The naive approach to signing eBPF programs faces a critical limitation: programs undergo mandatory modifications by libbpf before kernel loading, which invalidates conventional signatures. We present Two-Phase Signing, a solution that implements sequential verification aligned with the eBPF program lifecycle. Our approach establishes a baseline signature during initial compilation, followed by a secondary signature that encompasses both the modified program and initial signature. This creates a verifiable chain of trust while accommodating essential libbpf modifications such as relocations and map file descriptor updates. This approach enables precise failure diagnosis by distinguishing between compromised original programs and unauthorized post-compilation modifications. The Two-Phase Signing method balances security with practicality, allowing necessary binary modifications while maintaining integrity verification throughout the program's lifecycle. This approach provides granular audit capabilities and clear identification of potential security breaches in the signing chain. We invite discussion on the implications, trade-offs, and potential improvements of this approach for securing eBPF programs in production environments, particularly focusing on practical impact and integration challenges with existing eBPF frameworks. Thanks!