Verification is a crucial step in the process of handling Verifiable Credentials (VC). It’s essential to ensure that the credential is valid. Here are the checks that need to be performed:

  • Credential Structure: The credential should not be malformed. It must adhere to the correct structure as defined by its schema.

  • Signature Validation: The credential’s signature must be valid and match the identity of the issuer. This ensures that the credential was indeed issued by the claimed issuer and hasn’t been tampered with.

  • Attribute Check: No additional attributes should have been added to the credential beyond what’s defined in its schema. This prevents unauthorized modifications to the credential.

  • Expiration Check: The credential should not have expired. Credentials often have a validity period after which they are no longer considered valid.

  • Revocation Check: The credential should not have been revoked by the issuer. Even if a credential is valid and hasn’t expired, it may have been revoked by the issuer for various reasons.

By performing these checks, we can ensure the authenticity and validity of a Verifiable Credential.

Verify a Credential

Verifying a credential can be done in two ways:

The response of the verification process will be:

{
  "isValid": boolean,
  "error": string // If isValid is false, could be ["Credential Revoked", "Credential Expired", "Invalid Proof"]
}

Verify a credential via API

To verify a credential via the API use the following endpoint passing the credential json.

Verifying a credential via the API will require a Crossmint developer account.

{
  "credential": <CREDENTIAL_JSON>
}

POST https://staging.crossmint.com/api/unstable/credentials/verify

Verify a Credential via SDK

To verify a credential via the crossmint-client-sdk first you need to install the @crossmint/client-sdk-verifiable-credentials SDK. You can now call the verifyCredential function passing a VerifiableCredential object.

Independent Verification

Since Crossmint’s Verifiable Credentials are based on the W3C standard, you can use any library that supports this standard to verify a credential.

Crossmint verification is strictier and performs additional checks that are not part of the W3C standard. For example, that no additional fields have been added to the credential.