The Update Framework (TUF) is a specification for securing software update systems against a realistic attacker model, including a compromised repository or a stolen signing key. It was originally designed at NYU for the Tor project and is now a CNCF graduated project.
TUF’s core idea is role-based metadata signed with separate keys, where each role has a narrow responsibility. The root role establishes trust and is rotated infrequently from offline keys. The targets role signs the actual file hashes. The snapshot role signs a consistent view of all targets metadata to prevent mix-and-match attacks, and the timestamp role signs a short-lived attestation that the client is seeing current metadata, which defends against freeze and rollback attacks. Responsibility for subtrees of targets can be delegated to additional keys without expanding the root’s trust.
TUF is the basis for Docker Notary, Sigstore’s root of trust, Python’s PEP 458 for PyPI, Automotive Grade Linux’s Uptane, and the update mechanisms in Fuchsia and RubyGems.