Verifiable Credentials

@bsv/simple supports W3C Verifiable Credentials backed by BSV MasterCertificate cryptography. Credentials can be issued, verified, and revoked on-chain.

Overview

Component

Role

CredentialSchema

Defines the fields, validation, and computed values for a credential type

CredentialIssuer

Issues, verifies, and revokes credentials

MemoryRevocationStore

Stores revocation secrets in memory (browser/tests)

FileRevocationStore

Stores revocation secrets on disk (server only)

toVerifiableCredential()

Wraps a BSV certificate into W3C VC format

toVerifiablePresentation()

Wraps VCs into a W3C VP

Defining a Schema

import { CredentialSchema } from '@bsv/simple/browser'

const schema = new CredentialSchema({
  id: 'employee-badge',
  name: 'EmployeeBadge',
  description: 'Company employee verification',
  fields: [
    { key: 'name', label: 'Full Name', type: 'text', required: true },
    { key: 'email', label: 'Email', type: 'email', required: true },
    { key: 'department', label: 'Department', type: 'select', options: [
      { value: 'engineering', label: 'Engineering' },
      { value: 'design', label: 'Design' },
      { value: 'sales', label: 'Sales' }
    ]},
    { key: 'startDate', label: 'Start Date', type: 'date' }
  ],
  validate: (values) => {
    if (!values.email?.includes('@')) return 'Invalid email'
    return null
  },
  computedFields: (values) => ({
    ...values,
    issuedAt: new Date().toISOString(),
    verified: 'true'
  })
})

Schema Methods

// Validate field values
const error = schema.validate({ name: '', email: 'bad' })
// 'Full Name is required'

// Add computed fields
const all = schema.computeFields({ name: 'Alice', email: '[email protected]' })
// { name: 'Alice', email: '[email protected]', issuedAt: '2024-...', verified: 'true' }

// Get info
const info = schema.getInfo()
// { id: 'employee-badge', name: 'EmployeeBadge', certificateTypeBase64: '...', fieldCount: 4 }

Field Types

Type

Description

text

Free-form text

email

Email address

date

Date string

number

Numeric value

textarea

Multi-line text

checkbox

Boolean flag

select

Dropdown with predefined options

Creating an Issuer

import { CredentialIssuer, MemoryRevocationStore } from '@bsv/simple/browser'

const issuer = await CredentialIssuer.create({
  privateKey: issuerPrivateKeyHex,
  schemas: [schema.getConfig()],
  revocation: {
    enabled: true,
    wallet: walletInstance.getClient(),    // for creating revocation UTXOs
    store: new MemoryRevocationStore()
  }
})

console.log('Issuer DID:', issuer.getInfo().did)
console.log('Schemas:', issuer.getInfo().schemas)

Issuer Configuration

Parameter

Type

Required

Description

privateKey

string

Yes

Hex-encoded private key

schemas

CredentialSchemaConfig[]

Schema definitions

revocation.enabled

boolean

Enable on-chain revocation

revocation.wallet

WalletInterface

If enabled

Wallet for creating revocation UTXOs

revocation.store

RevocationStore

Custom store (default: MemoryRevocationStore)

Issuing a Credential

const vc = await issuer.issue(
  subjectIdentityKey,
  'employee-badge',
  { name: 'Alice Smith', email: '[email protected]', department: 'engineering' }
)

console.log('VC type:', vc.type)
// ['VerifiableCredential', 'EmployeeBadge']

console.log('Subject:', vc.credentialSubject.id)
// 'did:bsv:02abc...'

console.log('Issuer:', vc.issuer)
// 'did:bsv:03def...'

What Happens During Issuance

Fields are validated against the schema
Computed fields are merged in
If revocation is enabled:
- A random 32-byte secret is generated
- The SHA-256 hash of the secret creates a hash-lock script: OP_SHA256 <hash> OP_EQUAL
- A 1-satoshi UTXO is created with this script
- The secret is saved to the revocation store
A MasterCertificate is issued using the BSV SDK
The certificate is wrapped in a W3C Verifiable Credential envelope