GitGhost is a cryptographic attribution layer for git commits that enables anonymous but provable authorship. Using Linkable Spontaneous Anonymous Group (LSAG) signatures over secp256k1, developers can sign commits as members of a defined contributor ring, allowing verifiers to confirm legitimacy without identifying the specific signer.