Contract Source Validation SEP

[orbitlens]

Contract Source Validation SEP

Preamble

SEP: TBD
Title: Contract Source Validation
Authors: OrbitLens <@orbitlens>
Track: Standard
Status: Draft
Created: 2024-09-28
Updated: 2025-02-19
Version: 0.3.0
Discussion: https://github.com/stellar/stellar-protocol/discussions/1573

Simple Summary

A toolkit for the verification of the trust chain between contract WASM and its source code.

Motivation

Stellar doesn't store the source code of contracts in the blockchain, so it may be quite challenging for users to make sure that a contract they are going to invoke is not malicious and behaves as advertised.

Abstract

This SEP describes an approach of automated source code matching based on GitHub Actions Workflows and GitHub Attestations. It provides the ability to establish a trust chain from a smart contract deployed on Stellar Network to a specific commit in GitHub repository containing source code of this contract. As a side benefit, this standard workflow streamlines the smart contracts compilation and release process for Soroban WASM runtime.

In order to turn on automatic code attestation, smart contract developers create a simple configuration file in a contract Git repository.

When triggered, this workflow:

• Compiles a smart contract (or multiple contracts) in the repository
• Creates an optimized WebAssembly file ready to be deployed to Soroban
• Publishes GitHub release with attached build artifacts
• Creates GitHub attestation artifact associated with the repository

Upon successful validation, anyone can retrieve the GitHub repo link from the contract binary and verify the authenticity of the build directly on the contract GitHub repository Attestations page or using a blockchain explorer that supports this SEP. The trust chain can be validated up to a particular point-in-time snapshot of the source code at the given commit used to build the contract.

Specification

The verification mechanism relies on the GitHub automation and Attestations build artifacts generated during the automated smart contract compilation. Each attestation contains:

• Source code repository
• Environment variables
• Output binary hash (matches the hash of the contract WASM deployed on the ledger)
• Commit hash (required to point at a specific point-in-time codebase snapshot)
• Link to the workflow associated with the artifact (used to ensure the security of the compilation process)

In addition to the source code repository link, the workflow can also store a home domain in the contract to provide a consistent off-chain organization and/or token information resolution using a standard SEP-0001 stellar.toml file.

During the compilation, the pipeline stores a repository address in every compiled contract by adding WASM metadata to the contractmetav0 custom sections. Metadata is stored in the contract as SCMetaEntry XDR entry. Downstream systems can retrieve this information directly from the WASM, read repository contents and retrieve corresponding attestation from the GitHub API endpoint: https://api.github.com/repos/<user_name>/<repo_name>/attestations/sha256:<wasm_hash>, where wasm_hash is the SHA256 hash of the contract WASM binary.

Metadata entries stored in the contract WASM:

• source_repo=github:<user_name>/<repo_name> - source repository link
  example: source_repo=github.com:reflector-network/reflector-dao-contract
• home_domain=<domain_name> - domain that hosts organization's stellar.toml (domain name only, without schema or relative path)
  example: home_domain=reflector.network

Based on this information anyone can verify the authenticity of the smart contract source code, and perform a reverse lookup of the contract information from the organization's domain.

Workflow Setup and Configuration

Prerequisites

• Create a GitHub Actions workflow file .github/workflows/release.yml in your repository.
• Decide how the compilation workflow will be triggered. The recommended way is to configure workflow activation on git tag creation. This should simplify versioning and ensure unique release names.

Workflow Inputs and Secrets

Basic compilation workflow path:
stellar-expert/soroban-build-workflow/.github/workflows/release.yml@main

The workflow expects the following inputs in the with section:

• release_name (required) - release name template (should include a release version variable, e.g. ${{ github.ref_name }})
  package (optional) - package name to build, builds contract in working directory by default
• relative_path (optional) - relative path to the contract source directory, defaults to the repository root directory
• make_target (optional) - make target to invoke, empty by default (useful for contracts with dependencies that must be built before the main contract)

Basic workflow for the repository with a single contract

name: Build and Release  # arbitrary name
on:
  push: 
    tags:
      - 'v*'  # triggered whenever a new tag (prefixed with "v") is pushed

permissions:  # required permissions
  id-token: write
  contents: write
  attestations: write

jobs:
  release-contract-a:
    uses: stellar-expert/soroban-build-workflow/.github/workflows/release.yml@main
    with:
      release_name: ${{ github.ref_name }}   # git tag as unique release name
      release_description: 'Contract release'   # text to attach to the release
      relative_path: '["src/my-awesome-contract"]'   # relative contract path
      package: 'my-awesome-contract'   # package name to build
      make_target: 'build-dependencies'   # make target to invoke
      home_domain: 'doman.name'    # organization's domain name (optional)
    secrets:  # authentication tokens will be automatically created by GitHub
      release_token: ${{ secrets.GITHUB_TOKEN }}   # don't modify this line

Workflow Permissions

In order to create a release, the workflow needs id-token: write, contents: write and attestations: write permissions. Default workflow permissions for a repository can be found at "Settings" -> "Actions" -> "Workflow permissions". It's important to specify permissions on the top level in the .github/workflows/release.yml configuration file itself:

permissions:
  id-token: write
  contents: write
  attestations: write

Building Multiple Contracts

To build multiple contracts, add a separate job for each contract. The workflow will compile and release each contract independently.

