Polly — Provenance Anchor
Published by Preterite. Verify Polly install material against these values, which you reached yourself over HTTPS.
If you were sent a Polly setup folder, this page is the independent source of truth its instructions point at. The machine-readable copy is /polly/provenance.json; it is mirrored in a public repo so you can confirm the two agree.
Identity
- Published by
- Preterite
- Contact
- noah@preterite.io
- Last updated
- 2026-06-17
Repositories
- core
ssh://git@codeberg.org/yablid/polly-core.git- per-user
ssh://git@codeberg.org/yablid/polly-<operator>.git
Release signing key (SSH)
- fingerprint
SHA256:ceSVoq840BRZF8+VN9jKQiK6j/9IYmYZYO51nKq6ZfY- principal
preterite@users.noreply.codeberg.org
Core release tags are SSH-signed with this key. git verify-tag against it before running any workspace code.
Codeberg host-key fingerprints
- ED25519
SHA256:mIlxA9k46MmM6qdJOdMnAQpzGxF4WIVVL+fj+wZbw0g- RSA
SHA256:6QQmYi4ppFS4/+zSZ5S4IU+4sa6rwvQ4PbhCtPEBekQ- ECDSA
SHA256:T9FYDEHELhVkulEKKwge5aVhVTbqCW0MIRwAfpARs/E
Ready-to-write host keys: /polly/codeberg_known_hosts. These also appear in Codeberg's own docs — a third source to check.
Rotation
The keys and fingerprints above change only on key rotation, announced here with a new "Last updated" date. A silent change is a red flag — confirm out of band with your Preterite contact before trusting it.