Skip to main content
European CommissionEBSI European Blockchain

Credential Status VC Schemas

Last updated on

The Credential Status VC is a type of VC that contains the Status List or CRL content. The VC is signed by the Issuer and compressed, allowing it to be transport medium agnostic. The receiver of the VC can validate the information using the same method as any other VCs.

StatusList2021

PropertyStatusList2021
idId property that defines the credential status identity. Can be the same as the credential URL used in the corresponding Entry.
typeMUST contain "StatusList2021Credential"
credentialStubject.typeMUST be StatusList2021
credentialSubject.statusPurposeMUST be revocation or suspension.
credentialSubject.encodedListFirst GZIP-compressed, then base64 encoded values of a bitstring
StatusList2021 - Non-normative example
Payload
{
"@context": ["https://www.w3.org/2018/credentials/v1"],
"id": "https://api.preprod.ebsi.eu/trusted-issuers-registry/v3/issuers/did:ebsi:zyrMG8T9xYbNoSwyQa4SGMJ/proxies/6cc5fcc621d8098977d378ec7bf63f9ad0b204d56bb604f75bc9290e7033ac84/credentials/status/5",
"type": [
"VerifiableCredential",
"VerifiableAttestation",
"StatusList2021Credential"
],
"issuer": "did:ebsi:zvHWX359A3CvfJnCYaAiAde",
"issuanceDate": "2022-08-04T10:01:00Z",
"validFrom": "2022-08-04T11:00:00Z",
"expirationDate": "2026-08-04T11:00:00Z",
"issued": "2022-08-04T10:01:00Z",
"credentialSubject": {
"id": "https://api.preprod.ebsi.eu/trusted-issuers-registry/v3/issuers/did:ebsi:zyrMG8T9xYbNoSwyQa4SGMJ/proxies/6cc5fcc621d8098977d378ec7bf63f9ad0b204d56bb604f75bc9290e7033ac84/credentials/status/5#list",
"type": "StatusList2021",
"statusPurpose": "revocation",
"encodedList": "H4sIAAAAAAAAE+3BMQEAAADCoPVPbQwfoAAAAAAAAAAAAAAAAAAAAIC3AYbSVKsAQAAA"
},
"credentialSchema": {
"id": "https://api.preprod.ebsi.eu/trusted-schemas-registry/v1/schemas/0x64396ad493808613f5ff09ad137eeaa45c26146f986b526179b54cd894b3587e",
"type": "FullJsonSchemaValidator2021"
}
}
JWT
eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlI0YwcjVPeXRfbGFodnZ6Nk1XbFlzM21jWU5LWmlpUWRVZnF2OHRzaEhOOXcifQ.eyJpc3MiOiJkaWQ6ZWJzaTp6dkhXWDM1OUEzQ3ZmSm5DWWFBaUFkZSIsInN1YiI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlL2NyZWRlbnRpYWxzL3N0YXR1c2VzLzUiLCJpYXQiOiIyMDIyLTA4LTA0VDEwOjAxOjAwWiIsIm5iZiI6IjIwMjItMDgtMDRUMTE6MDA6MDBaIiwianRpIjoidXJuOnV1aWQ6MDAzYTFkZDgtYTVkMi00MmVmLTgxODItZTkyMWMwYTlmMmNkIiwidmMiOnsiQGNvbnRleHQiOlsiaHR0cHM6Ly93d3cudzMub3JnLzIwMTgvY3JlZGVudGlhbHMvdjEiXSwiaWQiOiJ1cm46dXVpZDowMDNhMWRkOC1hNWQyLTQyZWYtODE4Mi1lOTIxYzBhOWYyY2QiLCJ0eXBlIjpbIlZlcmlmaWFibGVDcmVkZW50aWFsIiwiVmVyaWZpYWJsZUF0dGVzdGF0aW9uIiwiU3RhdHVzTGlzdDIwMjFDcmVkZW50aWFsIl0sImlzc3VlciI6ImRpZDplYnNpOnp2SFdYMzU5QTNDdmZKbkNZYUFpQWRlIiwiaXNzdWFuY2VEYXRlIjoiMjAyMi0wOC0wNFQxMDowMTowMFoiLCJ2YWxpZEZyb20iOiIyMDIyLTA4LTA0VDExOjAwOjAwWiIsImV4cGlyYXRpb25EYXRlIjoiMjAyNi0wOC0wNFQxMTowMDowMFoiLCJpc3N1ZWQiOiIyMDIyLTA4LTA0VDEwOjAxOjAwWiIsImNyZWRlbnRpYWxTdWJqZWN0Ijp7ImlkIjoiZGlkOmVic2k6enZIV1gzNTlBM0N2ZkpuQ1lhQWlBZGUvY3JlZGVudGlhbHMvc3RhdHVzZXMvNSIsInR5cGUiOiJTdGF0dXNMaXN0MjAyMSIsInN0YXR1c1B1cnBvc2UiOiJyZXZvY2F0aW9uIiwiZW5jb2RlZExpc3QiOiJINHNJQUFBQUFBQUFFKzNCTVFFQUFBRENvUFZQYlF3Zm9BQUFBQUFBQUFBQUFBQUFBQUFBQUlDM0FZYlNWS3NBUUFBQSJ9LCJjcmVkZW50aWFsU2NoZW1hIjp7ImlkIjoiaHR0cHM6Ly9hcGkucHJlcHJvZC5lYnNpLmV1L3RydXN0ZWQtc2NoZW1hcy1yZWdpc3RyeS92MS9zY2hlbWFzLzB4NjQzOTZhZDQ5MzgwODYxM2Y1ZmYwOWFkMTM3ZWVhYTQ1YzI2MTQ2Zjk4NmI1MjYxNzliNTRjZDg5NGIzNTg3ZSIsInR5cGUiOiJGdWxsSnNvblNjaGVtYVZhbGlkYXRvcjIwMjEifX19.ihdnrq_yIbEnPOLW8C5L_rsvAZchK8z7bqNvVEcy4qQlnXui_1D7b1lQt2d6fDbJd_ZVVU5UgAnq1Nhbzh0OHw

