Verifiable Credentials: Decentralized Identity

• Verifiable Credentials are tamper-evident, cryptographically-protected data objects defined by W3C, enabling decentralized identity with privacy-preserving proofs.
• They leverage methods such as digital signatures, zero-knowledge selective disclosure, and cryptographic accumulators to guarantee security and minimal data exposure.
• VCs support robust lifecycle operations including issuance, presentation, verification, and revocation, and are applied across IoT, finance, supply chains, and e-government.

A Verifiable Credential (VC) is a cryptographically-protected, tamper-evident data object used to convey structured claims about a subject, as defined and standardized by the W3C Verifiable Credentials Data Model. VCs are a foundational construct in decentralized and self-sovereign identity (SSI) architectures, providing a cryptographic basis for attesting to arbitrary properties of subjects—human, organizational, or machine—in a manner that is portable, privacy-respecting, and independently verifiable. The data model, cryptographic mechanisms, lifecycle workflows, and privacy-preserving properties of VCs have been explored across diverse domains including access control, IoT, digital product passports, decentralized finance, agentic AI, and large-scale e-government infrastructures (Spiliotopoulos et al., 2021, Lux et al., 2020, Hoops et al., 16 Jan 2024, Akram et al., 2 May 2025, Barclay et al., 2021, Garzon et al., 2023, Yuan, 10 Oct 2025, Huang et al., 25 May 2025, Herbke et al., 17 Jun 2024, Fotiou et al., 2021, Barclay et al., 2020, Perugini et al., 17 Jul 2024, Fedrecheski et al., 2020, García et al., 21 Oct 2024, Hoops et al., 28 Jan 2025, Fotiou et al., 2022, Xie et al., 19 Jan 2025, Flamini et al., 16 Jan 2024, Mazzocca et al., 4 Feb 2024, Buldini et al., 30 May 2025).

1. Formal Model and Data Structures

At its most general, a VC is a digital assertion by an Issuer (typically referenced by a decentralized identifier, or DID) about the claims of a Subject (also identified by a DID), optionally held by a Holder (often the Subject, but not necessarily). The canonical JSON-LD serialization includes:

{ "@context": ["https://www.w3.org/2018/credentials/v1", ...], "id": "urn:uuid:1234...", "type": ["VerifiableCredential", ...], "issuer": "did:example:issuer1234", "issuanceDate": "2024-06-20T12:00:00Z", "expirationDate": "2025-06-20T12:00:00Z", "credentialSubject": { "id": "did:key:holder5678", "attribute1": "value1", "attribute2": "value2", ... }, "proof": { "type": "Ed25519Signature2018", "created": "2024-06-20T12:00:00Z", "proofPurpose": "assertionMethod", "verificationMethod": "did:example:issuer1234#key-1", "jws": "eyJhbGciOiJFZERTQSJ9…" } }

The key fields—issuer (DID), credentialSubject (claims), and proof (signature or ZK proof)—form the mathematical core:

$$\text{VC} = (\text{issuer}, \text{subject}, \text{claims}, \sigma_{\text{issuer}})$$

with $$\sigma_{\text{issuer}} = \mathrm{Sign}_{\text{sk}_\text{issuer}}(H(\text{claims} \parallel \text{subject} \parallel \text{expiry}) )$$ (Spiliotopoulos et al., 2021, Lux et al., 2020, Mazzocca et al., 4 Feb 2024).

The VC model is extensible to JWT form for integration into protocols such as OAuth 2.0, where the VC appears as a nested JWT vc claim signed with JWS (Akram et al., 2 May 2025, Fotiou et al., 2021, Hoops et al., 16 Jan 2024).

2. Cryptographic Foundations

The authenticity, integrity, and privacy-preserving features of VCs depend on advanced cryptographic constructions:

• Digital Signatures: Ed25519, ECDSA (P-256, secp256k1), and BLS12-381 are widely used for the proof field (Garzon et al., 2023, Hoops et al., 16 Jan 2024, Mazzocca et al., 4 Feb 2024). Issuers sign over the normalized credential payload, and verifiers check this signature against the issuer public key resolved from the issuer’s DID Document (Lux et al., 2020, Perugini et al., 17 Jul 2024, Barclay et al., 2020).
• Selective Disclosure & Zero-Knowledge Proofs: State-of-the-art implementations enable holders to generate zero-knowledge proofs of statements (predicates) about claims in their VCs, without revealing the full claims set (e.g., "age > 18", or membership in a group) (Spiliotopoulos et al., 2021, Flamini et al., 16 Jan 2024, Yuan, 10 Oct 2025). Signature schemes supporting efficient selective disclosure and ZKP include BBS+, CL (Camenisch–Lysyanskaya), and PS (Pointcheval–Sanders). BBS+ signatures allow for ZKPoKs of subsets of claims, providing strong unlinkability and minimal disclosure (Flamini et al., 16 Jan 2024, Spiliotopoulos et al., 2021, Buldini et al., 30 May 2025).
• Cryptographic Commitments and Accumulators: Commitment-based approaches (e.g., hash-and-salt, Merkle trees) support hiding-commitments (merTree, SD-JWT) for fast, quantum-resistant selective disclosure. Cryptographic accumulators are used for revocation (membership proofs) in privacy-preserving revocation protocols (Yuan, 10 Oct 2025, Hoops et al., 28 Jan 2025, Buldini et al., 30 May 2025). ECC-based accumulators compress claim sets for compact selective disclosure (Buldini et al., 30 May 2025).

