Independent Cryptographic Validators for CAS

Today we are proud to announce that two leading Open Source projects, Home Assistant and AlmaLinux are now providing independent cryptographic validation services for our CAS community attestation service.

When we launched CAS – the fully free and open source community attestation service, we had a bright vision to help ensure that open source developers around the world would be able to easily provide supply chain security for their projects. We’ve seen adoption by some of today’s leading Open Source projects including Home Assistant and AlmaLinux and started thinking about what further layers we could add to help increase the security and transparency of CAS.

In addition to preserving your privacy by never uploading your data, only the unique digital hash, CAS is backed by immudb, the open source immutable database, which ensures that the all the data in CAS cannot be tampered with. This is done via cryptographic proofs which can be verified by any client anywhere. These new cryptographic validation service run totally independently of the CAS service, at the respective projects and periodically fetch a fresh status from the immudb instance on which CAS is built. They then verify the integrity compared to an older one stored locally. The validation service checks if the previous state is “included” in the new state of immudb. A REST service then allows the user to query the status of the validation via the Web UI to visualize data, including the latest proof value.

Having two independent validators at two separate projects allows anyone to check them against each other and verify the consistency of the data that is being provided.

If you’re an open source developer and are serious about the security of your project, please check out CAS and give it a try. If you’d like any help integrating CAS into your project, feel free to stop by the CAS Discord Server to chat with us!


Save energy without reducing VM performance in your VMware vSphere cluster
16 August 2022
Over the last couple of decades energy consumption went up massively in every data center and while the…
Metrics & Logs support for IoT - Bringing Secure Monitoring and Logging to the Edge
7 July 2022
Simple uptime monitoring for Internet-of-Things (IoT) is well-known and requires knowing if the devices are up and running.…
Monitoring Azure SQL Managed Instance with Opvizor Metrics & Logs
17 January 2022
When you have critical applications and business processes that rely on Azure resources, it's critical to keep an…

White Paper — Registration

You will receive the research paper by mail.

Codenotary — Webinar

White Paper — Registration

Please let us know where we can send the whitepaper on Codenotary Trusted Software Supply Chain. 

Become a partner

Start Your Trial

Please enter contact information to receive an email with the virtual appliance download instructions.

Start Free Trial

Please enter contact information to receive an email with the free trial details.

Subscribe to our newsletter