CRLBloomFilter2023 and DynamicSLBLoomFilter2023

PropertyCRLDynamic SL
idId property that defines the credential status identity. Can be the same as the credential URL used in the corresponding Entry.Id property that defines the credential status identity. Can be the same as the credential URL used in the corresponding Entry.
typeMUST contain "CRLBloomFilter2023"MUST contain "DynamicSLBloomFilter2023"
validFromAs in Verifiable AttestationMUST define the beginning of the associated duration
validUntilAs in Verifiable AttestationMUST define the end of the associated duration
credentialSubject.purposeMUST be revocation or suspensionMust be revocation or suspension
credentialSubject.contentFirst, GZIP-compressed, then base64 encoded values of a Bloom Filter.First, GZIP-compressed, then base64 encoded values of a Bloom Filter.
DynamicSLBloomFilter2023 – Non-normative example
{
"@context": ["https://www.w3.org/2018/credentials/v1"],
"id": "https://api.preprod.ebsi.eu/trusted-issuers-registry/v3/issuers/did:ebsi:zyrMG8T9xYbNoSwyQa4SGMJ/proxies/6cc5fcc621d8098977d378ec7bf63f9ad0b204d56bb604f75bc9290e7033ac84/credentials/status/5",
"type": [
"VerifiableCredential",
"VerifiableAttestation",
"DynamicSLBloomFilter2023"
],
"issuer": "did:ebsi:zvHWX359A3CvfJnCYaAiAde",
"issuanceDate": "2022-08-04T10:01:00Z",
"validFrom": "2022-08-04T11:00:00Z",
"expirationDate": "2026-08-04T11:00:00Z",
"issued": "2022-08-04T10:01:00Z",
"credentialSubject": {
"id": "https://api.preprod.ebsi.eu/trusted-issuers-registry/v3/issuers/did:ebsi:zyrMG8T9xYbNoSwyQa4SGMJ/proxies/6cc5fcc621d8098977d378ec7bf63f9ad0b204d56bb604f75bc9290e7033ac84/credentials/status/5#list",
"purpose": "revocation",
"content": "H4sIAAAAAAAAE+3B....SVKsAQAAA"
},
"credentialSchema": {
"id": "https://api.preprod.ebsi.eu/trusted-schemas-registry/v1/schemas/0x64396ad493808613f5ff09ad137eeaa45c26146f986b526179b54cd894b3587e",
"type": "FullJsonSchemaValidator2021"
}
}

CRLPlain2023

AttributeDescription
idId property that defines the credential status identity. Can be the same as the credential URL used in the corresponding Entry.
typeMUST contain "CRLPlain2023"
validFromThe validity of the VC
validUntilThe validity of the VC
credentialSubject.purposeMUST be revocation or suspension.
credentialSubject.contentFirst GZIP-compressed, then base64 encoded values of a bitstring

CredentialStatusSecret

The Credential Status Secret carries a secret, which the issuer shares with the Holder, who transforms it into a token. DynamicSLBloomFilter2023 strategy uses the secret as a seed.

PropertyCredentialStatusSecret
idA unique identifier for this VC
typeMUST contain “CredentialStatusSecret”
validFromDate and time from which the VC is valid. It is used to compute the starting period of the validity of the secret
credentialSubject.idMUST match the ID property of the associated Verifiable Credential
credentialSubject.secretMUST be a base64 encoded seed secret used to compute the time-based password token. This must not be shared with anyone and decoded before use.
credentialSubject.durationDuration the token is valid at maximum, used in the algorithm to calculate new tokens.