3. Credential Lifecycle Operations

The lifecycle comprises issuance, presentation, verification, and revocation:

• Issuance:

1. Holder generates or obtains a DID/keypair.
2. Issuer verifies attributes (off-chain as policy dictates), constructs the credential, and cryptographically signs it.
3. VC delivered off-chain to Holder’s wallet, who stores it for later use (Mazzocca et al., 4 Feb 2024, García et al., 21 Oct 2024, Herbke et al., 17 Jun 2024).

• Presentation:
  • Holder creates a Verifiable Presentation (VP), optionally selectively disclosing only requested claim subsets, or proving predicates via ZKPs (Spiliotopoulos et al., 2021).
  • Presentation is signed with Holder's DID key and transmitted over secure (e.g., DIDComm, OAuth/OIDC, WebSocket) channels (Lux et al., 2020, Hoops et al., 16 Jan 2024, Herbke et al., 17 Jun 2024).
• Verification:

1. Verifier resolves the Issuer's DID to obtain their public key.
2. Signature or ZKP is cryptographically validated.
3. Credential-specific attribute checks, as well as time validity and revocation status (via status lists, accumulators, or Merkle proofs), are enforced (Garzon et al., 2023, Hoops et al., 28 Jan 2025, Yuan, 10 Oct 2025).

• Revocation:
  • Techniques include bitstring status lists, Merkle-tree or RSA-accumulator–based privacy-preserving revocation sets (e.g., CRSet), and on-chain or off-chain status registries (Hoops et al., 28 Jan 2025, Yuan, 10 Oct 2025, Spiliotopoulos et al., 2021). Proper mechanisms guarantee issuer activity and presentation unlinkability for revocation checks.

4. Privacy, Unlinkability, and Selective Disclosure

VC frameworks target advanced privacy-preserving data minimization. Key mechanisms:

• Unlinkability: Fresh randomness (nonces, ephemeral keys, ZK randomization) in each presentation ensures that distinct proofs or selective-disclosure VPs cannot be correlated (Spiliotopoulos et al., 2021, Flamini et al., 16 Jan 2024, Buldini et al., 30 May 2025).
• Minimal Disclosure & Predicate Proofs: ZKPs allow proof of arbitrarily complex predicates over hidden attributes, e.g. age-range, group membership. BBS+ and CL signatures enable such proofs without revealing full claim vectors (Spiliotopoulos et al., 2021, Yuan, 10 Oct 2025, Flamini et al., 16 Jan 2024).
• Issuer and Subject Anonymity: Signature-less models (e.g., SLVC-DIDA) employ hash-based commitment schemes, Merkle proofs, and zero-knowledge RSA accumulators to provide not only attribute privacy, but issuer-set hiding and forward secrecy against compromise (Xie et al., 19 Jan 2025).
• Integration with Standard Protocols: VCs are increasingly embedded into existing frameworks as JWT/JWS claims, enabling secure, privacy-preserving authentication and authorization (OAuth2.0, OpenID Connect, TLS handshake, Web-of-Things, EBSI) (Akram et al., 2 May 2025, Fotiou et al., 2021, Hoops et al., 16 Jan 2024, Buldini et al., 30 May 2025, Perugini et al., 17 Jul 2024).

5. Application Domains and Use Cases

VCs have been deployed or proposed in a diverse spectrum of scenarios:

Application Domain	Typical Claims/VC Types	Features Leveraged
Financial services/consumer care	IncomeProof, RiskAssessment, Policy VCs	ZK selective disclosure, revocation (Spiliotopoulos et al., 2021)
IoT and Smart Building	Device identity, CapabilitiesCredential	Owner-centric, JWT/ZKP, BBS+, access control (Fedrecheski et al., 2020, Fotiou et al., 2022)
Agentic AI/Multi-Agent Systems	AgentCapability, Provenance, SecurityProfile	ZKP, fine-grained ABAC, real-time revocation (Huang et al., 25 May 2025)
Supply chain/Product passports	ProductComposition, LifecycleEvent VCs	Self-sovereign product twins, chain-of-custody, selective disclosure (García et al., 21 Oct 2024)
Scientific Data/ML pipelines	DatasetEthics, Bill-of-Materials	Provenance, agent chain, auditability (Barclay et al., 2021, Barclay et al., 2020)
Large-scale authentication	OIDC sign-in, TLS handshake (VC certificate)	Standards compliance, hybrid/fallback modes (Hoops et al., 16 Jan 2024, Perugini et al., 17 Jul 2024)
Crowdsourced resource sharing	DroneCapability, AccessToken-VCs	JWT-VC binding, DPoP, scalable multi-tenancy (Akram et al., 2 May 2025, Fotiou et al., 2021)

