Or how I learned to love Verified Credentials
I wrote this XOPA Paper (XDV organization proposal arch) where I postulate that in a Verified Credentials model (VC), you have:
- Issuer: Signs or issues credentials using government mandated HSM or Smart cards to legally bind these credentials.
- Holder: Same as VC model, but can enroll into a “peer” like id with issuer. Issuer can create an attestation credential to eg link a wallet address. Next time holder uses a certain DID with Issuer, it can be attested.
- Verifier: Same as VC model, requests Verified Presentation to verify proof
Use Case # 1 — Use HSM / Smartcard to whitelist a set of user wallet address
This is the poor man’s shortcut for business to avoid excessive PKI costs. In this case, it is similar to what I described, the workings goes like:
- Business already has KYC, the user goes through KYC onboarding and if vouched, gets registered in a database as whitelisted for wallet enrollment.
- The API service (onsite) is connected to HSM/Smartcard and issues VCs following XOPA-002, which creates a challenge/response.
- User when asked to enroll, signs with wallet.
- The result gets attached to the credential or some ledger, but it is stored as a XAdes detached signature.
- Any regulatory concern is addressed with append-only log of XAdes detached signatures.
Use Case # 2 — Invoice or Legal Design (Template design)
Similar to use case #1, but here we use both XAdes and VC as dual model data sources. Because it can customized, let’s assume the basic use case: a legal design marketplace.
- Legal Tech company sells legal design templates as NFTs
- Marketplace manages all the buy/sell (orderbook) features
- Buyes obtains the design template and starts using it eg Adobe Sign or some other software. Assume is a software capable of VC and XAdes.
- Any changes are stored as VC and XAdes and kept in an append only store, maybe IPFS or Swarm Bee using Feeds feature.
- Again, you’ll get the merkle tree, append-only, zero gas features without actually using a full fledge blockchain while keeping copies or documents fully legally backed by regulations.
Hope you enjoy reading this article, where I explain one of the XOPA research articles.
— Rogelio