Support SD-JWTs and SD-JWT secured W3C Verifiable Credentials #218
Description
Description
This issue tracks the backend work for UniCore to implement comprehensive support for the IETF Selective Disclosure for JWTs (SD-JWT) standard.
This implementation will enable UniCore to handle two key formats:
- Standard SD-JWTs for generic, selectively disclosable claims (PIDs being the most common use case) (using the
dc+sd-jwtformat). - W3C Verifiable Credentials that are secured and presented using the
vc+sd-jwtformat.
Support must be integrated across all three roles that UniCore performs in the identity ecosystem (Issuer, Holder and Verifier)
Motivation
-
The primary benefit of SD-JWT is selective disclosure. It allows users to prove specific attributes (e.g., "is over 18") without revealing unrelated personal data (like their exact date of birth or address). This builds user trust and aligns with modern data minimization principles.
-
Adherence to the W3C standard ensures our credentials are interoperable with UniMe and other compliant digital wallets and verifiers.
Resources
- https://www.w3.org/TR/vc-jose-cose/#with-sd-jwt
- https://fidescommunity.github.io/DIIP/#credential-format
- https://openid.net/specs/openid-4-verifiable-credential-issuance-1_0-15.html#name-ietf-sd-jwt-vc
- https://openid.net/specs/openid-4-verifiable-presentations-1_0-28.html#name-ietf-sd-jwt-vc
To-do List
- Support SD-JWTs
- Support SD-JWT secured W3C VCs