Verifiable Credentials
KryptoOS uses verifiable credentials to let an issuer make a claim, a holder store it, and a verifier check it without relying on a central database.
Lifecycle
- Issue: an approved issuer signs a credential for a holder DID.
- Hold: the holder stores the credential in their wallet or app.
- Present: the holder shares the minimum proof needed.
- Verify: the verifier checks issuer, signature, expiry and status.
- Revoke: the issuer can update status without exposing private data.
Public Credential Shape
json
{
"type": ["VerifiableCredential", "ExampleCredential"],
"issuer": "did:kryptoos:issuer",
"credentialSubject": {
"id": "did:kryptoos:holder",
"claim": "public-or-minimized-value"
},
"credentialStatus": {
"type": "RevocationStatus",
"status": "active"
},
"proof": {
"type": "Sr25519Signature2026",
"proofPurpose": "assertionMethod"
}
}This example is intentionally minimal. Public docs should not include real user identifiers, raw device IDs, private issuer keys or production status-list URLs.
Verification Checklist
- DID format is valid.
- Issuer is allowed for the credential type.
- Signature verifies against the issuer DID document.
- Credential is not expired.
- Revocation status is active.
- The verifier requested only the claims it needs.
Ecosystem Credentials
For Ouranoos, Eoonia and EmpoorioChain-specific credentials, see Ecosystem Credentials.
For selective disclosure and proof-only flows, see ZK Credentials.