Verifiable Credentials
What Are Verifiable Credentials?
Section titled “What Are Verifiable Credentials?”Verifiable credentials are digital equivalents of physical credentials like driver’s licenses or diplomas. They combine claims (statements about a subject), cryptographic proofs, and metadata into digital documents that can be verified independently.
Key properties:
- Cryptographically secure: Verified through mathematics
- Machine-verifiable: Processed and validated automatically
- Privacy-respecting: Enable selective disclosure
- Tamper-evident: Modifications are detectable
The Verifiable Credentials Ecosystem
Section titled “The Verifiable Credentials Ecosystem”The ecosystem has three roles:
- Issuers: Create and sign credentials (governments, universities, employers)
- Holders: Receive and store credentials (typically individuals)
- Verifiers: Request and check credentials (service providers, employers)
Verifiers can trust claims through cryptographic proofs without contacting issuers directly.
Core Components
Section titled “Core Components”A verifiable credential consists of several essential components:
Claims
Section titled “Claims”Claims are statements about a subject. Examples include “Alex has a bachelor’s degree” or “Taylor is over 21.” They express attributes, qualifications, or characteristics.
Credential Metadata
Section titled “Credential Metadata”Metadata includes the credential identifier, issuance and expiration dates, issuer identifier, credential type, and revocation information. This helps verifiers assess validity and appropriateness.
Cryptographic Proofs
Section titled “Cryptographic Proofs”Proofs provide cryptographic assurance of issuer authentication, credential integrity, and revocation status. This enables offline verification without contacting the issuer.
Verifiable Presentations
Section titled “Verifiable Presentations”Verifiable presentations package credentials for verifiers. Holders can combine multiple credentials, selectively disclose specific claims, and prove ownership while controlling what they share.
Key Properties
Section titled “Key Properties”Cryptographic Verification: Mathematical validation without contacting issuers makes verification faster and more reliable.
Privacy Enhancement: Support for selective disclosure, zero-knowledge proofs, and unlinkability prevents correlation.
User Control: Holders manage credentials in digital wallets, maintaining ownership and portability.
Securing Mechanisms
Section titled “Securing Mechanisms”W3C standards support multiple approaches:
Data Integrity Proofs: Embed proofs using EdDSA (signatures) or BBS+ (selective disclosure)
JSON Web Tokens: Secure via JWS (signatures) or JWE (encryption)
Related Components
Section titled “Related Components”Verifiable credentials work with several complementary technologies and concepts:
Schemas define the structure and constraints for specific credential types, ensuring consistency and interoperability.
Status mechanisms allow issuers to revoke or suspend credentials without modifying the original credential.
Issuers are entities that create and sign credentials, establishing the foundation of trust in the ecosystem.
Various cryptographic approaches can be used to secure credentials and provide different privacy features.
The subject is the entity that a credential makes claims about, typically identified by a DID.
Credentials can have defined validity periods, establishing when they are considered valid.
Presentations allow holders to share proofs derived from their credentials in privacy-preserving ways.