Amean Asad and André Arko have introduced Kettle, an attested build system designed to produce cryptographically verifiable provenance for software built inside Trusted Execution Environments (TEEs) (S1).
Kettle addresses the critical need for verifying the integrity and origin of software, particularly in environments where trust is paramount. The system records essential build information, including the source commit, dependencies, toolchain, build environment, and output artifact digests within a provenance document (S1).
This provenance document's SHA-256 digest is committed to the TEE platform's attestation report-data field. The hardware-signed attestation report acts as a signature on the provenance, with the signing identity chaining to the TEE manufacturer's root of trust (S1).
The use of TEEs is central to Kettle's design, providing a secure enclave for the build process. This ensures that the build environment is isolated and protected from external tampering, enhancing the trustworthiness of the generated software artifacts (S1).
Because the CVM (Confidential VM) image is reproducible, its launch measurement is public and stable. This allows a build requester to pre-attest the CVM before submitting any input and optionally deliver source over a TLS channel terminated inside it (S1).
The end-to-end confidentiality provided by Kettle ensures that the build runs without the host ever seeing the source code in plaintext (S1).
Verification with Kettle is simplified, requiring only a single signature check against the vendor root and a small set of digest comparisons. This eliminates the need to re-execute the build process, streamlining the verification procedure (S1).
By removing the build infrastructure, its operators, and the artifact distribution channel from the trust surface, Kettle minimizes the attack surface. This allows verifiers to confidently determine if a binary corresponds to its claimed inputs (S1).
The system's design incorporates several key elements to ensure the integrity and verifiability of the software. These elements include the use of a measured confidential VM, the recording of build metadata, and the generation of a hardware-signed attestation report (S1).
The authors highlight that the CVM image's reproducibility is crucial, as it allows for public and stable launch measurements. This feature enables build requesters to pre-attest the CVM before submitting any input, enhancing the security of the build process (S1).
Kettle's approach offers significant advantages over traditional build systems. By leveraging TEEs and cryptographic techniques, it provides a robust and verifiable method for ensuring software provenance. This is particularly important in security-critical applications where trust and integrity are paramount (S1).
The research paper, available on arXiv, provides a detailed technical overview of Kettle's architecture, implementation, and evaluation. It also includes discussions on the system's security properties and performance characteristics (S1).
The development of Kettle represents a significant advancement in software supply chain security. By providing a verifiable provenance mechanism, it helps to mitigate the risks associated with compromised builds and malicious software (S1).
The research was submitted on May 8, 2026, and is available for review (S1).
ops.llm_calls. Every fact traces to a citation. If a fact looks wrong, write to corrections.