Feature Friday n°2: Verifiable Credentials (VCs)

Written By Tamino Baumann

Introduction

Hey friends,

Welcome to Feature Friday! Each week, this series highlights new identity features available with the walt.id tooling. Check out last week's lesson on Decentralised Identifiers (DIDs) ! For feedback or episode suggestions, connect with us on Discord !

Today we explore Verifiable Credentials, a digital version of physical credentials. Protected from tampering and secured by cryptography, they are easy to verify and almost impossible to fake.

What are Verifiable Credentials (VCs) ?

  1. Digital Documents: Verifiable Credentials are digital versions of physical documents, holding assertions about the subject (holder of the credential) as verifiable claims.

  2. Tamper-Resistant: Verifiable Credentials are resilient to forgery and alteration, ensuring the trustworthiness of the data they present.

  3. Easy-to-Verify: Verifiable Credentials are easy to verify due to their cryptographic underpinnings, which also ensure the authenticity of the presented digital assertions.

  4. Machine-Readable: Verifiable Credentials are machine-readable, which allows automated systems to understand and use them effectively.

  5. Decentralization & self-sovereign: Verifiable Credentials enable users to manage their own digital identities, following the principles of decentralization and self-sovereign identity, allowing for greater control over personal data.

  6. Standardised & Interoperable: Verifiable Credentials are standardised, e.g. W3C, boosting interoperability across platforms and systems.

  7. Verifiable Presentations: Holders of VCs can generate verifiable presentations, which are signed digital objects containing a subset of the information present in one or multiple VCs. These verifiable presentations can then be shared with verifiers as proof of possession.

  8. Trust Triangle: Verifiable Credentials involve three main entities - issuers who create and sign the credentials, holders who store and present them, and verifiers who check the validity of them.

What do VCs enable ?

  1. Trusted Interactions: Verifiable credentials help enable trusted interactions, bolstering trust online and offline by providing cryptographically secure and tamper-resistant proofs of claims about a person or entity.

  2. Streamlined Processes: This makes processes more streamlined for many use-cases and industries, reaching from onboarding, login to a website, checking into a hotel or proofing one's credentials to a future employer.

Verifiable Credentials’ Features

With our open source tools, you can:

  • Create, Revoke - Create verifiable credentials and presentations that conform to W3C standards, using different DID methods and credential formats such as JSON-LD or JWT.

  • Verify - Verify W3C credentials with custom and prebuilt verification policies.

  • Distribute - Transfer credentials using OpenID Connect for Verifiable Credentials (OIDC4VC and OIDC4VP) from an Issuer to a Holder, or from a Holder to a Verifier.

  • Store - Create wallet solutions for holders

… but wait there’s more:

  • Works Across Programming Languages: You can create, verify and distribute verifiable credentials easily with walt.id’ SSI-Kit, offering a CLI tool, a REST service and a Java and Kotlin library.

  • Works Across Ecosystems: Our supported DID methods range from key, web, ebsi, iota, jwk, cheqd and velocity with new ones added continuously.

  • Flexible, Extensible and Open-Source: Using our tools you can leverage the wide range of already supported ecosystems and credential formats or extend our modular system bringing support for your own did:method or credential format.

Demo

Watch our short demo, showcasing how you can work with Verifiable Credentials using the walt.id SSI-Kit

 
 

Get Started

Please note, that the demo shown used the SSI-Kit which is no longer maintained by walt.id. However, all the features are now available via the community stack.
You can get started with the new libs and APIs here.

For W3C credentials in particular, we offer:

  • Verifiable Credentials Lib - issue and verify W3C credentials as JWTs and SD-JWTs in Kotlin/Java and JavaScript.

  • Issuer API - enable apps to issue credentials (W3C JWTs and SD-JWTs) via OID4VC.

  • Verifier API - enable apps to verify credentials (W3C JWTs and SD-JWTs) via OID4VP/SIOPv2.

  • Wallet API - extend apps with wallet capabilities to collect, store, manage and share identity credentials and tokens.

Join us for the upcoming Feature Friday to learn about how to manage Verifiable Credentials over their lifecycle, with a focus on revocation.

Now, here's your dose of tech humour for the day:

Why don't programmers like to leave their homes?

Because they're afraid they'll hit a breakpoint!


Keep exploring, keep coding, and remember to take a break now and then!

See you next Friday, and in the meantime, let’s connect on discord!

Best

Tamino from walt.id

Tamino Baumann
Previous

Feature Friday n°3: Status of Verifiable Credentials
Next

Feature Friday n°1: Decentralized Identifiers (DIDs)