Generate a functionary key pair: `in-toto-keygen --scheme ed25519 functionary`
Run each pipeline step wrapped with `in-toto-run`: `in-toto-run --name clone --products src/ --signing-key functionary -- git clone <repo> src/`
Collect all `.link` metadata files produced by each `in-toto-run` invocation
Verify the supply chain against a layout file: `in-toto-verify --layout root.layout --layout-key root.pub --link-dir .`
Known gotchas
The layout must be signed by the project owner's key and must enumerate every functionary and step; missing steps or wrong expected-command values will cause verification to fail
In-toto records file hashes of materials and products; any non-deterministic build output (embedded timestamps, random UUIDs) will cause hash mismatches on verification
The `in-toto-run` wrapper captures the command's actual arguments; wrapping a script that calls other processes will only record the script invocation, not sub-process commands
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp