rekor

Rekor is an open source tool designed to bring transparency to the software supply chain. It acts as a public log for recording cryptographic metadata