model-transparency
model-transparency copied to clipboard
sigstore
Supply chain security for ML
APIs design
This issues proposes what the (long-term) APIs will look like. Looking for comments, nothing set in stone. ### 1. Hash engine Tracked in https://github.com/sigstore/model-transparency/issues/140 Why: - for callers to customize...
#### Summary This is the lowest layer of the model signing API (#172). It only supports computing the digest of a single object, in a flexible way (#140). We add...
Provide an API that allows re-computing the hash of a subset of files in a model. This is useful in cases where only a (small) set of files have changed,...
We need a playbook to explain how a hub would integrate our library and what verification needs to be supported. Here is a list of integration paths (not necessarily in...
As mentioned during the meeting this the re-implementation I was working on. It provides model signing through - sigstore - bring your own key (ecdsa) - bring your own PKI...
This is a proposal for v1 release. Scope: support sigstore for path only (no in-memory path support). This requires to implement only a subset of https://github.com/sigstore/model-transparency/issues/172: ```python # model.py def...
E.g. https://www.blake2.net (reduced rounds), https://github.com/BLAKE3-team/BLAKE3
**Description** Based on the summary of GGUF model architecture [available on huggingface](https://huggingface.co/docs/hub/en/gguf), it seems like a plausible feature candidate to enable signing of GGUF models.
Investigate the speed on OSX. The unit tests seem to be slow. It could be because the runners are not as fast
Relates to: https://github.com/sigstore/model-transparency/issues/78 #### Summary The benchmarking script does not work with Darwin, in such a way that it appears to be suffering under load while it actually just doesn't...