Credential Revocation Registry

Storing Verifiable Credential on a distributed ledger could lead to privacy violation. However, we can store the status of a Verifiable Credential on-chain, with no private information attached to it. Issuers of a Verifiable Credential have the ability to revoke the credential and provide the reason behind it.

Syntax of Verifiable Credential (VC) ID

The syntax for Verifiable Credential ID is as follows:
  • vc:hid - VC Method, where vc is the document identifier and hid is the method name
  • <chain-namespace> - (Optional) Name of the blockchain where the VC status is registered. It is omitted for the document registered on mainnet chain
  • <method-specific-id> - Alpha-numeric string of minimum 32 character length

VC Status Operations

  • Transaction Based
    • Register/Update a VC Status Document
  • Query Based
    • Query a VC Status Document
    • Query Registered VC Status Documents

Supported VC Statuses

Following are the VC statuses supported by hid-node:
  • Live
  • Suspended
  • Revoked
  • Expired
NOTE: VC Statuses are case sensetive. Live is valid, while live is invalid

Status Change Rules

  • Unregistered VC Status Document should only have the status as Live
  • Suspended status can be changed to Revoked and Live
  • Revoked and Expired statuses cannot be changed

Supported Hash Algorithm

Following are the supported hash algorithms for the attribute credentialHash:
  • SHA-256

Register/Update VC Status

Both registeration and update of VC Status happens through the RPC RegisterCredentialStatus.
CLI Signature
hid-noded tx ssi register-credential-status [credential-status] [proof]
- credential-status : Credential Status Document
- proof : Issuer's Signature Format
credential-status Structure
"claim": {
"id": "vc:hid:<chain-namespace>:z8BXg2zjwBRTrjPs7uCnkFBKrL9bPD14HxEJMENxm3CJ4",
"currentStatus": "Live",
"statusReason": "Credential Active"
"issuer": "did:hid:devnet:zEYJrMxWigf9boyeJMTRN4Ern8DJMoCXaLK77pzQmxVjf",
"issuanceDate": "2022-04-10T04:07:12Z",
"expirationDate": "2023-02-22T13:45:55Z",
"credentialHash": "< -- SHA-256 Hash of VC -->"
proof Structure
"type": "Ed25519VerificationKey2020",
"created": "2022-04-10T04:07:12Z",
"updated": "2022-04-10T04:07:12Z",
"verificationMethod": "did:hid:devnet:zEYJrMxWigf9boyeJMTRN4Ern8DJMoCXaLK77pzQmxVjf#key-1",
"proofValue": "<-- Base64 encoded signature -->",
"proofPurpose": "assertion"
The field proofValue holds the signature that was produced by signing the credential-status document.
hid-noded tx ssi register-credential-status '{"claim":{"id":"vc:hid:<chain-namespace>:z8BXg2zjwBRTrjPs7uCnkFBKrL9bPD14HxEJMENxm3CJ4","currentStatus":"Live","statusReason":"Credential Active"},"issuer":"did:hid:devnet:zEYJrMxWigf9boyeJMTRN4Ern8DJMoCXaLK77pzQmxVjf","issuanceDate":"2022-04-10T04:07:12Z","expirationDate":"2023-02-22T13:45:55Z","credentialHash":"< -- SHA-256 Hash of VC -->"}' '{"type":"Ed25519VerificationKey2020","created":"2022-04-10T04:07:12Z","updated":"2022-04-10T04:07:12Z","verificationMethod":"did:hid:devnet:zEYJrMxWigf9boyeJMTRN4Ern8DJMoCXaLK77pzQmxVjf#key-1","proofValue":"<-- Base64 encoded signature -->","proofPurpose":"assertion"}' --from <hid-account>

Query VC Status

CLI Signature
hid-noded q ssi credential-status [credential-id]
hid-noded q ssi credential-status vc:hid:<chain-namespace>:z8BXg2zjwBRTrjPs7uCnkFBKrL9bPD14HxEJMENxm3CJ4
  1. 1.
    Query credential status for an inpug credential id:
  1. 1.
    Query list of registered credential statuses: