Verification is a crucial step in the process of handling Verifiable Credentials. To ensure a credential is valid, the following checks are performed:
Credential Structure: The credential should not be malformed. It must adhere to the correct structure as defined by the credential type .
Signature Validation: The credential’s signature must be valid and match the identity of the issuer. This ensures that the credential was indeed issued by the claimed issuer and hasn’t been tampered with.
Attribute Check: No additional attributes should have been added to the credential beyond what’s defined in its schema. This prevents unauthorized modifications to the credential.
Expiration Check: The credential should not have expired. Credentials often have a validity period after which they are no longer considered valid.
Revocation Check: The credential should not have been revoked by the issuer. Even if a credential is valid and hasn’t expired, it may have been revoked by the issuer for various reasons.
By performing these checks, we can ensure the authenticity and validity of a Verifiable Credential. Verifying a credential can happen either via the Crossmint API or SDK.
With the Verifiable Credentials client-side SDK, the verification process is performed locally, eliminating the need for interaction with Crossmint. Consequently, there is no need for a Crossmint developer account to verify the credential.Install the @crossmint/client-sdk-verifiable-credentialsnpm package and call the verifyCredential function passing a VerifiableCredential object, as shown below.
Copy
Ask AI
import * as sdk from '@crossmint/client-sdk-verifiable-credentials';sdk.CrossmintAPI.init('YOUR_API_KEY');const decryptedCredential = <CredentialObject>;const verificationResult = await sdk.verifyCredential(decryptedCredential);console.log('Verification result:', verificationResult);
Verifying the status of the NFT related to the credential requires connection to the internet in order to access
blockchain state.
Since Crossmint’s Verifiable Credentials are based on the W3C standard, you can use any library that supports this standard to verify a credential.The W3C Verifiable Credentials standard ensures interoperability across different platforms and systems, enhancing the reliability and security of the credential verification process.
Crossmint verification is stricter and performs additional checks that are not part of the W3C standard. For example, that no additional fields have been added to the credential.