Notably, performance measurements show VC implementations can maintain sub-millisecond cryptographic operation times, and are practical at scale (e.g., >1000 concurrent VP sessions or 60 000 blockchain tx/s) (Herbke et al., 17 Jun 2024, Lux et al., 2020, Hoops et al., 28 Jan 2025).

6. Limitations, Challenges, and Open Research Problems

Despite usability and security advances, significant challenges persist:

• Standardization and Interoperability: Fragmentation in DID methods, incomplete standardization of credential schemas across domains, and protocol extensions for revocation, selective disclosure, and transport mechanisms create heterogeneous ecosystems (Mazzocca et al., 4 Feb 2024, García et al., 21 Oct 2024, Herbke et al., 17 Jun 2024).
• Revocation and Lifecycle Management: Scaling revocation (privacy-preserving/non-leaky status registries) and supporting ephemeral, one-time-use VCs in high-throughput environments remain active areas of research (Hoops et al., 28 Jan 2025, Spiliotopoulos et al., 2021).
• Computational Cost and Proof Size: ZKP-based selective-disclosure (especially with advanced predicates or post-quantum schemes) can induce significant computational and bandwidth overheads for constrained devices (Flamini et al., 16 Jan 2024, Yuan, 10 Oct 2025, Buldini et al., 30 May 2025). Various compact and accumulator-based mechanisms have been proposed to mitigate this (Buldini et al., 30 May 2025).
• Key and Identity Management: Usable, secure tools for end-users (wallets, social key recovery) are critical to prevent key loss, theft, or unintentional data exposure (Yuan, 10 Oct 2025, Herbke et al., 17 Jun 2024).
• Governance, Legal, and Privacy Policies: Aligning decentralized operational models to regulatory realities (GDPR, eIDAS, compliance audits) requires integration of privacy-enhancing design with auditability, consent, and data minimization (Herbke et al., 17 Jun 2024, García et al., 21 Oct 2024, Mazzocca et al., 4 Feb 2024).

7. Best Practices and Future Directions

Research and deployment best practices include:

• Decoupling DIDs from VCs to maintain self-sovereignty and support key rotation without re-issuing VCs (Spiliotopoulos et al., 2021, Garzon et al., 2023).
• Leveraging cryptographic accumulators and status registries (e.g., Merkle, Bloom, RSA accumulators) for scalable, privacy-preserving revocation (Hoops et al., 28 Jan 2025, Yuan, 10 Oct 2025, Buldini et al., 30 May 2025, Xie et al., 19 Jan 2025).
• Emphasizing selective disclosure by default via BBS+, CL, or accumulator-based approaches, and integrating efficient ZKP circuits for dynamic predicate proofs (Spiliotopoulos et al., 2021, Flamini et al., 16 Jan 2024, Yuan, 10 Oct 2025).
• Cohesively integrating VCs with existing authentication/authorization standards (OAuth 2.0, OIDC, TLS, OAuth2-RAR, DIDComm) to provide seamless, user-centric workflows (Akram et al., 2 May 2025, Fotiou et al., 2021, Hoops et al., 16 Jan 2024, Perugini et al., 17 Jul 2024).
• Piloting domain-specific VC ecosystems (e.g., EBSI, Sovereign, Hyperledger Aries/Indy) with rigorous empirical performance and security evaluations (Herbke et al., 17 Jun 2024, Lux et al., 2020).
• Aligning schemas and federated trust policies with evolving legal standards and privacy requirements, while retaining cryptographic verifiability and minimal disclosure guarantees (García et al., 21 Oct 2024, Mazzocca et al., 4 Feb 2024).

Future work is focused on quantum-safe credential architectures, universal revocation protocols, universal wallet and DID method interoperability, and practical region-specific governance models for globally federated credential trust (Yuan, 10 Oct 2025, Flamini et al., 16 Jan 2024, Xie et al., 19 Jan 2025, Mazzocca et al., 4 Feb 2024).

---

Verifiable Credentials have established themselves as the cryptographic backbone of decentralized digital identity, enabling integrity, authentication, privacy, and auditability at scale, with ongoing research driving their integration into critical application ecosystems across domains.