diff --git a/.github/actions/publish/action.yml b/.github/actions/publish/action.yml
index e9c3f66..7d70537 100644
--- a/.github/actions/publish/action.yml
+++ b/.github/actions/publish/action.yml
@@ -4,10 +4,6 @@ inputs:
   dry_run:
     description: 'Is this a dry run. If so no package will be published.'
     required: true
-outputs:
-  gem-hash:
-    description: "base64-encoded sha256 hashes of distribution files"
-    value: ${{ steps.gem-hash.outputs.gem-hash }}
 
 runs:
   using: composite
@@ -16,12 +12,6 @@ runs:
       shell: bash
       run: gem build launchdarkly-openfeature-server-sdk.gemspec
 
-    - name: Hash gem for provenance
-      id: gem-hash
-      shell: bash
-      run: |
-        echo "gem-hash=$(sha256sum launchdarkly-openfeature-server-sdk-*.gem | base64 -w0)" >> "$GITHUB_OUTPUT"
-
     - name: Publish Library
       shell: bash
       if: ${{ inputs.dry_run == 'false' }}
diff --git a/.github/workflows/manual-publish.yml b/.github/workflows/manual-publish.yml
index 8be05d3..0ffa125 100644
--- a/.github/workflows/manual-publish.yml
+++ b/.github/workflows/manual-publish.yml
@@ -14,8 +14,7 @@ jobs:
     permissions:
       id-token: write
       contents: read
-    outputs:
-      gem-hash: ${{ steps.publish.outputs.gem-hash}}
+      attestations: write
     steps:
       - uses: actions/checkout@v4
 
@@ -37,13 +36,8 @@ jobs:
         with:
           dry_run: ${{ inputs.dry_run }}
 
-  release-provenance:
-    needs: [ 'build-publish' ]
-    permissions:
-      actions: read
-      id-token: write
-      contents: write
-    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0
-    with:
-      base64-subjects: "${{ needs.build-publish.outputs.gem-hash }}"
-      upload-assets: ${{ !inputs.dry_run }}
+      - name: Attest build provenance
+        if: ${{ !inputs.dry_run }}
+        uses: actions/attest@v4
+        with:
+          subject-path: 'launchdarkly-openfeature-server-sdk-*.gem'
diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml
index f865d71..79e45e6 100644
--- a/.github/workflows/release-please.yml
+++ b/.github/workflows/release-please.yml
@@ -12,10 +12,7 @@ jobs:
       id-token: write # Needed if using OIDC to get release secrets.
       contents: write # Contents and pull-requests are for release-please to make releases.
       pull-requests: write
-    outputs:
-      release-created: ${{ steps.release.outputs.release_created }}
-      upload-tag-name: ${{ steps.release.outputs.tag_name }}
-      gem-hash: ${{ steps.publish.outputs.gem-hash}}
+      attestations: write
     steps:
       - uses: googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 # v4.4.0
         id: release
@@ -51,15 +48,8 @@ jobs:
         with:
           token: ${{secrets.GITHUB_TOKEN}}
 
-  release-provenance:
-    needs: [ 'release-package' ]
-    if: ${{ needs.release-package.outputs.release-created == 'true' }}
-    permissions:
-      actions: read
-      id-token: write
-      contents: write
-    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v2.0.0
-    with:
-      base64-subjects: "${{ needs.release-package.outputs.gem-hash }}"
-      upload-assets: true
-      upload-tag-name: ${{ needs.release-package.outputs.upload-tag-name }}
+      - name: Attest build provenance
+        if: ${{ steps.release.outputs.releases_created == 'true' }}
+        uses: actions/attest@v4
+        with:
+          subject-path: 'launchdarkly-openfeature-server-sdk-*.gem'
diff --git a/release-please-config.json b/release-please-config.json
index 5010ac9..780e615 100644
--- a/release-please-config.json
+++ b/release-please-config.json
@@ -6,7 +6,10 @@
       "versioning": "default",
       "include-component-in-tag": false,
       "include-v-in-tag": false,
-      "extra-files": ["PROVENANCE.md", "lib/ldclient-openfeature/version.rb"]
+      "extra-files": [
+        "PROVENANCE.md",
+        "lib/ldclient-openfeature/version.rb"
+      ]
     }
   }
 }