diff --git a/go.mod b/go.mod
index 5d6d887f..bdf1554b 100644
--- a/go.mod
+++ b/go.mod
@@ -28,7 +28,7 @@ require (
 	github.com/hashicorp/hcl/v2 v2.23.0
 	github.com/in-toto/in-toto-golang v0.9.0
 	github.com/mitchellh/hashstructure/v2 v2.0.2
-	github.com/moby/buildkit v0.23.0
+	github.com/moby/buildkit v0.23.0-rc1.0.20250618182037-9b91d20367db // master
 	github.com/moby/go-archive v0.1.0
 	github.com/moby/sys/atomicwriter v0.1.0
 	github.com/moby/sys/mountinfo v0.7.2
diff --git a/go.sum b/go.sum
index 10be082c..fe530559 100644
--- a/go.sum
+++ b/go.sum
@@ -250,8 +250,8 @@ github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZX
 github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4=
 github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE=
 github.com/mitchellh/mapstructure v0.0.0-20150613213606-2caf8efc9366/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
-github.com/moby/buildkit v0.23.0 h1:HV+u7xM2IZhAjVautFR2l5FNhkxFR0jhF5ILXyc3398=
-github.com/moby/buildkit v0.23.0/go.mod h1:v5jMDvQgUyidk3wu3NvVAAd5JJo83nfet9Gf/o0+EAQ=
+github.com/moby/buildkit v0.23.0-rc1.0.20250618182037-9b91d20367db h1:ZzrDuG9G1A/RwJvuogNplxCEKsIUQh1CqEnqbOGFgKE=
+github.com/moby/buildkit v0.23.0-rc1.0.20250618182037-9b91d20367db/go.mod h1:v5jMDvQgUyidk3wu3NvVAAd5JJo83nfet9Gf/o0+EAQ=
 github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
 github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
 github.com/moby/go-archive v0.1.0 h1:Kk/5rdW/g+H8NHdJW2gsXyZ7UnzvJNOy6VKJqueWdcQ=
diff --git a/vendor/github.com/moby/buildkit/solver/llbsolver/provenance/types/types.go b/vendor/github.com/moby/buildkit/solver/llbsolver/provenance/types/types.go
index 869ad0b5..952c9720 100644
--- a/vendor/github.com/moby/buildkit/solver/llbsolver/provenance/types/types.go
+++ b/vendor/github.com/moby/buildkit/solver/llbsolver/provenance/types/types.go
@@ -14,9 +14,20 @@ import (
 )
 
 const (
-	BuildKitBuildType = "https://mobyproject.org/buildkit@v1"
+	BuildKitBuildType1  = "https://github.com/moby/buildkit/blob/master/docs/attestations/slsa-definitions.md"
+	BuildKitBuildType02 = "https://mobyproject.org/buildkit@v1"
+
+	ProvenanceSLSA1  = ProvenanceSLSA("v1")
+	ProvenanceSLSA02 = ProvenanceSLSA("v0.2")
 )
 
+type ProvenanceSLSA string
+
+var provenanceSLSAs = []ProvenanceSLSA{
+	ProvenanceSLSA1,
+	ProvenanceSLSA02,
+}
+
 type BuildConfig struct {
 	Definition    []BuildStep              `json:"llbDefinition,omitempty"`
 	DigestMapping map[digest.Digest]string `json:"digestMapping,omitempty"`
@@ -80,18 +91,6 @@ type Sources struct {
 	Local  []LocalSource
 }
 
-const (
-	ProvenanceSLSA1  = ProvenanceSLSA("v1")
-	ProvenanceSLSA02 = ProvenanceSLSA("v0.2")
-)
-
-type ProvenanceSLSA string
-
-var provenanceSLSAs = []ProvenanceSLSA{
-	ProvenanceSLSA1,
-	ProvenanceSLSA02,
-}
-
 func (ps *ProvenanceSLSA) Validate() error {
 	if *ps == "" {
 		return errors.New("provenance SLSA version cannot be empty")
@@ -188,16 +187,63 @@ type BuildKitComplete struct {
 	ResolvedDependencies bool `json:"resolvedDependencies"`
 }
 
-// ConvertSLSA02ToSLSA1 converts a SLSA 0.2 provenance predicate to a SLSA 1.0
-// provenance predicate.
-// FIXME: It should be the other way around when v1 is the default.
-func ConvertSLSA02ToSLSA1(p02 *ProvenancePredicateSLSA02) *ProvenancePredicateSLSA1 {
-	if p02 == nil {
-		return nil
+// ConvertToSLSA02 converts to a SLSA v0.2 provenance predicate.
+func (p *ProvenancePredicateSLSA1) ConvertToSLSA02() *ProvenancePredicateSLSA02 {
+	var materials []slsa02.ProvenanceMaterial
+	for _, m := range p.BuildDefinition.ResolvedDependencies {
+		materials = append(materials, slsa02.ProvenanceMaterial{
+			URI:    m.URI,
+			Digest: m.Digest,
+		})
 	}
 
