diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 4513330e57..540a931a0c 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -17,7 +17,9 @@ jobs:
   release:
     name: Release
     permissions:
-        contents: write
+      id-token: write
+      contents: write
+      attestations: write
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
@@ -63,3 +65,8 @@ jobs:
           KEYSTORE_ENTRY_PASSWORD: ${{ secrets.KEYSTORE_ENTRY_PASSWORD }}
         run: |
           npx semantic-release
+          
+      - name: Generate artifact attestation
+        uses: actions/attest-build-provenance@v1
+        with:
+          subject-path: build/app/outputs/apk/release/revanced-manager-*.apk