Introduction to Auths

Auths is a decentralized identity and signing protocol built for developers.

It allows you to cryptographically sign your code, packages, and artifacts in a way that anyone can verify instantly—without ever relying on a central server, a corporate login, or a Certificate Authority.

The Problem: Rented Identity

Today, proving that you actually wrote a piece of code is surprisingly difficult and fragile. Modern software signing relies entirely on centralized infrastructure:

  • Code signing certificates cost money, expire, and force you to trust a Certificate Authority (CA).
  • GPG is notoriously painful to manage and relies on manual, outdated webs of trust.
  • Modern transparency logs (like Sigstore) are a massive leap forward, but they still tie your identity to a centralized OIDC provider (like a Google or GitHub login) and a centralized ledger.

If the central server goes down, if your account is suspended, or if the transparency log is compromised, your ability to prove who you are vanishes. You don't own your digital identity; you are just renting it.

How Auths is Different

Auths changes the equation. Instead of asking a server to vouch for you, Auths uses advanced cryptography to make you your own root of trust.

  1. You own your identity: Auths generates a permanent, decentralized identifier (DID) that survives key rotations and device upgrades. It isn't tied to your email or a tech giant's SSO.
  2. It lives where you work: Your identity and signing history aren't locked in a proprietary database. They are stored natively as cryptographic data right inside your Git repositories.
  3. Zero-trust verification: When someone wants to verify a package you signed, they don't ping our servers. The Auths verification engine is compiled to WebAssembly (WASM). It runs locally and instantly in their browser, terminal, or CI pipeline.

With Auths, if our website goes offline tomorrow, your identity and your ability to verify signatures keep working perfectly. Math replaces servers.

Getting Started

Ready to reclaim your identity? Head over to Getting Started to install the CLI and generate your root keys in less than two minutes.