Verification
Verification is a crucial step in the process of handling Verifiable Credentials (VC). It’s essential to ensure that the credential is valid. Here are the checks that need to be performed:
-
Credential Structure: The credential should not be malformed. It must adhere to the correct structure as defined by its schema.
-
Signature Validation: The credential’s signature must be valid and match the identity of the issuer. This ensures that the credential was indeed issued by the claimed issuer and hasn’t been tampered with.
-
Attribute Check: No additional attributes should have been added to the credential beyond what’s defined in its schema. This prevents unauthorized modifications to the credential.
-
Expiration Check: The credential should not have expired. Credentials often have a validity period after which they are no longer considered valid.
-
Revocation Check: The credential should not have been revoked by the issuer. Even if a credential is valid and hasn’t expired, it may have been revoked by the issuer for various reasons.
By performing these checks, we can ensure the authenticity and validity of a Verifiable Credential.
Verify a Credential
Verifying a credential can be done in two ways:
The response of the verification process will be:
{
"isValid": boolean,
"error": string // If isValid is false, could be ["Credential Revoked", "Credential Expired", "Invalid Proof"]
}
Verify a credential via API
To verify a credential via the API use the following endpoint passing the credential json.
{
"credential": <CREDENTIAL_JSON>
}
POST https://staging.crossmint.com/api/unstable/credentials/verification/verify
Verify a Credential via SDK
To verify a credential via the crossmint-client-sdk first you need to install the @crossmint/client-sdk-verifiable-credentials
SDK.
You can now call the verifyCredential
function passing a VerifiableCredential
object.
Independent Verification
Since Crossmint’s Verifiable Credentials are based on the W3C standard, you can use any library that supports this standard to verify a credential.
Crossmint verification is strictier and performs additional checks that are not part of the W3C standard. For example, that no additional fields have been added to the credential.