name: Build and Release Multiple Contracts
on:
  push: 
    tags:
      - 'v*'  # triggered on a new tag (prefixed with "v")

permissions:
  id-token: write
  contents: write
  attestations: write

jobs:
  release-contract-a:
    uses: stellar-expert/soroban-build-workflow/.github/workflows/release.yml@main
    with:
      release_name: ${{ github.ref_name }}          
      release_description: 'Contract A Release'       
      relative_path: '["src/my-awesome-contract"]'  
      package: 'my-awesome-contract'                
      make_target: 'build-dependencies'             
    secrets:
      release_token: ${{ secrets.GITHUB_TOKEN }}
  
  release-contract-b:
    uses: stellar-expert/soroban-build-workflow/.github/workflows/release.yml@main
    with:
      release_name: ${{ github.ref_name }}          
      release_description: 'Contract B Release'
      relative_path: '["src/another-awesome-contract"]'
    secrets:
      release_token: ${{ secrets.GITHUB_TOKEN }}
    
  release-contract-from-root:
    uses: stellar-expert/soroban-build-workflow/.github/workflows/release.yml@main
    with:
      release_name: ${{ github.ref_name }}          
      release_description: 'Root Contract Release'
    secrets:
      release_token: ${{ secrets.GITHUB_TOKEN }}

Triggering Build Process Manually

Triggering this workflow manually requires a unique release name prompt. Replace the trigger condition in config and update release_name to utilize the value from the prompt.

on:
  workflow_dispatch:
    inputs:
      release_name:
        description: 'Unique release name'
        required: true
        type: string
permissions:
  id-token: write
  contents: write
  attestations: write
jobs:
  release-contract:
    with:
      release_name: ${{ github.event.inputs.release_name }}

Attestation Verification Flow

Steps to assemble the trust chain between the deployed smart contract and the source code repository:

1. Obtain a HEX-encoded WASM hash of the smart contract in question.
2. Download the corresponding WASM binary from the ledger.
3. Parse the binary to retrieve the metadata stored in contractmetav0 custom sections.
4. Iterate through the entries to find the metadata with a source_repo key. Retrieve GitHub user_name and repo_name from the meta value stored in the format described above.
5. Load the attestation from https://api.github.com/repos/<user_name>/<repo_name>/attestations/sha256:<wasm_hash>. Parse the response as JSON.
6. Retrieve the encoded payload from the path attestations[0].bundle.dsseEnvelope.payload. The format follows in-toto.io/Statement/v1 standard. Decode the payload as Base64 and parse resulting string as JSON.
7. Validate subject[0].digest.sha256 to match the smart contract hash obtained at step 1.
8. Validate runDetails.builder.id to match the trusted reference build workflow repository address and relative path (https://github.com/stellar-expert/soroban-build-workflow/.github/workflows/release.yml@refs/heads/main).
9. Validate predicate.buildDefinition.resolvedDependencies[0].uri to match the GitHub repository obtained at step 4.
10. Field predicate.buildDefinition.resolvedDependencies[0].digest.gitCommit will contain the git commit hash at which the attestation has been produced.

If any of the above steps fail, the entire attestation verification process fails.

Notes

• The workflow assumes that each contract directory contains the necessary structure and files for the build process.
• It makes sense to run contract tests automatically before deploying the contract to make sure that broken contracts won't end up in published releases. It requires adding corresponding action invocation before the release_contract job.
• In case of the multi-contract repository setup, contracts shouldn't have the same name (defined in TOML file) and version to avoid conflicts during the release process.
• To enable automatic contract source validation process, contracts should be deployed to Stellar Network directly from a compiled GitHub release generated by this workflow. Otherwise the deployed contract hash may not match the release artifacts due to the compilation environment variations.

Design Rationale

Currently, the pipeline relies on GitHub platform tools and does not provide the toolkit for other platforms, like GitLab or BitBucket. GitHub has the largest market share, so the initial implementation utilized its standard APIs and instruments. In the future, in response to the demand, similar automated workflow can be created for other platforms as well. The source_repo metadata record contains a platform prefix (github:) as an extension point for the smooth integration of other repository hosting providers. In addition, attestations can be also potentially stored on IPFS or other distributed storage to increased the data availability.

Likewise, this SEP and workflow can be extended in the future to execute automatic contract deployment to the network on build. However, this process has a huge a list of potential security concerns which need to be evaluated, addressed, and documented before including this functionality in the continuous delivery pipeline.

Security Concerns

This SEP does not create any direct security concerns for the Stellar protocol or ecosystem applications.

Since the verification routine relies on the GitHub build automation and attestations mechanism, this approach implies the trust in GitHub’s security. If GitHub security is compromised, it means that verification data cannot be trusted. The possibility of such an event looks very low considering the track records of GitHub and its enterprise backers.

Unlike other building artifacts, attestations are stored in GitHub forever (or at least until the code repository is removed). Therefore, if developers decide to remove a smart contract repository, the verification chain may be broken. However, downstream systems (like blockchain explorers) may retain the verification information indefinitely, alleviating such risks.

While the build process itself is performed in the virtual GitHub environment shielded from an external access, smart contract developers still can potentially use some subtle techniques to inject malicious code into the contract during the compilation phase. Protecting end users from malicious developer actions is out of the scope of this SEP – the primary goal is to provide unfalsifiable evidences that a contract has been compiled automatically using a particular GitHub repository.

The automation workflow that builds smart contracts is currently hosted by StellarExpert. We suggest transferring its repository ownership to SDF in order to minimize trust concerns.

Implementations

• Workflow

Changelog

• v0.3.0 - Updated workflow to exclude the Docker image, clarified what attestation fields are used during the verification
• v0.2.0 - Added home_domain meta, notes on meta XDR and format, design rationale for the GitHub platform lock-in
• v0.1.1 - Defined metadata storage key format explicitly
• v0.1.0 - Initial draft

[tupui]

I have been using your action for my project and it's great 👍 It's very important for the whole supply chain security that we get that part right.

