Credential Revocation Registry

Storing Verifiable Credential on a distributed ledger could lead to privacy violation. However, we can store the status of a Verifiable Credential on-chain, with no private information attached to it. Issuers of a Verifiable Credential have the ability to revoke the credential and provide the reason behind it.
Syntax of Verifiable Credential (VC) ID
The syntax for Verifiable Credential ID is as follows:
vc:hid:<chain-namespace>:<method-specific-id>
vc:hid - VC Method, where vc is the document identifier and hid is the method name
<chain-namespace> - (Optional) Name of the blockchain where the VC status is registered. It is omitted for the document registered on mainnet chain
<method-specific-id> - Alpha-numeric string of minimum 32 character length
VC Status Operations
Transaction Based
Register/Update a VC Status Document
Query Based
Query a VC Status Document
Query Registered VC Status Documents
Supported VC Statuses
Following are the VC statuses supported by hid-node:
Live
Suspended
Revoked
Expired
NOTE: VC Statuses are case sensetive. Live is valid, while live is invalid
Status Change Rules
Unregistered VC Status Document should only have the status as Live
Suspended status can be changed to Revoked and Live
Revoked and Expired statuses cannot be changed
Supported Hash Algorithm
Following are the supported hash algorithms for the attribute credentialHash:
SHA-256
Register/Update VC Status
Both registeration and update of VC Status happens through the RPC RegisterCredentialStatus.
CLI Signature
Usage:
  hid-noded tx ssi register-credential-status [credential-status] [proof]
​
Params:
 - credential-status : Credential Status Document
 - proof : Issuer's Signature Format
credential-status Structure
{
    "claim": {
        "id": "vc:hid:<chain-namespace>:z8BXg2zjwBRTrjPs7uCnkFBKrL9bPD14HxEJMENxm3CJ4",
        "currentStatus": "Live",
        "statusReason": "Credential Active"
    },
    "issuer": "did:hid:devnet:zEYJrMxWigf9boyeJMTRN4Ern8DJMoCXaLK77pzQmxVjf",
    "issuanceDate": "2022-04-10T04:07:12Z",
    "expirationDate": "2023-02-22T13:45:55Z",
    "credentialHash": "< -- SHA-256 Hash of VC -->"
}
proof Structure
{
    "type": "Ed25519VerificationKey2020",
    "created": "2022-04-10T04:07:12Z",
    "updated": "2022-04-10T04:07:12Z",
    "verificationMethod": "did:hid:devnet:zEYJrMxWigf9boyeJMTRN4Ern8DJMoCXaLK77pzQmxVjf#key-1",
    "proofValue": "<-- Base64 encoded signature -->",
    "proofPurpose": "assertion"
}
The field proofValue holds the signature that was produced by signing the credential-status document.
Example
hid-noded tx ssi register-credential-status '{"claim":{"id":"vc:hid:<chain-namespace>:z8BXg2zjwBRTrjPs7uCnkFBKrL9bPD14HxEJMENxm3CJ4","currentStatus":"Live","statusReason":"Credential Active"},"issuer":"did:hid:devnet:zEYJrMxWigf9boyeJMTRN4Ern8DJMoCXaLK77pzQmxVjf","issuanceDate":"2022-04-10T04:07:12Z","expirationDate":"2023-02-22T13:45:55Z","credentialHash":"< -- SHA-256 Hash of VC -->"}' '{"type":"Ed25519VerificationKey2020","created":"2022-04-10T04:07:12Z","updated":"2022-04-10T04:07:12Z","verificationMethod":"did:hid:devnet:zEYJrMxWigf9boyeJMTRN4Ern8DJMoCXaLK77pzQmxVjf#key-1","proofValue":"<-- Base64 encoded signature -->","proofPurpose":"assertion"}' --from <hid-account>
Query VC Status
CLI Signature
Usage:
  hid-noded q ssi credential-status [credential-id]
Example
hid-noded q ssi credential-status vc:hid:<chain-namespace>:z8BXg2zjwBRTrjPs7uCnkFBKrL9bPD14HxEJMENxm3CJ4
REST
1.Query credential status for an inpug credential id:
http://<REST-URL>/hypersign-protocol/hidnode/ssi/credential/{credId}
1.Query list of registered credential statuses:
http://<REST-URL>/hypersign-protocol/hidnode/ssi/credential

Last modified 5mo ago