Attestations are detachable verifiable credentials issued by third-party auditors against an existing entry. They don't modify the entry; they travel alongside it and accumulate weight in discovery ranking.
Common attestation types
| Type | What it asserts |
|---|---|
build-reproducible |
An independent rebuild produced byte-identical output. |
license-verified |
The declared license is consistent with all source dependencies. |
no-malware-detected |
A static/dynamic scan found no known indicators. |
eval-passed |
The entry passes a published evaluation suite. |
human-reviewed |
A named human reviewed the source code. |
Issuing an attestation
reggie attest agent/web-research \
--type build-reproducible \
--evidence https://ci.l1fe.ai/builds/4172
Reggie signs the attestation with your active key, posts it to the target entry's home registry, and anchors a hash on Sigil.
Querying
reggie search "agent/web-research" --marsql
# Or via MARS-QL directly:
SELECT * FROM attestations WHERE entry_did = 'did:oas:l1fe:agent:web-research@3.4.0';
Discovery ranks entries with multiple independent attestations higher — a single attester signing many things is weighted less than many attesters signing the same thing.