Some comments/suggestions:

• Besides reproducible build, which comes with its own set of challenges, the last bit would be to have a CD step. But that's very debatable from a security point of view and also because then it's very locked in on a specific platform. (Sticking to GitHub, you could use OpenID Connect.)

• On the attestation storage part. I would suggest to move that to IPFS. That would alleviate a bit of lock in and I think that as an industry we should do more with IPFS and try to rely less on things like GitHub, AWS, etc. PyPi is uploading their attestations to sigstore, but here as well it's very much centralized and they only guarantee 3 9s. Otherwise they invite you to spin up their service on your infra. Which to me is a cry for IPFS or else.

• It might be missing is a general API definition in case people would want to use another platform (e.g. GitLab).

• Can this be viewed as a security concern? In the end we also need to put some trust in the GitHub action especially if it can inject stuff in the contract.

  During the compilation, the pipeline stores a repository address in every compiled contract by adding custom WASM metadata in the source_repo=github:<user_name>/<repo_name> format.

• Do you have plans for adding SBOM? I think that's also important (and in some cases needed for regulatory purposes like DORA.)

[orbitlens]

Thanks for the detailed feedback.

Besides reproducible build, which comes with its own set of challenges, the last bit would be to have a CD step.

The workflow can be relatively extended in the future to execute automatic contract deployment to the network on build. However, this process has a huge a list of potential security concerns which need to be evaluated, addressed, and documented before including this functionality in the continuous delivery pipeline.

On the attestation storage part. I would suggest to move that to IPFS.

This is something definitely worth researching in the future. I'm not sure whether it's possible to resolve contract hash -> IPFS attestation hash relation without a centralized entity since IPFS hashes the content of the attestation data itself.

It might be missing is a general API definition in case people would want to use another platform

It requires a lot of work. While I think it's the right path, I'm not ready to spare resources for R&D on this right now.

Can this be viewed as a security concern? In the end we also need to put some trust in the GitHub action especially if it can inject stuff in the contract.

Yes, it's a security concern. We have to trust a centralized entity (GitHub) that it won't mess up with the code, and we need to trust the workflow itself. I mentioned this in the "Security Concerns" section. Please let me know if it's unclear and I need to elaborate on this.

Do you have plans for adding SBOM?

We cannot include SBOM information directly into the contract itself, but probably can generate it alongside with the contract binary attestation. I'll check this.

[tupui]

It might be missing is a general API definition in case people would want to use another platform

It requires a lot of work. While I think it's the right path, I'm not ready to spare resources for R&D on this right now.

Just to be clear, here I was proposing that you put the OpenAPI schema (or else) that you currently use for your current API. It should be a good starting point as it works.

Yes, it's a security concern. We have to trust a centralized entity (GitHub) that it won't mess up with the code, and we need to trust the workflow itself. I mentioned this in the "Security Concerns" section. Please let me know if it's unclear and I need to elaborate on this.

In the security section you mention the trust into GitHub, but I think here we also need to clearly mention again that the contract is being modified to add some metadata into it. In the top section the description is ok I think, but here we should expand on the security implications of modifying the contract.

[leighmcculloch]

👋🏻 This proposal is really important and it's wonderful to see it starting to get use already.

I think the proposal bundles together three super valuable things that need more specification, independently:

• 1️⃣ Linking built wasms to source code
• 2️⃣ Linking built wasms to home domains
• 3️⃣ A convenient common build process or common build containers

Why:

• they have different goals
• they do not need to be used together
• independent, they would be composable
• some are easy to specify in full now and expect never to change (1️⃣, 2️⃣), others require more iterative ongoing work (3️⃣)
• by bundling we create a mega-SEP of sorts that:
  • misses some specificity, e.g. doesn't discuss the concrete guarantees and how to validate and reproduce those guarantees

---

1️⃣ Linking built wasms to source code –

The proposal achieves this with GitHub Attestations and Sigstore's Rekor (transparency log) 👏🏻.

GitHub Attestations are sufficient for proving the wasm to source code link. We know this because it's now a software engineering best practice adopted by other ecosystems (npm, pypi, homebrew). The rest of the proposal provides other guarantees and benefits that aren't critical for proving a link between a binary (wasm) and code.

The less we add to this verification process that is bespoke, the more we lean on the software engineering industries best practices, the more we can benefit from development outside the Stellar ecosystem. For example, using common tools like the github-cli to facilitate verification.

For the purposes of defining how to verify code, the proposal would be sufficient to set it's scope on:
a) set the source_repo meta
b) define how to generate attestations
c) define how to verify attestations

Currently the proposal doesn't indicate how to do (b) or (c), other than use the stellar-expert/soroban-build-workflow workflow to publish and stellar.expert to view verifications. I think it's critical the proposal discuss both in detail at a foundational level so that others can implement the proposal. So I think the proposal needs to discuss:

• At a basic level how someone can create an attestation. It could show how to do this with GitHub's action at least, or sigstore tooling. e.g.:

      - uses: actions/attest-build-provenance@v1
        with:
          subject-name: contract.wasm
          subject-path: target/wasm32-unknown-unknown/release/contract.wasm

• Detail how to verify a wasm was built from code. Discuss what GitHub APIs to call, the https://in-toto.io/Statement/v1 payload data, how to verify the payload in the Rekor transparency log (still important, even though this proposal trusts GitHub, because it limits the trust to build time and not verify time), and what fields of the payload data are critical to verify and why. It could direct users how to determine the git commit, the repo, the workflow that was executed. It could discuss subtle but important aspects such as as what type of runner the build was executed on because non-github-hosted runners are custom environments where a different trust model would be required not only on GitHub.