+	var meta *ProvenanceMetadataSLSA02
+	if p.RunDetails.Metadata != nil {
+		meta = &ProvenanceMetadataSLSA02{
+			ProvenanceMetadata: slsa02.ProvenanceMetadata{
+				BuildInvocationID: p.RunDetails.Metadata.InvocationID,
+				BuildStartedOn:    p.RunDetails.Metadata.StartedOn,
+				BuildFinishedOn:   p.RunDetails.Metadata.FinishedOn,
+				Completeness: slsa02.ProvenanceComplete{
+					Parameters:  p.RunDetails.Metadata.Completeness.Request,
+					Environment: true,
+					Materials:   p.RunDetails.Metadata.Completeness.ResolvedDependencies,
+				},
+				Reproducible: p.RunDetails.Metadata.Reproducible,
+			},
+			BuildKitMetadata: p.RunDetails.Metadata.BuildKitMetadata,
+			Hermetic:         p.RunDetails.Metadata.Hermetic,
+		}
+	}
+
+	return &ProvenancePredicateSLSA02{
+		ProvenancePredicate: slsa02.ProvenancePredicate{
+			Builder: slsa02.ProvenanceBuilder{
+				ID: p.RunDetails.Builder.ID,
+			},
+			BuildType: BuildKitBuildType02,
+			Materials: materials,
+		},
+		Invocation: ProvenanceInvocationSLSA02{
+			ConfigSource: slsa02.ConfigSource{
+				URI:        p.BuildDefinition.ExternalParameters.ConfigSource.URI,
+				Digest:     p.BuildDefinition.ExternalParameters.ConfigSource.Digest,
+				EntryPoint: p.BuildDefinition.ExternalParameters.ConfigSource.Path,
+			},
+			Parameters: p.BuildDefinition.ExternalParameters.Request,
+			Environment: Environment{
+				Platform: p.BuildDefinition.InternalParameters.BuilderPlatform,
+			},
+		},
+		BuildConfig: p.BuildDefinition.InternalParameters.BuildConfig,
+		Metadata:    meta,
+	}
+}
+
+// ConvertToSLSA1 converts to a SLSA v1 provenance predicate.
+func (p *ProvenancePredicateSLSA02) ConvertToSLSA1() *ProvenancePredicateSLSA1 {
 	var resolvedDeps []slsa1.ResourceDescriptor
-	for _, m := range p02.Materials {
+	for _, m := range p.Materials {
 		resolvedDeps = append(resolvedDeps, slsa1.ResourceDescriptor{
 			URI:    m.URI,
 			Digest: m.Digest,
@@ -206,45 +252,45 @@ func ConvertSLSA02ToSLSA1(p02 *ProvenancePredicateSLSA02) *ProvenancePredicateSL
 
 	buildDef := ProvenanceBuildDefinitionSLSA1{
 		ProvenanceBuildDefinition: slsa1.ProvenanceBuildDefinition{
-			BuildType:            "https://github.com/moby/buildkit/blob/master/docs/attestations/slsa-definitions.md",
+			BuildType:            BuildKitBuildType1,
 			ResolvedDependencies: resolvedDeps,
 		},
 		ExternalParameters: ProvenanceExternalParametersSLSA1{
 			ConfigSource: ProvenanceConfigSourceSLSA1{
-				URI:    p02.Invocation.ConfigSource.URI,
-				Digest: p02.Invocation.ConfigSource.Digest,
-				Path:   p02.Invocation.ConfigSource.EntryPoint,
+				URI:    p.Invocation.ConfigSource.URI,
+				Digest: p.Invocation.ConfigSource.Digest,
+				Path:   p.Invocation.ConfigSource.EntryPoint,
 			},
-			Request: p02.Invocation.Parameters,
+			Request: p.Invocation.Parameters,
 		},
 		InternalParameters: ProvenanceInternalParametersSLSA1{
-			BuildConfig:     p02.BuildConfig,
-			BuilderPlatform: p02.Invocation.Environment.Platform,
+			BuildConfig:     p.BuildConfig,
+			BuilderPlatform: p.Invocation.Environment.Platform,
 		},
 	}
 
 	var meta *ProvenanceMetadataSLSA1
-	if p02.Metadata != nil {
+	if p.Metadata != nil {
 		meta = &ProvenanceMetadataSLSA1{
 			BuildMetadata: slsa1.BuildMetadata{
-				InvocationID: p02.Metadata.BuildInvocationID,
-				StartedOn:    p02.Metadata.BuildStartedOn,
-				FinishedOn:   p02.Metadata.BuildFinishedOn,
+				InvocationID: p.Metadata.BuildInvocationID,
+				StartedOn:    p.Metadata.BuildStartedOn,
+				FinishedOn:   p.Metadata.BuildFinishedOn,
 			},
-			BuildKitMetadata: p02.Metadata.BuildKitMetadata,
-			Hermetic:         p02.Metadata.Hermetic,
+			BuildKitMetadata: p.Metadata.BuildKitMetadata,
+			Hermetic:         p.Metadata.Hermetic,
 			Completeness: BuildKitComplete{
-				Request:              p02.Metadata.Completeness.Parameters,
-				ResolvedDependencies: p02.Metadata.Completeness.Materials,
+				Request:              p.Metadata.Completeness.Parameters,
+				ResolvedDependencies: p.Metadata.Completeness.Materials,
 			},
-			Reproducible: p02.Metadata.Reproducible,
+			Reproducible: p.Metadata.Reproducible,
 		}
 	}
 
 	runDetails := ProvenanceRunDetailsSLSA1{
 		ProvenanceRunDetails: slsa1.ProvenanceRunDetails{
 			Builder: slsa1.Builder{
-				ID: p02.Builder.ID,
+				ID: p.Builder.ID,
 				// TODO: handle builder components versions
 				// Version: map[string]string{
 				// 	"buildkit": version.Version,
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 450c376e..af545bae 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -447,7 +447,7 @@ github.com/mitchellh/go-wordwrap
 # github.com/mitchellh/hashstructure/v2 v2.0.2
 ## explicit; go 1.14
 github.com/mitchellh/hashstructure/v2
-# github.com/moby/buildkit v0.23.0
+# github.com/moby/buildkit v0.23.0-rc1.0.20250618182037-9b91d20367db
 ## explicit; go 1.23.0
 github.com/moby/buildkit/api/services/control
 github.com/moby/buildkit/api/types