diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index ff0a373..9854cc3 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -7,6 +7,10 @@ on:
       - "v*"
 
 permissions:
+  # required for OIDC token used as the signing identity
+  id-token: write
+
+  # required to publish the release
   contents: write
 
 jobs:
@@ -27,6 +31,11 @@ jobs:
         with:
           go-version-file: go.mod
 
+      - name: Install Cosign
+        uses: sigstore/cosign-installer@v3
+        with:
+          cosign-release: 'v2.4.0'
+
       - name: Login to Docker Hub
         uses: docker/login-action@v3
         with:
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
index 3c143e4..717fad8 100644
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -19,12 +19,30 @@ builds:
       - amd64
       - arm64
 
+# Sign with cosign -- this picks up the OIDC token from the environment in GHA.
+# If you do this locally, sign with an OAuth identity you don't mind being permanently
+# published to a transparency log.
+binary_signs:
+  - cmd: './ci-only.sh'
+    args:
+      - "cosign"
+      - "sign-blob"
+      - "${artifact}"
+      - "--bundle=${artifact}.cosign.bundle"
+      - "--yes" # needed on cosign 2.0.0+
+    output: false # the necessary output is the .cosign.bundle file
+
 checksum:
   name_template: "checksums.txt"
 
 archives:
   - format: tar.gz
     name_template: "{{ .ProjectName }}_{{ .Os }}_{{ .Arch }}"
+    files:
+      # cosign produces a bundle file to allow for verification of the artifacts
+      # this is included in the archive to allow for easier verification after download
+      - src: '{{ .ArtifactPath }}.cosign.bundle'
+        strip_parent: true
 
 changelog:
   disable: "{{ .Env.CHANGELOG_DISABLE }}"
@@ -49,8 +67,7 @@ release:
     If needed, binaries of this build (including Mac) can be found below.
 
 kos:
-  -
-    id: chinmina-bridge
+  - id: chinmina-bridge
     build: release
     working_dir: .
     base_image: cgr.dev/chainguard/static
@@ -77,3 +94,26 @@ kos:
 
     # Whether to use the base path without the MD5 hash after the repository name.
     base_import_paths: true
+
+# Sign with cosign -- this picks up the OIDC token from the environment in GHA.
+# If you do this locally, sign with an OAuth identity you don't mind being permanently
+# published to a transparency log.
+docker_signs:
+  - id: ko-signing
+
+    cmd: './ci-only.sh'
+    args:
+      - "cosign"
+      - "sign"
+      - "${artifact}"
+      - "--yes"
+
+    artifacts: all
+
+    ids:
+      # id of ko image above
+      - chinmina-bridge
+
+    # output is not necessary, as the signing is done in place, but it helps to
+    # provide the index in the transparency log.
+    output: true
diff --git a/ci-only.sh b/ci-only.sh
new file mode 100755
index 0000000..dd56e6d
--- /dev/null
+++ b/ci-only.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+set -eu
+
+if [ "${CI:-false}" != "true" ]; then
+  echo "CI environment not detected, skipping script execution:"
+  echo "  --> $*"
+  exit 0
+fi
+
+# execute the parameters as the script
+exec "$@"