How It Works

Validation Lifecycle

From issuance through presentation to verification: how credentials establish trust at the point of action.

Every credential passes through three stages: it is issued by an authorized operator, presented by the holder without transferring custody, and verified against live registry status before any action proceeds.

Schedule an Architecture Review

Verification Foundations

These principles govern how credentials are verified across the system. They operate within the broader six-layer validation architecture.

Cryptographic Verification

Every credential carries a digital signature from its issuing authority. Verifiers check the signature chain without contacting the issuer directly.

  • Signatures bind credentials to recognized authorities
  • Public key infrastructure enables independent verification
  • Credential content cannot be altered after issuance
  • Verification does not require a centralized service

Registry-Based Status

Credential status is maintained in distributed registries. Revocation, suspension, and expiry are recorded and queryable by any verifier at the time of use.

  • Revocations propagate through shared registries
  • Status reflects current state, not a cached snapshot
  • Registries are queried at the point of action
  • Expired or suspended credentials are rejected at point of use

Open Standards

Credentials follow W3C and decentralized identifier specifications. Systems that implement the standard can verify credentials without custom integration.

  • W3C Verifiable Credentials data model
  • DID (Decentralized Identifiers) for subject and issuer references
  • Shared registry interfaces for status resolution
  • Protocol-level compatibility across operator types

The Credential Lifecycle

From issuance through presentation to verification, each step preserves holder control and establishes trust at the point of action

Credential verification is one of six validation gates evaluated before any action proceeds. Identity state, trust delegation, execution authority, settlement conditions, and governance parameters are coordinated alongside credential status.

Step 1

Credential Issuance

An authorized operator creates a credential, signs it with keys tied to a recognized authority, and delivers it to the holder's wallet. The credential references governance rules that define its scope and constraints.

Issued once, controlled by holder, referenceable across systems

Technical Detail
  • Signed with issuer keys bound to a governance framework
  • Stored in holder-controlled wallet as a verifiable credential
  • Registry entry created for status tracking and revocation
  • Delegation and scope constraints encoded at issuance
Step 2

Credential Presentation

When a system requires proof, the holder presents the credential without transferring custody. The receiving system sees only what is necessary for the requested action.

Holder controls disclosure, custody is never transferred

Technical Detail
  • Selective disclosure limits data exposed to the verifier
  • Presentation does not copy or move the credential
  • Multiple credentials can be combined for composite proofs
  • Holder consent required before any presentation
Step 3

Credential Verification

The receiving system checks the credential signature, queries registry status, and evaluates whether conditions for the requested action are met. If any requirement fails, the action does not proceed.

Status checked at point of action, not from cached records

Technical Detail
  • Signature chain verified back to issuing authority
  • Registry queried for current revocation status
  • Action-specific conditions evaluated against credential scope
  • Verification result determines whether the requested action proceeds

How Credentials Move Through the System

Three stages (issue, present, verify) coordinate across five operator types to establish trust at the point of action

Identity establishedVerifiable formPermissions definedExplicit conditionsVerified outcomesrelied uponExecution proceedsSystem ASystem BSystem CSystems verify identity and permissions independently
Stage 01

Issue

An authorized operator creates a signed credential and delivers it to the holder's wallet.

Stage 02

Present

The holder shares proof with a verifier. Custody never transfers, only the minimum data required is disclosed.

Stage 03

Verify

The verifier checks the signature, queries registry status, and evaluates policy conditions before any action proceeds.

Credential layer detailsOperator roles in architecture

Continue Exploring

See the lifecycle in action through real-world scenarios, or return to the platform overview.

Real-World ScenariosHow It Works Overview

We don't use cookies

Soulverse does not collect cookies, tracking pixels, or similar technologies. Your privacy is fully respected. Read our Cookie Policy