The proposal suggests SDF take ownership of the bespoke workflow, but if we reduce the verification proposal to the above, there will be no need for any trust in any workflow owner, other than GitHub. Assuming the use of Rekor in the verification process, GitHub on its own would only be trusted at build time, not at verification time.

It would be awesome if the proposal could discuss the sigstore primitives that are being used. Because really this solution is platform agnostic already. A payload is produced, signed, published to the sigtore transparency log (rekor), and if you trust the signer, you can verify the payload. But being most practical I think it's fine if it relies on GitHub APIs and maybe in the future a compatible SEP is written that describes the process at the sigstore layer.

---

2️⃣ Linking built wasms to home domains –

The proposal includes instructions for how to store home_domain meta inside a wasm file, but doesn't define how to do verification of the domain. There should be a corresponding change to SEP-1 stellar.toml and a verification process where a wasm file must point to the stellar.toml, and the stellar.toml must point to the wasm hash, to confirm that neither the wasm file or the stellar.toml are fraudulent.

This 'home_domain' linking could be an independent SEP and doesn't need to be coupled with source code verification.

The wasm file home_domain linking may also not be sufficient for all use cases. Not all deployments of a wasm hash should be associated with the same home domain. Contract deployments/instances also need a way to report their home_domain linkage, and so it may be better to do linking at the instance level instead of the wasm file meta level.

---

3️⃣ A convenient common build process or common build containers –

The proposal as written requires the use of a GitHub build workflow where contracts are built in a specific Ubuntu docker image, and attestation/verification requires releasing:

stellar-expert/soroban-build-workflow/.github/workflows/release.yml@main

The workflow is opinionated and makes assumptions about how a developer wants to build and release their contracts.

In other ecosystems that use attestation, building is not opinionated or coupled to attestation, for e.g.:

• Should this action pre-install wheel? pypa/gh-action-pypi-publish#11 (comment)

The workflow expands the surface area of a contract developers risk, because they must be concerned with a third parties action, and the additional third party components that workflow pull in and may be supply chain exploitable. For example:

• softprops/action-gh-release@v2 dependency within the workflow stellar-expert/soroban-build-workflow#2

It shifts control away from the developer and requires developers to use a specific approach to releasing and building their applications. Ideally developers can be in full control of their own build and release processes and still be permitted to participate in verification.

I think a standard GitHub Action that builds Rust Stellar contracts would be good for the ecosystem, but it seems unnecessary to couple it with source code verification.

A standard Docker image for building could further the goal of reproducible builds as another method for making it possible to verify builds. This proposal would need more than what exists here though, such as a fully and truly reproducible build image, and a way to securely link wasm builds back to their build image. That effort is much more likely to be iterative and require more work because reproducible builds in Rust are hard (something @brson has spent some effort on improving ❤️) and building other peoples Rust code is unsafe (because building Rust code executes it on the host).

---

In an example contract repo I've written a build process that I think should be compatible with the verification proposal, because it uses attestation reasonably to prove linkage between a wasm and code. Currently it doesn't show up as verified on stellar.expert because it doesn't use the stellar-expert workflow:

• https://github.com/leighmcculloch/exp-stellar-expert-verified-builds/blob/main/.github/workflows/custom-release.yml

In my own learning I wrote a prototype CLI command that verifies the code links to the binary using only the source_repo meta and the GitHub Attestation APIs. It's just a toy, and not something I plan to merge as is, but for folks who want to play with it:

• Experimental contract code/build linking command stellar-cli#1778

@orbitlens and folks, wdyt? Are there three proposals here we can separate?

@tupui given your experience with pypi I'm interested if separating this proposal makes sense, specifically separately 1️⃣ and 3️⃣, given that ecosystem has as far as I can tell.

[leighmcculloch]

An attestation links a contract WASM to the corresponding source code.

If we acknowledge that the proposal doesn't prevent build-time injections, then there doesn't seem to be any benefit to disallowing custom workflows. The proposal requires the use of a specific workflow, when verification only needs the attestation?

[orbitlens]

All my arguments are on the table. I'm personally not comfortable with an idea to display in StellarExpert repository links established via attestations built by arbitrary workflows. Not ready to take this responsibility.

If you insist on this and it's an SDF position, I'll retract my proposal -- please create a SEP as you see fit.

[leighmcculloch]

Hi @orbitlens,

I wanted to understand this further and asked an auditor to review the proposal both with (#1573) and without the workflow (#1711), and to provide feedback about the security benefits of requiring the workflow.

This was their feedback:

I believe both approaches have their benefits and drawbacks. In the original proposal, the workflow will be hosted, audited, and secure - ideally under the Stellar organization. Devs only need to launch it, minimizing error margins. However, it’s more centralized, offering no control over workflow updates, folder structures, or version changes etc.

It’s important to note that using main as a remote workflow tag (as used in the proposal itself) in this case is strongly discouraged. Instead, a version hash should be used to prevent risks of the remote repository being compromised and altering the workflow.

In contrast, the new proposal offers developers full control and flexibility, independent of external orgs. However, this adds some complexity, and they must ensure their workflow is secure.

I believe the workflow’s “immutability” and isolation provide a false sense of security rather than actual safety guarantees. In both cases, a “malicious actor” can achieve code execution before the attestation is generated -- either through a makefile in the original proposal (as you demonstrated) or by embedding their own steps in a custom workflow. Ultimately, the attestation includes everything a user needs to verify the build’s legitimacy in both proposals, making them effectively equivalent in terms of security.

