Automated Robots - Provenance

So imagine you're going to make chili, right? And it's your grandmother's recipe. Well, in that recipe, we create a piece of provenance for it, right? Provenance gives us the URL where it is,. It gives us maybe a shot of all the text in the Recipe. Then we take that and then we sign it with a cryptographic, we cryptographically sign it  and we put it somewhere safe. Now I'm going to build foo again, right? So I go and grab the provenance, pull it out, I go and get the source, I check and make sure the source tarball has the same shot as the one the sign proven