diff --git a/controllers/helmchart_controller.go b/controllers/helmchart_controller.go
index 06aa0b68c..3e52b7b02 100644
--- a/controllers/helmchart_controller.go
+++ b/controllers/helmchart_controller.go
@@ -1038,13 +1038,11 @@ func observeChartBuild(obj *sourcev1.HelmChart, build *chart.Build, err error) {
 
 	if build.VerificationSignature != nil && build.ProvFilePath != "" {
 		var sigVerMsg strings.Builder
-		sigVerMsg.WriteString(fmt.Sprintf("chart signed by: '%v'", strings.Join(build.VerificationSignature.Identities[:], ",")))
-		sigVerMsg.WriteString(fmt.Sprintf(" using key with fingeprint: '%X'", build.VerificationSignature.KeyFingerprint))
-		sigVerMsg.WriteString(fmt.Sprintf(" and hash verified: '%s'", build.VerificationSignature.FileHash))
+		sigVerMsg.WriteString(fmt.Sprintf("verified chart hash: '%s'", build.VerificationSignature.FileHash))
+		sigVerMsg.WriteString(fmt.Sprintf(" signed by: '%s'", build.VerificationSignature.Identity))
+		sigVerMsg.WriteString(fmt.Sprintf(" with key: '%X'", build.VerificationSignature.KeyFingerprint))
 
 		conditions.MarkTrue(obj, sourcev1.SourceVerifiedCondition, sourcev1.ChartVerificationSucceededReason, sigVerMsg.String())
-	} else {
-		conditions.Delete(obj, sourcev1.SourceVerifiedCondition)
 	}
 
 	if err != nil {
@@ -1080,6 +1078,7 @@ func reasonForBuild(build *chart.Build) string {
 
 func (r *HelmChartReconciler) getProvenanceKeyring(ctx context.Context, chart *sourcev1.HelmChart) ([]byte, error) {
 	if chart.Spec.VerificationKeyring == nil {
+		conditions.Delete(chart, sourcev1.SourceVerifiedCondition)
 		return nil, nil
 	}
 	name := types.NamespacedName{
diff --git a/controllers/helmchart_controller_test.go b/controllers/helmchart_controller_test.go
index 255e42b70..832277949 100644
--- a/controllers/helmchart_controller_test.go
+++ b/controllers/helmchart_controller_test.go
@@ -327,10 +327,10 @@ func TestHelmChartReconciler_reconcileStorage(t *testing.T) {
 					if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {
 						return err
 					}
-					if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0644); err != nil {
+					if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader(v), 0o644); err != nil {
 						return err
 					}
-					if err := testStorage.AtomicWriteFile(provArtifact, strings.NewReader(v), 0644); err != nil {
+					if err := testStorage.AtomicWriteFile(provArtifact, strings.NewReader(v), 0o644); err != nil {
 						return err
 					}
 				}
@@ -384,7 +384,7 @@ func TestHelmChartReconciler_reconcileStorage(t *testing.T) {
 				if err := testStorage.MkdirAll(*obj.Status.Artifact); err != nil {
 					return err
 				}
-				if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0644); err != nil {
+				if err := testStorage.AtomicWriteFile(obj.Status.Artifact, strings.NewReader("file"), 0o644); err != nil {
 					return err
 				}
 				return nil
@@ -551,7 +551,7 @@ func TestHelmChartReconciler_reconcileSource(t *testing.T) {
 				g.Expect(obj.Status.ObservedSourceArtifactRevision).To(Equal(gitArtifact.Revision))
 				g.Expect(obj.Status.Conditions).To(conditions.MatchConditions([]metav1.Condition{
 					*conditions.TrueCondition(sourcev1.ArtifactOutdatedCondition, "NewChart", "pulled 'helmchart' chart with version '0.1.0'"),
-					*conditions.TrueCondition(sourcev1.SourceVerifiedCondition, sourcev1.ChartVerificationSucceededReason, "chart signed by: 'TestUser' using key with fingeprint: '943CB5929ECDA2B5B5EC88BC7035BA97D32A87C1' and hash verified: 'sha256:007c7b7446eebcb18caeffe9898a3356ba1795f54df40ad39cfcc7382874a10a'"),
+					*conditions.TrueCondition(sourcev1.SourceVerifiedCondition, sourcev1.ChartVerificationSucceededReason, "verified chart hash: 'sha256:007c7b7446eebcb18caeffe9898a3356ba1795f54df40ad39cfcc7382874a10a' signed by: 'TestUser' with key: '943CB5929ECDA2B5B5EC88BC7035BA97D32A87C1'"),
 				}))
 			},
 			cleanFunc: func(g *WithT, build *chart.Build) {
diff --git a/internal/helm/chart/verify.go b/internal/helm/chart/verify.go
index bf1f675eb..30cf02822 100644
--- a/internal/helm/chart/verify.go
+++ b/internal/helm/chart/verify.go
@@ -74,7 +74,7 @@ func provenanceFilePath(path string) string {
 
 // ref: https://github.com/helm/helm/blob/v3.8.0/pkg/action/verify.go#L47-L51
 type VerificationSignature struct {
-	Identities     []string
+	Identity       string
 	KeyFingerprint [20]byte
 	FileHash       string
 }
@@ -84,7 +84,8 @@ func buildVerificationSig(ver *provenance.Verification) *VerificationSignature {
 	if ver != nil {
 		if ver.SignedBy != nil {
 			for name := range ver.SignedBy.Identities {
-				verSig.Identities = append(verSig.Identities, name)
+				verSig.Identity = name
+				break
 			}
 		}
 		verSig.FileHash = ver.FileHash