Attestation Graph

An attestation graph is a directed graph where nodes represent entities (e.g., wallets, DIDs, smart contracts) and edges represent verifiable claims or attestations. This structure is not stored in a single database but is assembled on-demand by querying decentralized sources like blockchains or decentralized storage networks (e.g., IPFS, Ceramic). This ensures data ownership remains with the issuer and is censorship-resistant.

Each attestation is a cryptographically signed statement (e.g., a W3C Verifiable Credential or an EAS schema) that binds a subject to a property. The signature proves the issuer's identity and the data's integrity. Because the attestation is a standalone object, it is portable; users can take their verified reputation, credentials, or reviews across different applications and platforms that trust the same issuing schema or registry.

Graphs enable composability of trust. Applications can traverse the graph to aggregate and evaluate a subject's reputation from multiple, independent sources.

• Example: A lending protocol can check a user's attestations for KYC completion (from an issuer), a credit score (from another), and a history of repaid loans (on-chain). The combined trust graph informs a more robust risk assessment than any single data point.

Data integrity is enforced through registries and schemas. A schema defines the structure (fields, data types) of a specific type of attestation (e.g., "Proof of Humanity"). Registries, like the Ethereum Attestation Service (EAS), store the schema on-chain and record when attestations are made or revoked. This allows any verifier to check if an attestation conforms to its declared schema and was issued by an authorized entity.

Advanced cryptographic techniques like zero-knowledge proofs (ZKPs) can be integrated with attestation graphs. This allows a user to prove a claim derived from an attestation without revealing the underlying data.

• Use Case: Proving you are over 18 from a government ID attestation, or demonstrating a credit score above a threshold without revealing the exact score. This preserves user privacy while maintaining verifiability.

Attestation graphs seamlessly connect on-chain and off-chain data. An off-chain event (e.g., a diploma issuance) can be attested and its cryptographic proof recorded on a blockchain. Smart contracts can then consume these on-chain references (e.g., a token-gated community checking for a diploma attestation). This creates a verifiable bridge between real-world identity/achievements and decentralized applications.

Lenders can build decentralized credit scores by analyzing a wallet's attestation graph instead of traditional credit history.

• Attestations can represent loan repayment history, revenue streams, or collateral ownership from other protocols.
• A creditworthiness score is derived algorithmically from this graph, enabling undercollateralized lending.
• This unlocks DeFi for users without traditional banking records.

Creators can mint attestations to prove originality and track the lineage of digital content, combating misinformation and IP theft.

• A photographer attests to being the original creator of an image NFT.
• Subsequent edits or uses by others create a derivative graph, preserving attribution.
• Platforms can verify content provenance, ensuring authentic media in news and social networks.

The Attestation Graph enables portable, user-controlled identity systems. Developers can build applications where on-chain attestations (like proof-of-humanity, KYC status, or skill certifications) are linked to a user's wallet and can be queried across different dApps. This creates a verifiable reputation layer without relying on a central authority.

• Example: A lending protocol can query the graph to verify a user's Gitcoin Passport score before offering undercollateralized loans.
• Example: DAOs can use attestations to prove membership or voting history when participating in governance across different ecosystems.

This use case tracks the origin and journey of assets (NFTs, tokens) across multiple blockchains. The graph stores attestations of minting, bridging, and ownership changes, creating an immutable provenance trail.

• Key Mechanism: When an NFT is bridged from Ethereum to Polygon, a verifiable attestation is created linking the original asset to its wrapped counterpart.
• Benefit: Marketplaces and collectors can query the graph to authenticate an asset's full history, combating fraud and proving authenticity even after cross-chain movement.

The Attestation Graph acts as a decentralized credit bureau for DeFi. It allows protocols to make risk-based decisions by aggregating a user's financial behavior from across the ecosystem.

• Data Sources: Attestations can include loan repayment history (from Aave, Compound), collateralization ratios, and wallet transaction patterns.
• Application: A money market protocol can use a graph query to calculate a custom credit score, enabling features like uncollateralized borrowing or optimized interest rates based on proven reliability.