To me, it mostly comes down to ease of verification. The original proposal is more straightforward to verify since it doesn’t require stepping through the entire workflow. However, that simplicity can lead users to assume nothing can go wrong just because the workflow is predetermined. So in that case, it’s crucial to document potential attack vectors/things that can go wrong (e.g. sanity-checking the Makefile independently).

In contrast, the newer proposal explicitly places the responsibility on the user to verify each step, which may help highlight risks that could be overlooked in a more streamlined process.

I’m concerned that the workflow creates false sense of security, limits developer flexibility, and could become a supply chain vulnerability vector because of the multiple things the workflow would need to be maintained as doing (e.g. stellar-expert/soroban-build-workflow#2).

The benefits of the workflow seem to me to be outweighed by those costs, when it doesn't increase security. But I acknowledge stellar.expert is the one displaying the information, and I'm just looking into this further to fill the gaps in my own understanding of what I'm missing here.

Does the auditor’s perspective that the workflow doesn’t add security address the concerns your team had that led to requiring it? Or what are we missing?

Would love to discuss further.

cc @andreas-osec Please add anything I missed.

[orbitlens]

My problem with such approach is that it guarantees nothing at all. E.g. the workflow might be set as a reference to another repo via uses: some/other-repo/release.yml. In this case, a malicious actor can change the workflow to inject some code during the build process, initiate a release that will generate a malicious contract with all the metadata, and then revert the workflow to the previous state with git push --force. As a result, contract metadata is ok, it points to the exact git commit hash in the contract source repo, all looks legit, but the code doesn't match the compiled contract. Good luck to security experts or anyone else to find out what's wrong with the contract and how malicious code has been injected. That's only one scenario from the top of my head, probably there are other ways to mess up with the compilation process.

The routine we proposed earlier can't protect from malicious code injections through external dependencies, nor guarantee the build reproducibility in the long run. The only thing it guarantees is that the build process started from a specific repository at a specific commit hash. That's what we can show in the StellarExpert interface. We've been discussing this for months.

If we divert from the idea of using a predefined compilation pipeline, I don't see a reason why would we have to jump through all the hoops with attestations. Just put the github repo and commit info into the source_repo field during the build (in the format source_repo=github:<user_name>/<repo_name>#<commit_hash>), and that's it. We'll be showing the information from such metadata in StellarExpert the same way we show TOML info, with warnings (e.g. "Please note, the source repository metadata is loaded from the contract, but it doesn't guarantee authenticity and was not verified by the StellarExpert team"). If the compilation process is prone to the external injections by default and there's no source repo consistency guarantees, why even bother with attestations? It provides a false sense of security that just isn't there.

Honestly, at this point I'm ok with any SDF decision on this topic. It's been more than two years of dancing around this problem. To tell the truth, I'm mentally exhausted and don't want to spend any more time on it. Just merge this pull request and we'll use it in StellarExpert, the only thing I'm asking -- please provide a clear warning in the SEP that source code authenticity is not guaranteed and this information cannot be trusted (my previous formulations in the original SEP draft were relatively mild because of the different approach) or remove my name from the "authors" section, I do not want to be potentially liable for any security incidents.

[andreas-osec]

Hi @orbitlens,

In my opinion, both proposals don’t offer more guarantees beyond establishing that the build started from the specific repository, at the specific commit, using the specific workflow or pipeline. I think it’s important to state this explicitly in the SEP, since there is no guarantee that the compiled code was actually produced by the contract code visible on Github. The compilation steps should therefore always be reviewed manually. Regarding which proposal is "best", I believe they are equivalent in terms of security. In practice, the decision comes down to which approach people prefer or feel more comfortable with.

About the scenario you described: in most cases, it’s relatively easy to spot when a workflow is maliciously importing an external workflow to hide something. However, even if that’s not obvious, there are still ways to detect that the code has been replaced. Here are a couple of examples for reference:

1. The attestation itself links to the build summary, allowing reviewers to walk through the exact steps that were executed. However, note that such logs are purged every once in a while, so this method might not be always reliable.
2. More generally, you can use the Github API to see if any force pushes happened, since these are recorded in the repository’s activity log. This makes it easy to check if something like that occurred after the attestation. The API can also show when the repository was created, so you can confirm it wasn’t deleted and re-created later to wipe the history. If there was a force push or the repository was deleted and recreated after the attestation, the build should be considered untrusted

Since GitHub maintains persistent logs, most tampering attempts will leave traces and should raise flags during the workflow review. That said, I’m more than happy to discuss any additional ideas or considerations I might have missed.
On that note, I believe it would be a good addition to the SEP to require that any external workflows used must reference pinned commits, rather than a moving one like main, and that these commits and workflows must be publicly accessible for the workflow to be considered trusted.

To wrap up, I don’t see any reason not to use a predefined workflow if end users/consumers are more comfortable with it. However, based on discussions with the team, the concern isn’t with using a predefined workflow itself, but with requiring it. Mandating a specific workflow can create a false sense of security, whereas allowing flexibility makes it clearer that consumers are responsible for reviewing everything individually, and, lastly, it seems unnecessarily restrictive from a devx standpoint, without offering significant gains.

[leighmcculloch]

Separate to my other comment which is more about making changes to the SEP, could SEP go into greater detail about what parts of the attestation, it's payload, etc are used for verification?

For example, could it discuss what GitHub APIs are used, what fields out of the in-toto.io/Statement/v1 payload data are verified (e.g. the runtime environment == github-hosted?), and information about if the attestation is verified in the Rekor transparency log (imo it's important this is checked as a way to reduce the surface area of the trust in the provider).

[orbitlens]

I updated the SEP proposal to include the "Attestation Verification Flow" following @leighmcculloch's advice.

