Credential Composition

A user's on-chain financial identity is composed from multiple credentials to generate a credit score without exposing raw transaction data. For example:

• A reputation credential proving 2+ years of wallet activity.
• A collateralization credential showing consistent over-collateralization in lending protocols.
• A governance participation credential from DAO voting history. A zero-knowledge proof can combine these to attest a user meets a lender's risk threshold, enabling undercollateralized loans.

Decentralized Autonomous Organizations (DAOs) use composed credentials for granular, automated membership and permissioning. A user might need to prove:

• Ownership of a specific NFT (e.g., a governance token).
• Completion of an onboarding course or contribution credential.
• Reputation score from a community attestation system. A single, verifiable composed credential grants access to private forums, voting power, or treasury multisig permissions, replacing manual whitelists.

Projects can create portable loyalty systems by composing user activity across different dApps. A user earns:

• A liquidity provision credential from Uniswap v3.
• A staking duration credential from Lido.
• A trading volume credential from a DEX aggregator. These are composed into a single "DeFi Power User" credential, which can be presented to a new protocol to claim an airdrop, receive fee discounts, or unlock exclusive NFT mints, rewarding holistic ecosystem participation.

Institutions can comply with regulations while minimizing data exposure. A user obtains verifiable credentials from trusted issuers:

• A government ID credential (e.g., passport verification).
• A sanctions screening credential from an oracle.
• A residency credential. Using selective disclosure and zero-knowledge proofs, the user composes a proof that they are:
• Over 18 and not on a sanctions list.
• A resident of a permitted jurisdiction. This composed proof is submitted to a CEX for account tier upgrades without revealing their name or address.

Players build a portable gaming profile by composing achievements and assets from multiple games and metaverses. This identity could include:

• Skill-based credentials (e.g., "Top 100 Rank" in a competitive FPS).
• Asset ownership credentials for rare in-game items or NFTs.
• Social credentials like guild membership or event participation. A new game or esports tournament can query this composed identity to offer tailored experiences, matchmaking, or special access, creating a seamless cross-game reputation layer.

Freelancers in Web3 (developers, designers, writers) can compose a verifiable work history. Credentials are issued by clients or platforms upon job completion:

• Project completion credentials with skill tags (Solidity, UI/UX).
• Payment reliability credentials from smart contract audits.
• Client satisfaction credentials (on-chain reviews). A composed professional dossier allows freelancers to instantly prove their expertise and reliability to new clients or DAOs, streamlining the hiring process without relying on centralized platforms like LinkedIn.

A core privacy principle allowing a user to prove specific claims from a credential without revealing the entire document. This is achieved through zero-knowledge proofs (ZKPs) or BBS+ signatures.

• Example: Proving you are over 21 from a driver's license without revealing your name, address, or exact birth date.
• Security Benefit: Limits data exposure in case of a verifier breach.
• Implementation: Relies on cryptographic schemes that support predicate proofs.

The cryptographic linkage of a credential to a specific holder's Decentralized Identifier (DID). Poor design can lead to unwanted correlation across different contexts.

• Correlation Risk: Using the same public key or identifier for multiple credentials allows verifiers to link a user's activities.

• Mitigation: Use pairwise pseudonymous DIDs, where a unique DID is generated for each relationship, or unlinkable presentations via ZKPs.

• Key Security: The holder's private key must be securely stored, as its compromise leads to total credential theft.

Ensuring the semantic meaning of credential data is consistent and that compromised or expired credentials can be invalidated.

• Schema Attacks: A malicious issuer could define a "University Degree" schema with misleading fields, creating false trust.
• Revocation Mechanisms: Critical for security. Common methods include:
  • Status Lists (e.g., W3C Status List 2021): A cryptographically signed list of revoked credential indices.
  • Accumulators: Cryptographic structures (like RSA or Merkle tree accumulators) enabling privacy-preserving revocation checks.
• Verifier Responsibility: Must always check the revocation status according to the credential's defined method.

Security risks arising from the credential holder's actions during the presentation process.

• Replay Attacks: A malicious verifier re-using a presentation proof. Mitigated by including verifier-provided nonces and audience restrictions in the proof.
• Credential Mismatch (Lying by Omission): Selectively disclosing a subset of credentials that paints a misleading picture (e.g., showing a professional license but hiding its suspended status).
• Proof of Unique Ownership: Preventing the credential sharing attack, where one user's credential is presented by another. This is enforced by cryptographic binding to the holder's key and challenge-response protocols during presentation.

