Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Manifest file format #224

Closed
susperius opened this issue Jun 27, 2024 · 2 comments · Fixed by #267
Closed

Manifest file format #224

susperius opened this issue Jun 27, 2024 · 2 comments · Fixed by #267
Labels
enhancement New feature or request
Milestone
V1 release

Comments

@susperius
Copy link
Contributor

I wanted to reignite the discussion around a manifest file format. So, I tried to define two potential solutions as shown below.
The first part shows a simple solution to support a Merkle tree root hash and the per file hash approaches in an either / or fashion.
Here, we could also extend the root_hash field to a custom type if not all necessary information can be captured in the metadata section.
The second part shows a solution that would support a mixed approach. I'm not sure it is necessary but just wanted to highlight it.

In both cases metadata is a simple dict[str, str] type that allows users to add arbitrary metadata to the Manifest. This could also be extended to support a strongly typed key, value solution if necessary.

The Manifest could be packaged in a DSSE envelope to follow their standard procedure for signing or (if sigstore is going to allow arbitrary data) we add a signature field to the Manifest file. I'd prefer going with the DSSE envelope since it's already well defined for this use case.

WDYT?

// Manifest supporting either digests or a root hash
message Manifest {
    map<str, str> metadata = 1;
    oneof model {
        ModelDigests model_digests = 2;
        bytes root_hash = 3;
    }
}

message ModelDigests {
    repeated Digest digests =1;
}

message Digest {
    string method = 1;
    string path = 2;
    bytes hash = 3;
}
// ================================================
// Manifest supporting mixed data
message Manifest {
    map<str, str> metadata = 1;
    ModelInformation model_information = 2;
}

message ModelInformation {
    oneof data {
        Digest digest = 1;
        RootHash root_hash = 2;
    }
}

message RootHash {
    string archive_information = 1;
    bytes hash = 2;
}

message Digest {
    string method = 1;
    string path = 2;
    bytes hash = 3;
}
@susperius susperius added the enhancement New feature or request label Jun 27, 2024
@mihaimaruseac mihaimaruseac added this to the V1 release milestone Jul 7, 2024
@susperius
Copy link
Contributor Author

I'm going to prepare a manifest PR. That's based upon PR193 and adds a last modified field to the Digest message.

@mihaimaruseac
Copy link
Collaborator

I'm currently working on one, to handle internal BCID needs.

mihaimaruseac added a commit to mihaimaruseac/model-transparency that referenced this issue Jul 24, 2024
@mihaimaruseac
Machinery for singing generic manifests.
e402a4b 
THIS IS DRAFT, WIP. Will split into separate PRs once it works. But
posting publicly to show what the plans are (sigstore#224, sigstore#248, sigstore#240, sigstore#111).

Signed-off-by: Mihai Maruseac <mihaimaruseac@google.com>
@mihaimaruseac mihaimaruseac mentioned this issue Jul 24, 2024
Closed
mihaimaruseac added a commit to mihaimaruseac/model-transparency that referenced this issue Jul 24, 2024
@mihaimaruseac
Machinery for singing generic manifests.
c6252d4 
THIS IS DRAFT, WIP. Will split into separate PRs once it works. But
posting publicly to show what the plans are (sigstore#224, sigstore#248, sigstore#240, sigstore#111).

Signed-off-by: Mihai Maruseac <mihaimaruseac@google.com>
mihaimaruseac added a commit to mihaimaruseac/model-transparency that referenced this issue Jul 24, 2024
@mihaimaruseac
Machinery for singing generic manifests.
4817625 
THIS IS DRAFT, WIP. Will split into separate PRs once it works. But
posting publicly to show what the plans are (sigstore#224, sigstore#248, sigstore#240, sigstore#111).

Signed-off-by: Mihai Maruseac <mihaimaruseac@google.com>
mihaimaruseac added a commit to mihaimaruseac/model-transparency that referenced this issue Jul 24, 2024
@mihaimaruseac
Machinery for singing generic manifests.
d3d4cce 
THIS IS DRAFT, WIP. Will split into separate PRs once it works. But
posting publicly to show what the plans are (sigstore#224, sigstore#248, sigstore#240, sigstore#111).

Signed-off-by: Mihai Maruseac <mihaimaruseac@google.com>
This was referenced Jul 27, 2024
Merged
Merged
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
V1 release
Development

Successfully merging a pull request may close this issue.

Add in-toto format with hashes of shards as subjects mihaimaruseac/model-transparency
2 participants
@mihaimaruseac @susperius