We also updated the workflow to remove Docker dependency and the step that sends information to StellarExpert API. Our ingestion engine will be able to retrieve this information directly from the contract, so that's not needed anymore. @leighmcculloch could you please take a look at the workflow before we merge it to the master branch?

[leighmcculloch]

I updated the SEP proposal to include the "Attestation Verification Flow" following @leighmcculloch's advice.

Thanks @orbitlens.

---

7. Validate subject[0].digest.sha256 to match the smart contract hash obtained at step 1.

@fnando I don't think the CLI's stellar contract build info command does this step. I might have left it out originally thinking it was unnecessary because the hash is in the GitHub URL we use to lookup the attestation, but on second thought, checking it inside the payload is important so that we're being rigorously skeptical because it's the payload that gets signed.

---

Something I don't see in the attestation flow, and isn't implemented in the CLI's stellar contract info build either, is that we could add a check to ensure that the hash of the payload can also be found linked to the wasm hash in the Sigstore public transparency log, which can be queried by using the Rekor API.

I think we should add a check for this.

Why: By relying on the GitHub API a user confirming build information for a contract is trusting GitHub in two moments: 1. at the time the build was created and recorded, and then 2. for the full time window between then and when their API is queried for data. We can reduce the window of trust down to only that first moment by checking that the wasm hash and payload hash are in the transparency log which will ensure the payload has not been altered over time.

@orbitlens @fnando Wdyt?

Note that the public Rekor API has an SLO of 99.5%.

I think someone needs to go deep on the Rekor API, but as a quick example of how to use the Rekor API to verify the wasm hash and attestation payload hash are present also in that API:

For stellar-cli v22.5.0 the Apple Silicon binary available here has the following hash:
Binary: https://github.com/stellar/stellar-cli/releases/download/v22.5.0/stellar-cli-22.5.0-aarch64-apple-darwin.tar.gz
SHA256: 18c7c400bc241438de1375d2975b35375c7f06c4db6729dd5fb11442c5934d2c

Collect UUID for the wasm hash from Rekor:

$ curl -X POST -H "Content-type: application/json" https://rekor.sigstore.dev/api/v1/index/retrieve --data-raw '{"hash":"sha256:18c7c400bc241438de1375d2975b35375c7f06c4db6729dd5fb11442c5934d2c"}'
["108e9186e8c5677a3fdc3b82e7157e9f65b1ac5f03276d3bed08aaf36fcab2397b0800f07bfc78c5","108e9186e8c5677aa4458814c5a7fee0c8c5ed01dadc7a1498a5c4dfb67dcc1a5b395f843d37a0ae","108e9186e8c5677ab55ab34ebf7638d99101a371876f984af50c0b5fe6faf35530610410b478c04a"]

Collect Payload Hash from Rekor:

$ curl -Xs GET https://rekor.sigstore.dev/api/v1/log/entries/108e9186e8c5677ab55ab34ebf7638d99101a371876f984af50c0b5fe6faf35530610410b478c04a \
  | jq -r '.[] | .body' \
  | base64 -d | jq -r '.spec.payloadHash.value'
60e8b0acd68dcea84cf903bdee752f001c78de8c1ec3fb2dc9150a2547116381

Collect GitHub Attestation payload for the wasm hash:

$ payload=$(curl -s https://api.github.com/repos/stellar/stellar-cli/attestations/sha256:18c7c400bc241438de1375d2975b35375c7f06c4db6729dd5fb11442c5934d2c | jq -r '.attestations[0].bundle.dsseEnvelope.payload')

Check the GitHub Attestation payload hash matches the payload hash in Rekor:

$ echo $payload | base64 -d | shasum -a 256
60e8b0acd68dcea84cf903bdee752f001c78de8c1ec3fb2dc9150a2547116381  -

Not exampled here is verifying the payload signature, that might also be worthwhile doing.

[leighmcculloch]

Oh one more step that I think needs adding to the verification flow is to verify that the runner was a github-hosted runner. The attestation payload contains the info in this field:

            .predicate
            .build_definition
            .internal_parameters
            .github
            .runner_environment

[leighmcculloch]

We also updated the workflow to remove Docker dependency and the step that sends information to StellarExpert API.

I was relooking at the repo and noticed that these changes are on the no-docker branch, not on main. Are there still plans to make those changes to main?

[fnando]

I'd like to move this over the finish line. After a lot of internal discussion, we came to the conclusion that we can simplify the proposal a little bit, without heavily relying on a hosted workflow. I drafted an updated version and would love to have your thoughts, @orbitlens @leighmcculloch.

---

Contract Build Verification SEP

Preamble

SEP: TBD
Title: Contract Build Verification
Authors: OrbitLens <@orbitlens>, Nando Vieira <@fnando>
Track: Standard
Status: Draft
Created: 2024-09-28
Updated: 2025-03-12
Version: 0.4.0
Discussion: https://github.com/stellar/stellar-protocol/discussions/1573

Simple Summary

A toolkit for the verification of the contract WASM build.

Motivation

Stellar doesn't store the source code of contracts in the blockchain, so it may be quite challenging for users to make sure that a contract they are going to invoke is not malicious and behaves as advertised.

Abstract

This SEP describes an approach to contract build verification using GitHub Attestations. It provides the ability to display information about the contract that's been deployed and the build pipeline that generated the WASM file.

This proposal makes no assumptions on how your WASM file is generated, but requires developers to add a metadata entry to the WASM, as well as making an artifact attestion using GitHub Actions.

Once the contract is deployed, anyone can verify and inspect the build pipeline that generated the WASM file. It's important to be aware that this doesn't mean that the contract is safe to use, but it does provide a way to verify how the contract was built, by giving access to the workflow file that was used to build the contract.

