Issuance Process - Encrypting VC's

[frankbharath]

Hello team,

I’d like to confirm my understanding: during the issuance process, is the Verifiable Credential signed with the issuer’s private key, allowing the subject to verify it using the issuer’s public key?

Also, does the issuer encrypt the subject’s claims using the subject’s public key? For example, if another subject were to obtain the VC issued to someone else, would they be able to read the credential’s claims?

Thanks,
Bharath

[paullatzelsperger]

hi @frankbharath

I think you need to understand a few key terms in the realm of VCs and decentralized identities:

• holder: the entity that the VC was issued to. Uses VCs to make a certain claim (e.g. "My headquarter is in Europe")
• issuer: the entity that creates + signs (=issues) the VC. Attests to a certain claim of a holder.
• verifier: the entity that verifies the claims of the holder.
• subject: an object inside the VC. This is what the VC is about, i.e. the claims of the VC. Similar to the claims in a JWT.

your first statement is correct, the VC is signed with the issuer's private key. This means, that every verifier can verify the VC, because the issuer's public key is... well... publicly available.

However, although technically possible, it is typically not the holder that verifies its own VC, but the verifier. This is also how it's implemented at the moment.

A VC's subject is not encrypted, because that would defeat the purpose of a VC, because then no verifier can read the claims anymore, unless they possess the holder's private key... You see how this is a problem?

Even if someone were to steal a holder's VC, the thief couldn't do anything with it, because the original holder's ID is embedded in the VC (and thus: the signature). Changing the ID would require re-signing the VC with the thief's private key, but that would cause the signature verification against the original issuer's public key to fail.

Compare this to a driver's license: only the holder (you) can use it, because your picture is on it, and removing it would disturb the stamp on it. Cops verify your driver's license by inspecting your picture and the stamp of the government department that issued it, and by checking that you have the appropriate vehicle classes listed.

There is a border case, where a holder might not want to disclose the entire subject to everyone. This is called Selective Disclosure, and we don't currently have it in IdentityHub, but you can read about it here.

I would strongly recommend reading up on - and getting very familiar with - the following topics:

• Decentralized Claims Protocol (https://eclipse-dataspace-dcp.github.io/decentralized-claims-protocol/v1.0/)
• Verifiable Credentials VC1.1 and VC2.0
• Securing VC 1.1 (https://www.w3.org/TR/2023/WD-vc-jwt-20230607)
• Securing VC 2.0 (https://www.w3.org/TR/vc-jose-cose/)
• Decentralized IDentifiers (https://www.w3.org/TR/did-1.0/ and https://w3c-ccg.github.io/did-method-web/)

[frankbharath]

Thank you @paullatzelsperger for such a detailed explanation :)

[paullatzelsperger]

would you mind marking the answer as such then :)? thx

[frankbharath]

Done :)