diff --git a/.github/workflows/dev-publish.yaml b/.github/workflows/dev-publish.yaml
index 7056e00..ce58b94 100644
--- a/.github/workflows/dev-publish.yaml
+++ b/.github/workflows/dev-publish.yaml
@@ -41,8 +41,8 @@ jobs:
   build:
     name: Build
     permissions:
-      contents: write
       packages: write
+      id-token: write
     needs: preflight
     uses: ./.github/workflows/publish.yaml
     with:
diff --git a/.github/workflows/manual-publish.yaml b/.github/workflows/manual-publish.yaml
index fa5888c..629cbc8 100644
--- a/.github/workflows/manual-publish.yaml
+++ b/.github/workflows/manual-publish.yaml
@@ -60,6 +60,7 @@ jobs:
     name: Publish
     permissions:
       packages: write
+      id-token: write
     needs: preflight
     uses: ./.github/workflows/publish.yaml
     with:
diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml
index b1d0301..c066d22 100644
--- a/.github/workflows/publish.yaml
+++ b/.github/workflows/publish.yaml
@@ -232,10 +232,13 @@ jobs:
     runs-on: ubuntu-latest
     permissions:
       packages: write
+      id-token: write
     steps:
     - uses: actions/checkout@v6
     - name: Install crane
       uses: reconcilerio/install-crane-action@v1
+    - name: Install cosign
+      uses: sigstore/cosign-installer@v4.1.2
     - name: Download staged image
       uses: actions/download-artifact@v8
       with:
@@ -252,6 +255,10 @@ jobs:
         crane push \
           "wasmtime-${{ inputs.tag }}" \
           "${{ env.image }}"
+    - name: Sign
+      run: |
+        cosign sign --yes \
+          "${{ env.image }}"
     - name: Additional tags
       if: inputs.additional-tags
       run: |
diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml
index ad53fa9..ed32393 100644
--- a/.github/workflows/pull-request.yaml
+++ b/.github/workflows/pull-request.yaml
@@ -87,6 +87,7 @@ jobs:
     permissions:
       # called workflow requires write even though it's never used from here
       packages: write
+      id-token: write
     needs: preflight
     strategy:
       fail-fast: false
diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml
index 64f3efb..9b1746d 100644
--- a/.github/workflows/push.yaml
+++ b/.github/workflows/push.yaml
@@ -76,6 +76,7 @@ jobs:
     name: Publish
     permissions:
       packages: write
+      id-token: write
     needs: preflight
     strategy:
       fail-fast: false