Docker Content Trust (DCT)

​
Code integrity is extremely important, especially if you are running a cryptocurrency exchange.
Since HollaEx Kit is an open-source project, you can verify the code at any time by going to Github, but sometimes it's not enough. Internet is a wild jungle and you can't always trust what you download is what you intended to get.
​Docker Content Trust is the savior in this context. It helps you to verify the image integrity. It has digital signatures signed by the issuers. By checking it, you can verify that the image is provided by the trustable issuers and that it has not been corrupted or tampered with.
Here's the way how you can check the image signature to check the image integrity
# To verify the Docker Image Registry's Integrity
​
docker trust inspect --pretty hollaex/hollaex-kit
​
Signatures for hollaex/hollaex-kit
​
SIGNED TAG              DIGEST                                                             SIGNERS
2.6.0                   646cfb4025a0c1bd9aa7f83b9caa3821f927320e7ab646edc091f7d1e6874099   kycfeel
2.6.1                   852cc61067627f00b9b4b1873e9eb95968509e588fb6bf003a81e7fbc207e059   kycfeel
2.6.2                   4d0ef0b68ba8c91c710e508090f16cf09fa629561bd7f89c3b2ba48aa87d2efa   kycfeel
2.6.4                   1d5ab0d9a625568f6c85fdba340ab9c5b95df6c93ecffd0b280154b7f6795923   bitholla-cicd
2.6.4-testnet-9f10d6c   4d7fbbf53c225aed9ea80f7f75d6c3d8e3cd30272409465907d675b99b6eda2f   bitholla-cicd
2.6.5                   823389853904a5ad3eac54c160307c3e278334d1747521be85901147ac0ef8c7   bitholla-cicd
2.6.5-testnet-8eaa2e6   5cbe291c226380e456df5c747ef2fc0ab0a3701abcb25e971f6a50c4784528d0   bitholla-cicd
2.6.5-testnet-35f20e3   978dc0a71d18abb734621bb2b1a8cf0efc31233f01736eaaa2a5d61ebf6a4db1   bitholla-cicd
2.6.5-testnet-845193c   aa614edf4865a7bd101da9022b22220b6f4c6c7bea231cf844d9f4b1a0f94074   bitholla-cicd
2.6.6                   c4d328852f6a5ef863a51ee565e50ff07902aafef241fa9df34a0efa28fa5c78   bitholla-cicd
2.6.6-testnet-33a79b5   1043084f699fd27d21e0cbe4af0782962833521b868ab82e9522964c5fa99552   bitholla-cicd
2.6.6-testnet-ac5b38a   7e0e2312cf453625fadb8ee490672db69044668a2b036a492014eeb71c6cce34   bitholla-cicd
2.7.0-testnet-2fbd466   68d9d42f11f6850fbdd8a369a97486f3ad1a8d04a1dea7f78e46784dc3f0563b   bitholla-cicd
2.7.0-testnet-4ec79cc   69bd951957716d08a67f2adf954f4176273ae55eb08b40b5804a4e5354b3cc8d   bitholla-cicd
2.7.0-testnet-70d9b05   e35beab2873a3eb23d915170f7323711019e1019f6ad78f124cf654638733dde   bitholla-cicd
2.7.0-testnet-19001b5   71940d2d4678fc82a7ecfbe273c24df8e236a7c96bbe8a7684b24af450f3c47f   bitholla-cicd
2.7.0-testnet-26793e3   e2002f772014ff7b8f68f85576441b9081544129e015da464f2007c2912ea40c   bitholla-cicd
2.7.0-testnet-86884d5   b30a943229c359905a9873a735c83f278b86934877f83ae5895d741865d75663   bitholla-cicd
2.7.0-testnet-0301326   3e10a277e1ecbee6e348fe3ab5621c6d5bc99a98cafbc646a57102c1fd467183   bitholla-cicd
2.7.0-testnet-581684f   dae03bfdb787d8cc544f06fda24b3a73be620bfebbd86fb4f0f08d75fc8d6e78   bitholla-cicd
2.7.0-testnet-aba85bb   40eb2f5e384187290d8e402180c809f5711241e84427d37ded08db061a362d6b   bitholla-cicd
2.7.0-testnet-b054fab   acbd85285bef78e1c87620a9c9b857b6d7c5ee3d5e7f1b2038fa384c4c338d86   bitholla-cicd
2.7.0-testnet-bbec3a1   c51088169963f57c8325b82823d6ae6d6c9a15b3cf6cd92bda1d156bda31409a   bitholla-cicd
2.7.0-testnet-e7af264   33111e569fccc276da2d54cce2e184c83b658a1b669b32ef41527ff389309404   bitholla-cicd
​
List of signers and their keys for hollaex/hollaex-kit
​
SIGNER          KEYS
bitholla-cicd   2aa7f2853b76, 88ce8696c017, e5d3558d7565
kycfeel         1174213aeba1
​
Administrative keys for hollaex/hollaex-kit
​
  Repository Key:	bc606a961f2aea3a06d9af261ed57f9dfb57a35731535a180fe2b198356d4e93
  Root Key:	cfca4876cdd17155f797a1b5db695b9ea6c0de652359919ac421da1a42aa3c54
# To verity the integrity of a specific image
​
docker trust inspect --pretty hollaex/hollaex-kit:2.6.6
​
Signatures for hollaex/hollaex-kit:2.6.6
​
SIGNED TAG   DIGEST                                                             SIGNERS
2.6.6        c4d328852f6a5ef863a51ee565e50ff07902aafef241fa9df34a0efa28fa5c78   bitholla-cicd
​
List of signers and their keys for hollaex/hollaex-kit:2.6.6
​
SIGNER          KEYS
bitholla-cicd   2aa7f2853b76, 88ce8696c017, e5d3558d7565
kycfeel         1174213aeba1
​
Administrative keys for hollaex/hollaex-kit:2.6.6
​
  Repository Key:	bc606a961f2aea3a06d9af261ed57f9dfb57a35731535a180fe2b198356d4e93
  Root Key:	cfca4876cdd17155f797a1b5db695b9ea6c0de652359919ac421da1a42aa3c54
In order to enforce pulling ONLY the DCT signed images for extra security you can set the following command for docker:
export DOCKER_CONTENT_TRUST=1
Last modified 2mo ago