Specification

The verification mechanism relies on the GitHub automation and Attestations build artifacts generated during the automated smart contract compilation. Each attestation contains:

• Source code repository
• Environment variables
• Output binary hash (matches the hash of the contract WASM deployed on the ledger)
• Commit hash (required to point at a specific point-in-time codebase snapshot)
• Link to the workflow associated with the artifact (used to ensure the security of the compilation process)

In addition to the source code repository link, the workflow can also store a home domain in the contract to provide a consistent off-chain organization and/or token information resolution using a standard SEP-0001 stellar.toml file.

During the compilation, the pipeline stores a repository address in every compiled contract by adding WASM metadata to the contractmetav0 custom sections. Metadata is stored in the contract as SCMetaEntry XDR entry. Downstream systems can retrieve this information directly from the WASM, read repository contents and retrieve corresponding attestation from the GitHub API endpoint: https://api.github.com/repos/<user_name>/<repo_name>/attestations/sha256:<wasm_hash>, where wasm_hash is the SHA256 hash of the contract WASM binary.

Metadata entries stored in the contract WASM:

• source_repo=github:<user_name>/<repo_name> - source repository link (e.g. source_repo=github.com:reflector-network/reflector-dao-contract)
• home_domain=<domain_name> - domain that hosts organization's stellar.toml (e.g. home_domain=reflector.network, no schema or path is allowed)

Based on this information anyone can verify the authenticity of the smart contract source code, and perform a reverse lookup of the contract information from the organization's domain.

Design Rationale

Currently, the pipeline relies on GitHub platform tools and does not provide the toolkit for other platforms, like GitLab or BitBucket. GitHub has the largest market share, so the initial implementation utilized its standard APIs and instruments. In the future, in response to the demand, similar automated workflow can be created for other platforms as well. The source_repo metadata record contains a platform prefix (github:) as an extension point for the smooth integration of other repository hosting providers. In addition, attestations can be also potentially stored on IPFS or other distributed storage to increased the data availability.

Likewise, this SEP and workflow can be extended in the future to execute automatic contract deployment to the network on build. However, this process has a huge a list of potential security concerns which need to be evaluated, addressed, and documented before including this functionality in the continuous delivery pipeline.

Attestation Verification Flow

Steps to assemble the trust chain between the deployed smart contract and the source code repository:

1. Obtain a HEX-encoded WASM hash of the smart contract in question.
2. Download the corresponding WASM binary from the ledger.
3. Parse the binary to retrieve the metadata stored in contractmetav0 custom sections.
4. Iterate through the entries to find the metadata with a source_repo key. Retrieve GitHub user_name and repo_name from the meta value stored in the format described above.
5. Load the attestation from https://api.github.com/repos/<user_name>/<repo_name>/attestations/sha256:<wasm_hash>. Parse the response as JSON.
6. Retrieve the encoded payload from the path attestations[0].bundle.dsseEnvelope.payload. The format follows in-toto.io/Statement/v1 standard. Decode the payload as Base64 and parse resulting string as JSON.
7. Validate subject[0].digest.sha256 to match the smart contract hash obtained at step 1.
8. Validate predicate.buildDefinition.resolvedDependencies[0].uri to match the GitHub repository obtained at step 4.
9. Field predicate.buildDefinition.resolvedDependencies[0].digest.gitCommit will contain the git commit hash at which the attestation has been produced.

If any of the above steps fail, the entire attestation verification process fails.

Workflow Setup and Configuration

Prerequisites

• Create a GitHub Actions workflow file .github/workflows/release.yml in your repository.
• Decide how the compilation workflow will be triggered. The recommended way is to configure workflow activation on git tag creation. This should simplify versioning and ensure unique release names.

Workflow Permissions

In order to create a release, the workflow needs id-token: write, contents: write and attestations: write permissions. Default workflow permissions for a repository can be found at "Settings" -> "Actions" -> "Workflow permissions". It's important to specify permissions on the top level in the workflow file itself:

permissions:
  id-token: write
  contents: write
  attestations: write

Example: Basic workflow using Stellar CLI

The following workflow uses Stellar CLI to build and optimize the contract.

---
name: Build and Release
on:
  push:
    # 1️⃣ Create a release whenever a new tag like `v0.0.0 is pushed.
    tags:
      - "v*"

  # 2️⃣ Create a release manually from GitHub's user interface.
  workflow_dispatch:
    inputs:
      release_name:
        description: "Release Version (e.g. v0.0.0)"
        required: true
        type: string

permissions:
  id-token: write
  contents: write
  attestations: write

jobs:
  release:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3
      - run: rustup update
      - run: rustup target add wasm32-unknown-unknown
      - run: cargo version

      # 3️⃣ Set up env vars that will be used in the workflow.
      - name: Set up env vars
        run: |
          echo "WASM_FILE=target/wasm32-unknown-unknown/release/hello.wasm" >> $GITHUB_ENV

          if [ -n "${{ github.event.inputs.release_name }}" ]; then
            echo "TAG_NAME=${{ github.event.inputs.release_name }}" >> $GITHUB_ENV
          else
            echo "TAG_NAME=${{ github.ref_name }}" >> $GITHUB_ENV
          fi

      # 4️⃣ Set up the Stellar CLI.
      - uses: stellar/[email protected]
        with:
          version: 22.5.0

      # 5️⃣ Build the contract and mark the WASM with the current repository.
      - name: Build contract
        run: |
          stellar contract build \
            --meta home_domain=example.com \
            --meta source_repo=github:${{ github.repository }}

          stellar contract optimize --wasm ${{ env.WASM_FILE }}
          file=${{ env.WASM_FILE }}
          cp "${file%.*}.optimized.wasm" ${{ env.WASM_FILE }}

