1# Cosign Generic Predicate Specification
2
3`Cosign` supports working with [In-Toto Attestations](https://github.com/in-toto/attestation) using the predicate model.
4Several well-known predicates are supported natively, but `cosign` also supports a simple, generic, format for data that
5doesn't fit well into other types.
6
7The format for this is defined as follows:
8
9`data`: Raw data to place in the attestation. This is a base64-encoded string of bytes.
10`timestamp`: The timestamp the attestation was generated at in the RFC3339 format in the UTC timezone.
11
12Here is an example attestation containing a data file containing `foo`:
13
14```json
15{
16 "_type": "https://in-toto.io/Statement/v0.1",
17 "predicateType": "https://cosign.sigstore.dev/attestation/v1",
18 "subject": [
19 {
20 "name": "us.gcr.io/dlorenc-vmtest2/demo",
21 "digest": {
22 "sha256": "124e1fdee94fe5c5f902bc94da2d6e2fea243934c74e76c2368acdc8d3ac7155"
23 }
24 }
25 ],
26 "predicate": {
27 "Data": "foo\n",
28 "Timestamp": "2021-08-11T14:51:09Z"
29 }
30}
31```View as plain text