The foundational security model shifts from verifying data directly to verifying the issuer's authority and credibility. A credential is only as trustworthy as its issuer.

• Trust Registry: A decentralized system (often on-chain) that lists which DIDs are authorized to issue credentials for specific schemas. Verifiers check this registry.
• Credential Audit Trail: Immutable, timestamped proof of issuance (e.g., on a blockchain) provides non-repudiation and allows auditing of issuer behavior.
• Hierarchical Trust: Credentials can attest to an entity's authority to issue other credentials, creating verifiable trust chains without a central root.

The security of the rules that govern how multiple credentials are combined to satisfy a complex request.

• Policy Languages: Standards like W3C's Data Integrity Proofs or DIF's Presentation Exchange define how to request a combination of credentials.
• Logic Vulnerabilities: Flawed policy (e.g., (Credential A OR Credential B) when AND was intended) can lead to unauthorized access.
• Verifier Logic Integrity: The verifier's policy evaluation engine must be secure against injection or manipulation. Zero-Knowledge Proofs can allow the holder to prove satisfaction of a complex policy without revealing the underlying credentials, enhancing privacy.

Credential composition uses zero-knowledge proofs (ZKPs) or selective disclosure to combine attributes from multiple sources into a single, verifiable claim without revealing the underlying raw data. This allows a user to prove a composite statement, such as "I am over 18 AND have a credit score > 700 AND am a DAO member," by presenting one cryptographic proof derived from separate credentials.

A primary application is creating robust Sybil-resistant identities for governance and airdrops. Protocols can require a composite proof that combines:

• Proof of Personhood (e.g., World ID)
• Proof of Contribution (e.g., Gitcoin Passport stamps)
• Chain-specific Activity (e.g., on-chain transaction history) This creates a multidimensional identity score that is far harder to game than a single attestation.

Protocols use composed credentials to gate access to features or financial services. For example, a DeFi lending platform might offer better rates based on a proof combining:

• Creditworthiness (off-chain credit score attestation)
• On-chain Reputation (history of repaid loans)
• Asset Ownership (proof of holding specific NFTs or tokens) This enables permissioned DeFi and undercollateralized lending based on a holistic financial identity.

Composition relies on interoperable standards and infrastructure:

• Verifiable Credentials (W3C VC): The data model for attestations.
• Zero-Knowledge Proof Systems (e.g., zkSNARKs, Circom): For creating composite proofs.
• Attestation Registries & Schemas (e.g., EAS, IOTA Identity): Define and store credential formats.
• Composition Engines (protocol-specific logic): Rules for how credentials combine.

Key challenges include:

• Orchestration Complexity: Managing the flow of proofs from multiple issuers.
• Standardization: Lack of universal schemas for composite claims.
• Privacy Leaks: The composite proof itself can reveal correlations.
• Issuer Trust: The composite is only as strong as its weakest credential issuer.
• Revocation: Handling the revocation of one component within a composed proof.

A Zero-Knowledge Proof is a cryptographic method that allows one party (the prover) to prove to another (the verifier) that a statement is true without revealing the underlying data. In credential composition, ZKPs enable complex, privacy-preserving attestations.

• Privacy: Prove attributes (e.g., age > 21) without revealing the exact birthdate.
• Succinctness: Proofs are small and fast to verify, enabling scalable composition.

A Schema defines the structure, data types, and semantic meaning of the claims within a Verifiable Credential. For effective composition, credentials must adhere to interoperable schemas so verifiers can understand and trust the combined data.

• Interoperability: Standard schemas (e.g., for educational degrees or KYC data) allow systems to process credentials uniformly.
• Validation: Ensures composed data conforms to expected formats and constraints.

An Attestation is a broader term for a statement or assertion made by an entity about a subject. In credential systems, a Verifiable Credential is a digitally signed, machine-readable attestation. Composition is the act of logically combining multiple attestations to form a richer proof.

• Scope: Can be on-chain (e.g., a smart contract state) or off-chain (e.g., a signed JSON file).
• Trust Root: The authority and cryptographic proof behind the attestation determine its weight.