      # 6️⃣ Upload the WASM file to the artifacts.
      - name: Upload to Artifacts
        uses: actions/upload-artifact@v4
        with:
          name: hello.wasm
          path: ${{ env.WASM_FILE }}

      # 7️⃣ Build the attestation for the wasm file.
      - name: Build Attestation for Release
        uses: actions/attest-build-provenance@v1
        with:
          subject-name: hello.wasm
          subject-path: ${{ env.WASM_FILE }}

      # 8️⃣ Make a new release.
      - name: Make a new Release
        id: release
        uses: actions/github-script@v7
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          script: |
            const response = await github.rest.repos.createRelease({
              owner: context.repo.owner,
              repo: context.repo.repo,
              tag_name: '${{ env.TAG_NAME }}',
              target_commitish: '${{ github.sha }}',
              make_latest: 'true'
            });

            const { data } = response;
            core.setOutput('release_id', data.id);

      # 9️⃣ Upload the wasm file to the release.
      - name: Upload to Release
        uses: actions/github-script@v7
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
          script: |
            const fs = require('fs');
            const path = require('path');
            await github.rest.repos.uploadReleaseAsset({
              owner: context.repo.owner,
              repo: context.repo.repo,
              release_id: '${{ steps.release.outputs.release_id }}',
              name: path.basename('${{ env.WASM_FILE }}'),
              data: fs.readFileSync('${{ env.WASM_FILE }}'),
            });

Security Concerns

This SEP does not create any direct security concerns for the Stellar protocol or ecosystem applications.

Since the verification routine relies on the GitHub build automation and attestation mechanism, this approach implies the trust in GitHub’s security. If GitHub security is compromised, it means that verification data cannot be trusted. The possibility of such an event looks very low considering the track records of GitHub and its enterprise backers.

Unlike other building artifacts, attestations are stored in GitHub forever (or at least until the code repository is removed). Therefore, if developers decide to remove a smart contract repository, the verification chain may be broken. However, downstream systems (like blockchain explorers) may retain the verification information indefinitely, alleviating such risks.

While the build process itself is performed in the virtual GitHub environment shielded from an external access, smart contract developers still can potentially use some subtle techniques to inject malicious code into the contract during the compilation phase. Protecting end users from malicious developer actions is out of the scope of this SEP – the primary goal is to provide unfalsifiable evidences that a contract has been compiled automatically using a particular GitHub repository.

Changelog

• v0.4.0 - Simplify proposal by removing steps that don’t provide additional safety because they are easily circumvented.
• v0.3.0 - Updated workflow to exclude the Docker image, clarified what attestation fields are used during the verification
• v0.2.0 - Added home_domain meta, notes on meta XDR and format, design rationale for the GitHub platform lock-in
• v0.1.1 - Defined metadata storage key format explicitly
• v0.1.0 - Initial draft

[misty-forest]

Hi. It looks like workflow v0.4.0 still not supported by stellar.expert. Any eta for this?

[tupui]

Hey all, should we try to make a meeting or something to push this forward?

[leighmcculloch]

GitHub's attestation solution is very recent and I would not yet say that this is the industry standard.

This is a fair assessment I think. GitHub's attestations as a feature is relatively new (2024?). They're built on open standards from the Sigstore project which is less new but still new (2021?). I do think it would be worthwhile expanding the SEP to demonstrate how to verify the attestation using non-GitHub APIs, which should be possible, but I don't think anything in the SEP today precludes that from happening. What am I missing?

[leighmcculloch]

GitHub should be seen as the fallback as opposed to the default and recommended way of doing things.

I don't think the SEP needs to have an opinion or define a hierarchy. It should just demonstrate ways to verify the attestation, hopefully more than one way. If the SEP is relying on GitHub storing something, like the in-toto payload that got attested, we maybe should think about some alternative ways to make that available.

[tupui]

Putting some context here for my comments on Sigstore. There is a missed opportunity on their end IMHO. They don't want to consider putting the data on-chain and they have a form of private chain on their end with their Rekor.

https://blog.sigstore.dev/sigstore-blockchain-vs-transparency-logs-d673ea41a9be/

For the SEP itself, my comment was mostly to have a more open language. I personally read the text as too strict on the link to GitHub. e.g. this but requires developers to ... as well as making an artifact attestation using GitHub Actions.

I do agree that for now GitHub and Sigstore are good options to recommend. I just would like the text to be more open to try to open so people can still be compliant if they find ways to do these actions without GitHub and Sigstore. Linked to your comment on being able to validate an attestation without GH.

[tupui]

@fnando I just saw the PR got merged!? I thought we were still in discussion? We did not at least openly vote or anything. The proposal should at least have a discussion on the rejected ideas we discussed there. Both @orbitlens and I spent quite some time on this and I am not even talking about the community push we tried to do towards securing the supply chain.

[leighmcculloch]

The SEP that got merged is a proposal, even after it is merged it is still a proposal. What got merged is a subset of what got proposed at the head of this discussion, a common denominator of sorts, but it doesn't have to be the only solution, and it doesn't have to be a static solution. My assumption is there's always room for more discussion in these forums about SEPs as a SEPs reality is really only defined by adoption and nothing else, not by its presence in a repo.

The thread commented in above seems to have stalled back in June. The most recent discussion from August is here.

Imo this discussion isn't closed.

[tupui]

Thanks for the clarifications and acknowledgment @leighmcculloch 🙇

[leighmcculloch]

Cross-posting due to relatedness:

• Contract Source Verification after Deployment without Attestation #1802