Default is 3600 (1 hour)
CredentialStatusSecret - Non-normative example
{
"@context": ["https://www.w3.org/2018/credentials/v1"],
"id": "urn:uuid:012a1dd8-a5d2-42ef-8182-e921c0a9e5DA",
"type": [
"VerifiableCredential",
"VerifiableAttestation",
"CredentialStatusSecret"
],
"issuer": "did:ebsi:00001234",
"issuanceDate": "2021-11-01T00:00:00Z",
"validFrom": "2021-11-01T00:00:00Z",
"validUntil": "2050-11-01T00:00:00Z",
"expirationDate": "2050-11-01T00:00:00Z",
"issued": "2020-06-22T14:11:44Z",
"credentialSubject": {
"id": "urn:uuid:003a1dd8-a5d2-42ef-8182-e921c0a9e5av",
"secret": "MzBjMmNiNDhkMzYzZGI4ZGZjY2Q3ZmI4MjhlYTNkNzczZDJmNGU4OGU4MjZhMTQ2MmQ5ZTE1MDJjOWMyODU4NQ====",
"duration": 3600
},
"credentialSchema": {
"id": "https://api-test.ebsi.eu/trusted-schemas-registry/v2/schemas/<schema id>",
"type": "FullJsonSchemaValidator2021"
}
}

CredentialStatusToken

Credential Status Tokens are used to carry the token generated by the holders. The Holder self-signs and shares the VC with the Verifier.

PropertyCredentialStatusToken
idRandom unique identifier for this VC
typeMUST contain "CredentialStatusToken"
validFromMUST define the beginning of the secret validity period
validUntilMUST define the end of the secret validity period
credentialSubject.idMUST match the ID property of the Verifiable Credential the status is meant for
credentialSubject.tokenMUST be a base64 encoded token valid at the time of issuance (iat) – the secret is computed at the time specified in the validFrom property
CredentialStatusToken - Non-normative example
{
"@context": ["https://www.w3.org/2018/credentials/v1"],
"id": "urn:uuid:004a1dd8-a5d2-42ef-8182-e921c0a9e5FA",
"type": [
"VerifiableCredential",
"VerifiableAttestation",
"CredentialStatusToken"
],
"issuer": "did:ebsi:00001234",
"issuanceDate": "2021-11-01T00:00:00Z",
"validFrom": "2021-11-01T00:00:00Z",
"validUntil": "2050-11-01T00:00:00Z",
"expirationDate": "2050-11-01T00:00:00Z",
"issued": "2020-06-22T14:11:44Z",
"credentialSubject": {
"id": "urn:uuid:003a1dd8-a5d2-42ef-8182-e921c0a9e5av",
"token": "YWQ5MmE1YmZmYTgxZTVlYjljYmUwODBkMDMxMDMyYzQ0ZjZiYmJmNDg1NDY4ZTQyMWJiNTkzNzY3NmU2MTM4OA=="
},
"credentialSchema": {
"id": "https://api-test.ebsi.eu/trusted-schemas-registry/v2/schemas/<schema id>",
"type": "FullJsonSchemaValidator2021"
}
}

OneTimeStatus2023

One Time Status 2023 is used to carry time ranged status information for another VC. Issuer's issue this through normal VCI processes, on request of a holder. The credential validity duration must not be greater than the expected revocation reaction time. The OneTimeStatus2023 issuer should equal to the referred Verifiable Credential issuer.

PropertyOneTimeStatus2023
idRandom unique identifier for this VC
typeMUST contain "OneTimeStatus2023"
validFromThe validity of the VC
validUntilThe validity of the VC, Duration between validFrom and validUntil should not be greater than revocation reaction time.
credentialSubject.idMUST match the ID property of the Verifiable Credential the status is meant for
credentialSubject.isActiveJSON Boolean for the binary status, where "false" equals to revoked or suspended
CredentialStatusToken - Non-normative example
{
"@context": ["https://www.w3.org/2018/credentials/v1"],
"id": "urn:uuid:004a1dd8-a5d2-42ef-8182-e921c0a9e5FA",
"type": [
"VerifiableCredential",
"VerifiableAttestation",
"OneTimeStatus2023"
],
"issuer": "did:ebsi:00001234",
"validFrom": "2021-11-01T00:00:00Z",
"validUntil": "2050-11-01T00:00:00Z",
"credentialSubject": {
"id": "urn:uuid:003a1dd8-a5d2-42ef-8182-e921c0a9e5av",
"isActive": true
},
"credentialSchema": {
"id": "https://api-test.ebsi.eu/trusted-schemas-registry/v2/schemas/<schema id>",
"type": "FullJsonSchemaValidator2021"
}
}