To address the trust gap between source code and binaries in untrusted build environments, this paper introduces *attestable builds*, a novel paradigm that ensures strong consistency from source snapshots to verifiable binaries—without modifying source code or build scripts. Leveraging trusted execution environments (TEEs) such as Intel SGX or AMD SEV alongside lightweight sandboxed containers, the approach integrates remote attestation protocols, formal modeling, and rigorous security verification to enable immediate, high-assurance source-to-binary mapping validation. Experimental evaluation demonstrates successful end-to-end builds of complex projects—including LLVM Clang—with zero source or script modifications. The system incurs only 42 seconds of startup latency and a 14% overhead in build time, while remaining resilient against powerful adversarial threats, including malicious builders and compromised infrastructure.

In this paper we present attestable builds, a new paradigm to provide strong source-to-binary correspondence in software artifacts. We tackle the challenge of opaque build pipelines that disconnect the trust between source code, which can be understood and audited, and the final binary artifact, which is difficult to inspect. Our system uses modern trusted execution environments (TEEs) and sandboxed build containers to provide strong guarantees that a given artifact was correctly built from a specific source code snapshot. As such it complements existing approaches like reproducible builds which typically require time-intensive modifications to existing build configurations and dependencies, and require independent parties to continuously build and verify artifacts. In comparison, an attestable build requires only minimal changes to an existing project, and offers nearly instantaneous verification of the correspondence between a given binary and the source code and build pipeline used to construct it. We evaluate it by building open-source software libraries - focusing on projects which are important to the trust chain and those which have proven difficult to be built deterministically. Overall, the overhead (42 seconds start-up latency and 14% increase in build duration) is small in comparison to the overall build time. Importantly, our prototype builds even complex projects such as LLVM Clang without requiring any modifications to their source code and build scripts. Finally, we formally model and verify the attestable build design to demonstrate its security against well-resourced adversaries.