Open in app

Sign in

Write

Sign in

Introducing Verifiable Credentials to the Internet Computer

DFINITY
The Internet Computer Review
Published in
6 min readJun 18, 2024

Written By Mary Dwyer

How often do you hand over your government-issued ID to a stranger? You take a picture of it with your phone to submit to a doctor or bank online; share it with a receptionist at a hotel or hospital so they can scan it and store a copy; or pass it to a bouncer for entry into a bar.

Do you worry this isn’t the best practice? That someone could use the trail of personal details you’re leaving across the web and the real world to steal your identity? Or do you simply find this way of sharing information tedious and repetitive?

South Park cleverly addressed this convoluted process when Stan tried to navigate the American healthcare system in the Ozempic special.

As the clip demonstrates, when it comes to your identity–filling out paperwork, claiming access to a service, and sharing information across different providers–it seems like we’re operating in a time before the internet. Even during the internet era, an essential innovation was missing¹, one that blockchain technology is unlocking, and the Internet Computer has just launched: Verifiable Credentials (VCs).

What are Verifiable Credentials?

Although you may not realize it, you use physical versions of VCs everyday. Credit cards, driver’s licenses, transit cards, passports, etc. are all physical credentials that provide you with special benefits (like making cashless payments, driving a car, hopping on a subway, or traveling across borders). Unfortunately, you can’t use these credentials online–not unless you scan them or type all of their details into a web form. This is time-consuming, error-prone, and privacy-invasive.

VCs enable the issuers of physical credentials to offer credentials online by following an open standard, which makes the credentials tamper-proof, privacy-preserving, and interoperable across different systems and contexts.

When you have a VC instead of a physical credential, you will be able to manage your credentials easily on your mobile phone or laptop, while also gaining a host of security and privacy benefits, including:

  • VCs cannot be copied or cloned.
  • VCs are extremely hard to steal.
  • VCs allow for selective disclosure of information. For example, instead of handing over your entire driver’s license at a bar (which has a picture of you, your address, etc.), you can selectively disclose that you are of drinking age.

Why now?

There are two key innovations that make verifiable credentials ready for adoption. First, blockchains enable users to control their credentials and make peer-to-peer interactions (including payments) possible between users, issuers, and relying parties. Second, passkeys enable users to securely authorize interactions by simply unlocking their trusted devices.

Blockchains are a strong solution for 1) exchanging public keys directly to form private, secure connections between any two peers; 2) storing public keys to verify the signatures on data that peers exchange to provide proof of real-world identity; and, 3) facilitating permissionless payments. With these features, it’s finally possible to establish a marketplace for selectively disclosing data using peer-to-peer payments easily, cost-effectively, and above all without a central authority.

Passkeys enable users to securely authorize interactions in a user-friendly way. Using a browser-based application, users can store their private keys in the secure hardware of their devices. They do not need to carry an additional physical card, nor do they need to manage a hard-to-remember passphrase.

These two innovations combine to make verifiable credentials accessible on ICP.

How can you use verifiable credentials on ICP today?

Verifiable Credentials are live on the Internet Computer. Using Internet Identity on the Internet Computer, users can obtain Verifiable Credentials from issuing dapps and use them with other dapps to gain access to exclusive experiences.

If you want to claim and use a VC, you can:

  • Prove you’re not a bot to OpenChat, using a credential issued to you by DecideAI. OpenChat is a decentralized chat application running end-to-end on the Internet Computer. For certain experiences, like airdrops, OpenChat now allows the creation of gated groups whose access requires you to prove that you are not a bot. One such issuer is DecideAI. Watch a video demo of the experience here.

If you want to build a VC solution, you can:

  • Become an Issuer on the Internet Computer. By implementing the Issuer API, you can issue verifiable credentials and empower users to control and share their data selectively, giving them greater autonomy over their personal data.
  • Become a Relying Party on the Internet Computer. By integrating the Relying Party library, you can become a relying party for verifiable credentials. By requesting verifiable credentials from your customers, you can ensure that the claims that users make are verified by parties (issuers) that you trust, while preserving the user’s privacy.

What use cases can you build?

VCs can be used for all the same things that we use physical credentials for everyday, and beyond. If you are a blockchain developer, the following solutions can serve the immediate needs of your audiences:

  • Prove your customers are human before you Airdrop Tokens: Do you want to airdrop tokens to your customers to promote your product, but you want to make sure those funds are directed to unique individuals? Using verifiable credentials, you can rely on a trusted service, like DecideAI, to issue proof of humanity credentials. To get a credential issued by DecideAI, customers will participate in a short test to prove they’re not a robot. They only do this once, and then they can reuse the credential. When your customers register for airdrops, they will present you with this credential, proving that they are humans.
  • KYC for large transactions: Many crypto platforms require customers to KYC before they can submit large transactions. The process for KYC is tedious, personal, and repetitive. Many customers would prefer to KYC once, and claim a credential that they can reuse across multiple platforms. With ICP’s versatile VC platform and libraries, building such an issuer is possible and cost-effective.

Why build your VC solution on ICP?

On ICP, a VC platform has been launched, based on the W3C verifiable credentials standard, accompanied by a collection of libraries. Developers now have a development kit to express any sort of credential on the Internet Computer in a way that is cryptographically secure, privacy-preserving, and machine-verifiable. These libraries rely on Internet Identity (II), which is a key service of ICP. There are a few key benefits to building your VC solution with II on ICP:

  • Privacy-preserving: Issue re-usable credentials to your users, without using global IDs. Avoid the privacy issues associated with issuing credentials to globally unique IDs (which is typical of offline wallet solutions). Each credential is shared with a unique alias, generated by II and known only to the issuer and relying party.
  • Walletless: Users interact with issuers and relying parties using only a browser. There is no reliance on the app store or centralized big tech companies. This is particularly impactful in areas around the world where crypto wallets are not widely accepted and adopted.
  • Leverage our existing user base: If you issue credentials using Internet Identity, you gain access to a large pool of users and applications that already use Internet Identity (II). II currently features 2.5 million Internet Identities and 100,000 monthly active unique users.
  • Versatile solution across Web2 and Web3: The VC platform has been designed to easily integrate with both ICP dapps, as well as web2 applications.

What’s next?

This is just the beginning for VC solutions on the Internet Computer. We intend to foster a robust ecosystem of issuers and relying parties who can offer their users greater control of their digital identities and data. To learn more about becoming an issuer or relying party, explore developer docs. To contribute to standardization efforts on ICP, join the Identity and Wallet Standards Working Group. Together, we can go beyond these early use cases, and help people like Stan navigate the American healthcare system much more smoothly.

¹Cameron, Kim. “The Laws of Identity.” Identity Blog, 13 Oct. 2005, https://www.identityblog.com/?p=352.

²Preukschat, Alex, and Drummond Reed. Self-Sovereign Identity: Decentralized Digital Identity and Verifiable Credentials. Manning Publications, 2021.

Digital Identity
Verifiable Credentials
The Internet Computer
Blockchain

--

--

DFINITY
The Internet Computer Review

Written by DFINITY

9.1K Followers
Editor for

The Internet Computer is a revolutionary blockchain that hosts unlimited data and computation on-chain. Build scalable Web3 dapps, DeFi, games, and more.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams