/ bloom news

Bloom Migrates to Verifiable Credentials

Verifiable Credentials help you build solutions that empower customers to manage their own data.

Sunsetting the Attestation Protocol.

Bloom has been at the forefront of decentralized identity development since 2017. Back then, there were no existing Decentralized Identity standards or specifications to guide the engineering efforts. Bloom created from scratch a proprietary attestation protocol and developer tooling around it. The attestation core protocol was built using Whisper and Ethereum with its main features being requesting, issuing and sharing attestations.

On November 19th, 2019 the Word Wide Web Consortium (W3C) published the Verifiable Credential (VC) open standard. The new W3C-VC specification became the accepted standard for building VC based applications and tools.

To transition fully to the W3C VC standard, Bloom decided to deprecate the proprietary attestation format and adopt the new open VC standard. The transition will fulfill the vision of giving Bloom users complete, secure control of their private data, while allowing interoperability with the rest of the VC ecosystem.

What are Verifiable Credentials?


What is a credential?!

A set of one or more claims made by an issuer. A verifiable credential is a tamper-evident credential that has authorship that can be cryptographically verified.

https://www.w3.org/TR/vc-data-model/#ecosystem-overview


We use various types of IDs daily. Whether it's to drive a car, apply for a job, or enter a secure building we need an ID card, a diploma or a secure badge. Today it is difficult to express education, healthcare data, bank account details, and other types of third-party personal information on the Web. The complexity of defining digital credentials on the Web makes it difficult to receive the same benefits that physical documents provide us in the physical world.

The Verifiable Credentials open standard is a data model that describes how we could handle these types of interactions using the internet privately and securely. The addition of technologies, such as digital signatures, makes verifiable credentials more tamper-evident and more trustworthy than their physical counterparts.

How Verifiable Credentials work?

There are three main roles involved in a verifiable credential interaction:

Issuer. A role that is responsible for asserting claims about a subject, creating a verifiable credential based on these claims, and sending the credential to the holder.

Holder. An entity that acquires, possesses or presents a verifiable credential. Example holders include students, employees, and customers.

Verifier. A role that is responsible for receiving one or more verifiable credentials for processing. Example verifiers include employers, security personnel, and websites.

The figure below provides an example verifiable credential ecosystem. As seen in the diagram, the holder of a verifiable credential sits at the center of a triangle of trust, mediating between the issuer and the verifier:

  • The Issuer trusts the Holder
  • The Holder trusts the Verifier
  • The Verifier trusts the Issuer

Any role in the triangle can be played by a person, an institution, a device, or a smart contract.

Note that anyone can create verifiable credentials, the person or entity verifying the credential decides if they trust the entity that issued it. For example, imagine an American university accepting an International student based on her local high-school diploma.

What's Next?

The Bloom team is excited about the recent developments in the Decentralized Identity space, especially when it comes to universal Verifiable Credentials. Since publishing the open standard by W3C, Bloom has been working with the Decentralized Identity Foundation (DIF) and authored one of the first Verifiable Credentials wallet protocols, called WACI. The code was made open-source and donated to the DIF.

As the Bloom mobile app and its associated services fully migrate to Verifiable Credentials open standard, the users will be prompted to re-claim their credentials. Once your Verifiable Credentials have been claimed, you can sit back and be proud of the fact that you are a part of the Decentralized Identity movement.

Bloom is excited to have you on board!