diff --git a/config/files/usr/etc/pki/containers/davincibox.pub b/config/files/usr/etc/pki/containers/davincibox.pub
new file mode 100644
index 0000000..ab8642e
--- /dev/null
+++ b/config/files/usr/etc/pki/containers/davincibox.pub
@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEsJkUljnZ13aeQQw+GQgFjgjg/m7L
+/3/+my7H2KDD/xn9fPfN6pz9Zr8WPCY5/bn1ERg6SA1fLbkDK0FoUNzbOw==
+-----END PUBLIC KEY-----
\ No newline at end of file
diff --git a/config/scripts/hardencontainerpolicy.sh b/config/scripts/hardencontainerpolicy.sh
index d598822..4c1780d 100644
--- a/config/scripts/hardencontainerpolicy.sh
+++ b/config/scripts/hardencontainerpolicy.sh
@@ -10,9 +10,22 @@ sed -i 's/insecureAcceptAnything/reject/' /usr/etc/containers/policy.json
 # https://github.com/JasonN3/build-container-installer/issues/123
 yq -i -o=j '.transports.docker |=
     {"ghcr.io/jasonn3": [
-            {
-                "type": "insecureAcceptAnything"
-            }
-        ]
+        {
+            "type": "insecureAcceptAnything"
+        }
+      ]
+    }
++ .' /usr/etc/containers/policy.json
+
+yq -i -o=j '.transports.docker |=
+    {"ghcr.io/zelikos": [
+        {
+          "type": "sigstoreSigned",
+          "keyPath": "/usr/etc/pki/containers/davincibox.pub",
+          "signedIdentity": {
+            "type": "matchRepository"
+          }
+        }
+      ]
     }
 + .' /usr/etc/containers/policy.json
\ No newline at end of file