A file archive format for OCI container registries | Blob

2 min read Original article ↗

Supply chain security for everything that isn't a container.

Signed file archives in OCI registries. Cryptographic provenance wherever they go.

QUICK INSTALL

curl -fsSL https://blob.meigma.dev/install.sh | bash

or install via brew, scoop, go install

blob CLI demo showing push, inspect, and pull commands

Container images are signed. Everything else isn't.

Config files, ML models, certificates, build artifacts—they move through your systems with zero provenance. No signatures. No attestations. No verification that they haven't been tampered with.

We solved this problem for containers years ago. Everything else is still the wild west.

Blob brings container-grade security to file archives.

Push any directory to an OCI registry. Sign it with Sigstore. Verify it with policies. Extract exactly what you need—without downloading the whole thing.

# Push configs to your registry
blob push ghcr.io/myorg/configs:v1 ./production/

# Sign with your identity (keyless via Sigstore)
blob sign ghcr.io/myorg/configs:v1

# Verify and pull on the other side
blob verify ghcr.io/myorg/configs:v1 --policy policy.yaml
blob pull ghcr.io/myorg/configs:v1 ./

Know where it came from

Every file is individually hashed. Manifests are signed. Attestations travel with the artifact. Tamper with one byte and verification fails.

Download only what you need

Extract a single file from a 10GB archive without downloading 10GB. HTTP range requests fetch exactly the bytes you need.

Uses registries you already have

Works with GitHub Container Registry, ECR, GCR, Docker Hub—any OCI-compliant registry. No new infrastructure required.

Two blobs. One insight.

Signed Manifest

Signed & attested

Index(tiny)Metadata, paths, hashes

Data(content)Files sorted by path

The index stores metadata—paths, sizes, hashes—in a compact format with instant lookups. The data blob stores file contents sorted by path, so entire directories can be fetched in a single request.

Signing the manifest cryptographically binds everything together. Modify any file, anywhere, and verification fails.

BUILT FOR

Configuration

Distribute configs with proof of origin

ML Models

Large files with integrity verification

Certificates

Security-critical files with tamper detection

Build Artifacts

CI outputs with SLSA provenance

Get started in 30 seconds

# Install
curl -fsSL https://blob.meigma.dev/install.sh | bash

# Try it
blob open ghcr.io/meigma/examples:hello-world