Ensure cosign v2.x is installed; in v2.x keyless signing is the default behavior and no special flags or environment variables are needed to enable it.
Run `cosign sign <image-digest>` (using the image digest reference, e.g., registry/image@sha256:...) — cosign will automatically initiate an OIDC authentication flow (browser-based or ambient credentials in CI) to obtain an identity token.
cosign uses the OIDC token to request a short-lived signing certificate from Fulcio, signs the image, and records the signature and certificate to the Rekor transparency log; the certificate is not stored by the caller.
To verify a signed image, run `cosign verify --certificate-identity <expected-identity> --certificate-oidc-issuer <issuer-url> <image-digest>`; cosign checks the Rekor log and validates the certificate chain.
In CI environments, ambient OIDC credentials (e.g., GitHub Actions OIDC token) are picked up automatically; no browser prompt occurs and no long-lived keys are stored.
Optionally use `cosign verify-attestation` for SBOM or SLSA provenance attestations attached to the image, applying the same --certificate-identity and --certificate-oidc-issuer flags.
Known gotchas
In cosign v2.x the --keyless flag and COSIGN_EXPERIMENTAL=1 environment variable have been removed; using them will cause an error or be silently ignored — keyless is simply the default and requires no opt-in flag.
Verification requires both --certificate-identity and --certificate-oidc-issuer to be specified explicitly; omitting either will cause cosign to reject the verification for security reasons.
Sign using the image digest (sha256:...) reference rather than a mutable tag; signing a tag reference can produce ambiguous verification results if the tag is later moved to a different digest.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp