Add signed release artifacts verification (cosign) for local native library downloads

[tazarov]

Summary

client_local_library_download.go currently verifies downloaded archives against SHA256SUMS fetched from the same release source.

If a release is compromised (repo/release token compromise, CDN or DNS tampering), an attacker can replace both the archive and checksums, bypassing integrity verification. Because the artifact is a native shared library (.so/.dylib/.dll) loaded in-process, this is a high-impact supply-chain risk.

Proposal

Add an independent trust root by signing release checksums/artifacts and verifying signatures in the downloader.

Use cosign to produce and verify signatures (GPG-compatible signing workflow where required).

Scope

• Sign SHA256SUMS (or each archive blob) during release.
• Publish signature files (and certificate metadata if keyless mode is used).
• Pin trust in the client verifier (public key and/or identity constraints).
• Verify signature before trusting checksums.
• Fail closed on verification errors.

Acceptance Criteria

• Release pipeline generates cosign signatures for SHA256SUMS/artifacts.
• Signed metadata is uploaded with each GitHub release.
• Downloader verifies signature with pinned trust config before checksum verification.
• Verification failure returns a clear security error and aborts download/load.
• Tests cover success and tampered-signature/tampered-artifact cases.
• README/docs describe signature verification and key rotation process.

Notes

• This should be backward compatible, but default behavior should be secure-by-default for new releases.
• If keyless signing is selected, document required issuer/subject constraints and Rekor usage.