diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 04af195..271be21 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -27,6 +27,7 @@ jobs:
         with:
           packages-dir: sdk/dist/
           print-hash: true
+          attestations: true
       - run: gh release create "${{ github.ref_name }}" --generate-notes sdk/dist/*.whl sdk/dist/*.tar.gz
         env:
           GH_TOKEN: ${{ github.token }}
diff --git a/README.md b/README.md
index 332e47c..5b658c2 100644
--- a/README.md
+++ b/README.md
@@ -85,6 +85,20 @@ Runnable examples in the [`examples/`](examples/) directory:
 
 For detailed concepts (schemas, typed values, versioning, auth), see the [main OpenDecree docs](https://github.com/opendecree/decree).
 
+## Supply Chain Security
+
+Each release wheel is signed with [Sigstore](https://www.sigstore.dev/) via the GitHub Actions
+OIDC identity. Attestations are visible on the [PyPI project page](https://pypi.org/project/opendecree/).
+
+To verify a downloaded wheel locally:
+
+```bash
+pip download opendecree --no-deps
+gh attestation verify opendecree-*.whl --repo opendecree/decree-python
+```
+
+> See [decree#16](https://github.com/opendecree/decree/issues/16) for the org-wide attestation plan.
+
 ## Requirements
 
 - Python 3.11+