Two ways to show that commits in your repo are cryptographically verified by Auths.
A CI workflow verifies commit signatures on every push and PR. The badge above reflects the latest result — green means all commits are signed by authorized keys.
Setup: add .github/workflows/verify-commits.yml and an .auths/allowed_signers file to your repo. See the auths-verify-github-action docs for configuration options.
Embed in your README:
[](https://github.com/YOUR-ORG/YOUR-REPO/actions/workflows/verify-commits.yml?query=branch%3Amain+event%3Apush)The <auths-verify> web component performs cryptographic verification entirely in the browser using WASM — no backend required. It fetches the repo's signing data from refs/auths/registry and verifies Ed25519 signatures client-side.
Live demo: auths-dev.github.io/example-verify-badge
Add to any HTML page:
<script type="module"
src="https://unpkg.com/@auths-dev/verify@0.4.0/dist/auths-verify.mjs"
integrity="sha384-C6a5GCsPgw/o9tmtnaUXZ0qJgY/q8LdNxvuP/10EwOK39ZdiAcYz6CP8lT6m1V5R"
crossorigin="anonymous"></script>
<!-- Compact badge -->
<auths-verify repo="your-org/your-repo" forge="github" mode="badge"></auths-verify>
<!-- Expanded details -->
<auths-verify repo="your-org/your-repo" forge="github" mode="detail"></auths-verify>
<!-- Hover tooltip -->
<auths-verify repo="your-org/your-repo" forge="github" mode="tooltip"></auths-verify>Works on GitHub Pages, documentation sites, personal websites — anywhere you control the HTML. Does not render in GitHub READMEs (GitHub strips custom elements and scripts).