Published in


How issuers can manage credential revocation

Spherity has developed an Ethereum-based credential revocation mechanism for use in the US pharmaceutical supply chain

Credential management cycle from credential request to due diligence, issuance and revocation or expiry
Figure 1: Credential management cycle

Why blockchain?

When the Spherity team looked at available revocation methods in the SSI space, we noticed that the choice was limited and littered with trade-offs. Some key observations we made were that most available revocation methods rely on very centralized or complex and this far unaudited accumulator-based approaches to store and update the revocation information. For our purposes a centralized, easy-to-target revocation server would pose a serious risk. We also require a higher degree of governance and participation of multiple entities in the revocation process than offered by existing methods.

  • Availability: The revocation method should always be available and not bound to the uptime of a single web server. As long as the Ethereum blockchain is running, so will the access to the registry.
  • Scalability: The revocation method should be able to handle a large number of revocations.
  • Auditability: Previous states of the registry can be retrieved. Thus, revocation events at any point in the past can be investigated.
  • Privacy: The revocation method should include basic protection against a set of known de-anonymisation attacks like the phone home problem or correlatability.
  • Security: Only authorized entities are enabled to make changes to the registry.
  • Trust: The revocation method should be usable at different levels of trust. It may be owned by the issuer, a community, or no one.
  • Ease of use: The revocation method should be simple to set up and use.

How does it work?

The Ethereum-based revocation method leverages a smart contract to store, query and modify the state of revoked VCs. The smart contract follows a lean design, as it registers only two pieces of information about a VC:

  • the random unique key (basically a value out of virtually infinite pool of allowable values) assigned to each VC on issuance and
  • the revocation status of each VC in the form of true/false (revoked/not revoked).
  • It listens. The wallet monitors the revocation registry for instant automated notifications about status changes of the VCs it holds. This is akin to subscribing to a newsfeed with alerts on topics of interest.
  • It verifies. When a wallet gets an external VC presented by another wallet, the recipient’s wallet checks whether the credential has been revoked.
Figure 2: Credential issuance and revocation process flow. Credit: Philipp Bolte

What does all this have to do with US pharma?

The US pharmaceutical supply chain is facing a massive regulatory change with the Drug Supply Chain Security Act (DSCSA) coming into full force in November 2023. Just about a year to go!

Figure 3: Product enquiry using verifiable credentials. Source: Spherity tutorial


Spherity has built the described credential revocation mechanism as a practical implementation for a specific real-world use case because there was simply no off-the-shelf solution out there meeting our requirements. We hope that our EIP-5539 will spark community discussions and help standardise this method to make it broadly available.



Boost Your Compliance and Security with Digital Identities.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Chris Wirrig

Former biomedical research scientist. Working on enterprise SSI. Love sharing knowledge. European citizen.