Your CI Pipeline Has No Identity. Here's a GitHub Action to Fix That.

Every CI pipeline builds artifacts — binaries, packages, container images, model weights. But none of them can prove who built them.

You push to main. GitHub Actions runs. A package appears on PyPI. A Docker image lands in your registry. How does anyone downstream verify that your pipeline produced it?

The answer today: they don't. They trust the platform.

The Problem

Supply chain attacks exploit this gap. SolarWinds. Codecov. The unsigned binary problem isn't theoretical — it's the #1 vector for compromising software distribution.

Code signing helps, but it's designed for humans with hardware tokens. CI pipelines need something native: an identity that lives in the workflow, signs artifacts automatically, and lets anyone verify the signature without trusting GitHub.

The Fix: AIP Identity for CI/CD

We just shipped a GitHub Action that gives your pipeline a cryptographic identity:

- uses: The-Nexus-Guard/aip@main
  with:
    did: ${{ secrets.AIP_DID }}
    private-key: ${{ secrets.AIP_PRIVATE_KEY }}
    sign-paths: 'dist/*'

What happens:

1. Installs aip-identity from PyPI
2. Configures your pipeline's Ed25519 keypair via env vars (never written to disk)
3. Signs every artifact in dist/ with your pipeline's DID
4. Outputs the signatures as a JSON array

Anyone can verify: aip verify <artifact> --signer <your-did>

Trust-Gated Deployments

Here's where it gets interesting. What if your pipeline could check whether an upstream dependency is still trusted before deploying?

- uses: The-Nexus-Guard/aip@main
  with:
    did: ${{ secrets.AIP_DID }}
    private-key: ${{ secrets.AIP_PRIVATE_KEY }}
    verify-did: 'did:aip:upstream-agent'
    trust-threshold: '0.5'

- name: Deploy (only if trusted)
  run: ./deploy.sh

The step fails if the target DID's trust score drops below your threshold. Automatic supply chain verification, no manual intervention.

Agent-to-Agent CI

Pipelines can now notify other agents when builds complete:

- name: Notify partner
  run: |
    aip message $PARTNER_DID "Build ${{ github.sha }} complete. Artifacts signed."
  env:
    AIP_DID: ${{ secrets.AIP_DID }}
    AIP_PRIVATE_KEY: ${{ secrets.AIP_PRIVATE_KEY }}

The message is end-to-end encrypted. Only the recipient agent can read it.

Setup in 60 Seconds

pip install aip-identity
aip init --platform github --username my-org
aip whoami  # copy the DID

Add AIP_DID and AIP_PRIVATE_KEY as GitHub repository secrets. Done.

How It Works Under the Hood

• Identity: Ed25519 keypair → DID (Decentralized Identifier)
• Signing: Ed25519 signatures on file content
• Trust: Vouch chains with decay scoring on the AIP network
• Privacy: Private key never leaves GitHub Secrets → env var → process memory

No central authority. No certificate authority. No hardware token. Just math.

What's Next

This is the beginning of CI/CD identity. Planned features:

• Attestation receipts (on-chain anchoring of build signatures)
• Cross-pipeline trust paths (Pipeline A vouches for Pipeline B)
• Automated trust scoring based on build history

---

Try it: GitHub Action source | Full docs | AIP project

pip install aip-identity — 611 tests, MIT licensed, no vendor lock-in.