Credential Architecture

Introduction

Verifiable credentials are structured data objects that make claims about a subject. The credential architecture defines how these objects are constructed, issued, presented, and verified.

The architecture supports interoperability across different systems and issuers while allowing flexibility in credential types and verification methods.

Credential components

Each credential contains a set of claims, metadata about the credential itself, and cryptographic proof. Claims describe attributes or qualifications of the subject. Metadata includes issuer identification, issuance and expiration dates, and credential type.

Cryptographic proof establishes authenticity and integrity. The proof binds the claims and metadata to the issuer's identity and ensures that credential content has not been modified after issuance.

The subject identifier may be explicit or derived. In privacy-preserving architectures, the subject can be identified through cryptographic means without exposing a persistent identifier.

Issuance process

Credential issuance begins with the issuer verifying the accuracy of claims according to their standards and procedures. Once verified, the issuer constructs the credential data structure.

The issuer generates cryptographic proof by signing the credential content with their private key. The resulting signature can be verified using the issuer's public key.

The completed credential is delivered to the holder through a secure channel. The holder stores the credential in their chosen credential wallet or management system.

Credential types

Different credential types serve different purposes. Identity credentials attest to attributes of a person or organization. Authorization credentials grant specific permissions. Qualification credentials attest to skills, certifications, or completed processes.

Each type has a defined schema that specifies what claims it contains and how they should be interpreted. Schemas support consistent verification across different verifiers.

Custom credential types can be defined for specific use cases while maintaining compatibility with the overall architecture.

Presentation and selective disclosure

When presenting a credential, the holder can choose to reveal all claims or only specific ones. Selective disclosure protocols allow proving that particular claims exist in a credential without revealing other claims.

Presentation proofs demonstrate that the holder possesses the credential and has authority to present it. This prevents credentials from being presented by unauthorized parties.

The presentation context may require binding the credential presentation to a specific transaction or time period to prevent replay attacks.

Revocation mechanisms

Credentials can be revoked when conditions change or when issuance was performed in error. Revocation must be verifiable without requiring real-time communication with the issuer.

Revocation lists or status registries provide a way to check credential validity. These mechanisms balance privacy, performance, and security considerations.

The architecture supports both public revocation lists and privacy-preserving status checking methods that do not reveal which credentials are being verified.

Lifecycle management

Credentials have defined lifecycles from issuance through expiration or revocation. Holders are responsible for renewing credentials before expiration if continued validity is required.

Lifecycle management includes monitoring credential status, requesting renewals, and properly disposing of expired credentials.

Systems that rely on credentials must check validity as part of verification and should not cache verification results beyond appropriate time periods.

Interoperability considerations

The architecture supports multiple cryptographic methods and data formats to accommodate different security requirements and technical constraints.

Standard interfaces allow credentials issued by different systems to be verified using common protocols. This enables broad interoperability without requiring global coordination of credential formats.

Systems can support multiple credential standards simultaneously, verifying credentials according to their specific format and cryptographic approach.