Какво представляват верифицируемите удостоверения?

Verifiable credentials are digital statements that carry their own proof of authenticity. Unlike a traditional login token or a digitised PDF, a verifiable credential includes a cryptographic signature that lets any receiving party confirm — independently, without contacting the issuer — who made the statement, when it was made, and whether it has been revoked.

The Problem They Solve

Most digital identity systems today work by asking a central authority whether a claim is true. When you log in with OAuth, the relying party checks with the identity provider. When you present a certificate, the receiving system checks the certificate authority’s revocation list. These are synchronous, centralised checks — and they break down in environments where the verifier and the issuer do not share infrastructure.

Verifiable credentials remove the need for that real-time check. The proof travels with the credential itself.

How They Work

A verifiable credential has three participants: an issuer (who makes the claim), a holder (who stores and presents it), and a verifier (who checks it).

The issuer creates a digital statement — for example, “Dr. Müller holds a valid medical licence in the canton of Zürich, issued by the cantonal medical authority.” The issuer signs this statement with their cryptographic key. The holder (Dr. Müller) stores this credential in their own wallet or gateway.

When Dr. Müller needs to prove their credentials to a hospital, they present the signed credential. The hospital can verify the signature against the issuer’s public key — which is available on a distributed ledger or through a key event log — without contacting the cantonal authority directly.

ACDC: The Format That Makes It Work

Not all verifiable credential formats are equal. Stargate uses ACDC (Authentic Chained Data Containers), built on KERI (Key Event Receipt Infrastructure). ACDC credentials form a chain: each credential references the cryptographic events that establish the issuer’s authority, creating an unbroken chain of provenance from the root of trust to the specific claim being verified.

Why This Matters for Regulated Industries

In healthcare, a physician’s authority to prescribe a controlled substance depends on their current licence status, their institutional affiliation, and their specific privileges — all of which can change. A verifiable credential can encode all of these conditions and remain independently verifiable by any party that needs to check them.

The same pattern applies in finance (trading authorisations), legal (notarised documents), and government (cross-border credential recognition). Any environment where trust must span institutional boundaries and remain auditable benefits from credentials that carry their own proof.

The Shift from Infrastructure Trust to Credential Trust

The fundamental shift that verifiable credentials represent is from trusting the infrastructure to trusting the credential. Instead of asking “is this person connected through an authorised system?”, you ask “does this person hold a valid, verifiable credential from an authority I recognise?”

That shift makes trust portable. It survives system migrations, infrastructure changes, and even the failure of central intermediaries. It is the foundation that distributed trust architecture is built on.