# model-signing

2 articlestagged with “model-signing”

Pickle Deserialization Exploits

Technical methodology for crafting pickle payloads, bypassing safetensors and model signing, and exploiting ML model deserialization across frameworks.

pickledeserializationrcesafetensorsmodel-signingpytorchserialization

Expert

Model Signing and Provenance

Cryptographic signing for ML models: Sigstore for ML artifacts, cosign for model weights, SLSA framework applied to ML pipelines, supply chain levels for model provenance, and practical implementation of model artifact verification.

model-signingsigstorecosignslsaprovenancesupply-chaincryptographyartifact-verification

Advanced