Documentation

For the release step between your existing build and the target you need to trust.

Getting Started

Install

brew install uplink
uplink --version

Sign an artifact

# Sigstore keyless (opens browser for OIDC)
uplink sign firmware.elf

# Or use your own key
uplink sign firmware.elf --key=path/to/key.pem

Generate an SBOM

uplink sbom firmware.elf
uplink sbom firmware.elf --format cyclonedx

Run policy checks

uplink check firmware.elf
   No critical CVEs
   All crypto CNSA 2.0 compliant
   No GPL in flight binary
   SBOM missing 2 transitive deps

Deliver

# Push to hosted test endpoint
uplink push firmware.elf --target test.run.space

# Or to your own flatsat
uplink push firmware.elf \
  --target flatsat-1 \
  --protocol cfdp \
  --security sdls-aes256-gcm

CLI Reference

uplink sign <artifact>

Sign an artifact.

--key=PATH — local key instead of Sigstore

--output=PATH — signature bundle path

uplink attest <artifact>

Generate in-toto attestation with SLSA provenance.

--builder=NAME — builder identity

--source=URI — source repository

uplink sbom <artifact>

Generate a Software Bill of Materials.

--format=spdx|cyclonedx — output format

uplink check <artifact>

Run policy checks.

--policy=PATH — custom rules (YAML or Rego)

--strict — fail on warnings

uplink approve <artifact>

Record an approval for delivery.

--expires=DURATION — approval expiry

uplink push <artifact>

Deliver an artifact.

--target=HOST — delivery target

--protocol=cfdp|tcp — transfer protocol

--security=sdls-aes256-gcm|none — link security

--resume — resume interrupted transfer

uplink log

Query the audit trail.

--format=nist-8270|nasa-1006a|enisa-2025|cnssp-12

--since=DATE — filter by date

uplink verify <artifact>

Verify the full attestation chain.

uplink login

Authenticate via browser OAuth. Starts a 14-day trial.

Exit Codes

0Success
1Transfer failed
2Policy check failed
3Approval required

Compliance Evidence

Structured evidence export with framework annotations. Your auditor interprets it.

  • NIST IR 8270 (satellite cybersecurity)
  • NIST IR 8401 (ground segment)
  • NASA-STD-1006A SSPR-6 (supply chain)
  • ENISA 2025 (commercial satellite lifecycle)
  • CNSSP 12 (DoD/NSS space systems)
  • CRA (EU Cyber Resilience Act)