What is a verifiable credential?
A verifiable credential is a tamper-evident, cryptographically-signed digital claim that a holder can present to prove something about themselves — a diploma, a KYC pass, an age, a professional license — without the verifier having to phone the issuer. It follows a simple three-party model: an issuer signs it, a holder stores and presents it, and a verifier checks the signature.
The three-party trust model
The issuer (a university, bank or agency) creates a claim and signs it with its private key. The holder stores the credential in a wallet they control and presents it when needed. The verifier checks the issuer’s signature against a known public key and trusts the claim without contacting the issuer. This turns identity checks into offline, privacy-preserving cryptographic verifications rather than centralized database lookups.
Selective disclosure
A well-designed verifiable credential lets the holder reveal only the fact required — "over 18" rather than a full birth date, "KYC-cleared" rather than a passport scan. This data minimization is the privacy advantage over sharing raw documents. The verifier still gets a cryptographically-sound answer, but the holder controls exactly which attributes are disclosed at each interaction.
Why the signature must be post-quantum
A credential is only as trustworthy as the issuer’s signature, and credentials are often trusted for years. If that signature uses ECDSA and a quantum computer breaks it, an attacker could forge issuer signatures and mint fake credentials at scale. Signing with ML-DSA (Dilithium, FIPS 204) keeps issuer attestations unforgeable across the credential’s lifetime. The signatures are resistant to known classical and quantum attacks per NIST, not unbreakable — durability is the goal.
Try it yourself — live, free, verifiable in 30 seconds:
Issue and verify credentials →