NEW
Report & API Now Live! Data insights report and open data API endpoints live as of September 23, 2025

AnonCreds Specification

type
Standard
Documentation

Description

Description
Source

AnonCreds is a privacy-preserving verifiable credential specification that enables the issuance and presentation of credentials with strong privacy guarantees. It implements a complete "Trust Triangle" model involving issuers, holders, and verifiers.

The specification's key privacy-preserving capabilities include:

  • Zero-Knowledge Proofs (ZKPs) to prevent correlation across interactions
  • Selective disclosure of credential attributes
  • Predicate proofs for numeric claims without revealing values
  • Blind signatures during issuance to enhance holder privacy
  • Revocation support without revealing correlatable identifiers

Core technical features:

  • Uses CL-Signatures (Camenisch-Lysyanskaya) as the underlying cryptographic scheme
  • Implements a link secret mechanism for credential binding
  • Supports revocation through cryptographic accumulators
  • Enables predicate proofs for numeric attributes
  • Provides selective disclosure of credential attributes

The protocol involves three main data flows:

  1. Setup Flow:

    • Schema publication by Schema Publisher
    • Credential Definition creation by Issuer
    • Link secret generation by Holder
  2. Issuance Flow:

    • Credential offer from Issuer to Holder
    • Credential request with blinded link secret
    • Credential issuance with signature
  3. Presentation Flow:

    • Presentation request from Verifier
    • Proof generation by Holder
    • Verification by Verifier

Key Technical Specifications:

  • Uses RSA cryptography with 2048-bit keys
  • Implements CL-Signatures for credential signatures
  • Employs BN254 elliptic curve for revocation
  • Uses SHA-256 for hashing operations
  • Requires secure storage of private keys and link secrets

Implementation Requirements:

  • Support for large number arithmetic
  • Cryptographic accumulator operations
  • Zero-knowledge proof generation and verification
  • Secure key and secret management
  • Revocation registry handling

Security Considerations:

  • Protection of issuer private keys
  • Secure storage of holder link secrets
  • Prevention of correlation through identifiers
  • Mitigation of replay attacks
  • Protection against key compromise

Interoperability Features:

  • W3C Verifiable Credentials data model compatibility
  • Support for multiple VDR implementations
  • Standardized encoding rules for attributes
  • Common revocation mechanism
  • Unified proof format

The specification is widely adopted in self-sovereign identity implementations and continues to evolve through community-driven development.

Statistics

Projects Following
Source
6

Under Management at

Projects Following or working on this Standard

If you are featured in the Web of Trust Map and wish to exercise your GDPR rights, including the right to be forgotten, visit the privacy policy page