Rekor's star count on GitHub, but the verification rate: what percentage of software artifacts in production are actually verified against a transparency log before execution? When that number crosses 50% for major ecosystems like containers, the software supply chain will have undergone a irreversible security transformation. Rekor is the ledger making that future possible.