Businesses use the Attestation Graph to create transparent and auditable supply chains. Each step in a product's lifecycle—from manufacturing to delivery—can be recorded as a cryptographically signed attestation on the graph.

• Real-world Link: A physical product's QR code can be linked to its on-chain attestation history.
• Query Power: A retailer can instantly verify a product's authenticity, ethical sourcing credentials, and temperature logs (for perishables) by scanning the code and querying the decentralized graph, bypassing proprietary databases.

DAOs leverage the Attestation Graph to objectively track and reward contributions. Off-chain actions like code commits, community moderation, or content creation are attested to and linked to a member's on-chain identity.

• Workflow: A coordinape-style tool attests to a member's contributions. These attestations are written to the graph.
• Automated Rewards: A smart contract for distributing grants or tokens can query the graph for a member's total attested contributions, enabling merit-based, automated compensation without manual review.

The Attestation Graph provides a public, verifiable registry for Zero-Knowledge Proof (ZKP) claims. Applications can store an attestation that a user possesses a valid ZKP (e.g., proof of age > 18, proof of membership) without revealing the underlying data.

• Privacy-Preserving Pattern: A user generates a ZKP locally. A verifier contract validates the proof and issues an attestation of validity to the public graph.
• Reusable Verification: Any other dApp can then check the graph for this attestation, granting access or privileges based on the proven claim, eliminating the need for the user to re-generate the proof for every application.

At its core, an attestation is a verifiable claim signed by an issuer's private key. This creates a cryptographic proof that:

• The claim's content is authentic and unaltered.
• A specific entity (the issuer) made the claim.
• The claim can be independently verified by anyone with the issuer's public key. This mechanism replaces the need for trusted intermediaries with mathematical verification.

The graph structure enables decentralized trust by allowing entities to build reputation based on attestations from multiple, potentially unrelated issuers. This creates a web of trust that is resistant to Sybil attacks, where a single entity creates many fake identities. Trust is not centralized in one authority but is computationally derived from the aggregate of verifiable, on-chain signatures across the graph.

A critical security feature is the ability for an issuer to revoke an attestation. Common mechanisms include:

• Revocation Registries: The issuer publishes a signed revocation list on-chain.
• Status List Credentials: A dedicated, updatable credential that lists revoked attestation IDs.
• Smart Contract Logic: Expiration timestamps or conditions that invalidate the attestation. Proper revocation is essential for maintaining the integrity of the graph over time.

When anchored to a blockchain, attestations inherit immutability and tamper-evidence. The hash of the attestation data is recorded on-chain, creating a permanent, timestamped proof of its existence at a point in time. Any subsequent alteration to the original off-chain data will break the cryptographic link to the on-chain anchor, making fraud immediately detectable.

Advanced schemes like Zero-Knowledge Proofs (ZKPs) allow for selective disclosure. A user can prove a claim derived from an attestation (e.g., 'I am over 18') without revealing the underlying credential or any other personal data. This minimizes data exposure and enhances privacy while maintaining the cryptographic assurance of the original attestation.

The trustworthiness of an attestation is ultimately tied to the reputation of its issuer. Systems often implement trust frameworks or scoring algorithms that evaluate issuers based on:

• Their own attested credentials.
• The historical accuracy of their claims.
• Their standing within the broader graph. This creates a market for reputation where high-quality issuers are incentivized.

Graph Traversal refers to the computational process of navigating the nodes (DIDs, issuers) and edges (attestations) within an attestation graph to answer specific queries. This is the mechanism that gives the graph its analytical utility.

• Common Queries: "Find all attestations from trusted issuers about this DID," or "Verify the provenance chain of this credential."
• Challenges: Requires indexing services for efficient lookup across decentralized data sources.
• Tooling: Often implemented by Attestation Verifier services or agent frameworks.