Driven forward by community

As a community, we believe that software identity should be sovereign, verifiable, and open. We’ve built Auths so that every developer can cryptographically prove what they ship—without relying on centralized authorities. Secure software benefits everyone.

KERI FoundationWebOfTrust

The Auths story

Auths began with a simple question: why does every software signing system require you to trust a centralized authority? Using KERI (Key Event Receipt Infrastructure), we built a protocol where your identity is a cryptographic log—not a username on someone else’s server.

Today, Auths is developed by an engaged open-source community pursuing a singular goal: making decentralized software identity the industry standard. From the CLI that signs your releases, to the WebAssembly verifier that runs in any browser, every component is designed to be sovereign, portable, and zero-trust by default.

Recent updates

  • The Auths CLI now supports signing Docker container images with full KERI identity binding.
  • Public Registry v1 is live at public.auths.dev — search identities, packages, and repositories.
  • auths-verifier compiled to WebAssembly enables zero-trust, client-side verification in any browser.

Initiatives

  • Multi-party threshold signing for team-managed packages is in active development.
  • Radicle forge attestation support is landing in the next CLI release.
  • KERI witness network integration for decentralized key event receipt infrastructure.

Want to get involved?

Join us on GitHub

Browse the source, open issues, submit pull requests, and help shape the future of decentralized software identity.

View on GitHub

Share your story

Already using Auths to secure your supply chain? Share your experience to help us track adoption and improve the tooling.

Open a discussion

Attend a community meeting

We hold open community calls to discuss roadmap priorities, review RFCs, and demo new features. Everyone is welcome.

Check the calendar