Our latest feature, private delegation, allows credential issuers to delegate to other entities the ability to issue verifiable credentials.
We are excited to be making Dock’s credentials delegatable, as we expect this feature to serve many use cases across different industries. For example, a government may want to allow private test centers to manage issuance of certain licenses on its behalf. Or a professional organization may delegate the credentialing authority to online learning platforms, so that the members who complete courses on the platforms can receive verifiable credentials that are officially recognized by the organization.
This release leverages Dock’s claim deduction feature from Q4 2020, which is showcased in our biometrics demo.
How It Works
Let’s take the first example mentioned above, and imagine that a government would like to delegate to a private testing center, so that the latter can issue professional licenses to the individuals who qualify. In this case, using Dock’s latest feature, the government simply issues a verifiable credential to the testing center. The credential states that the testing center may issue credentials on the government’s behalf.
When the testing center issues licenses to the individuals who qualify, these verifiable credentials would now be bundled with the credential that the government has issued to the testing center earlier.
Now, let’s say that an individual has obtained a license from the testing center. When she needs to prove to others that she indeed holds this credential, she would need to present her license to a verifier. When she does this, the verifier is presented with the bundle containing both the verifiable credential and the testing center’s delegation credential. Then the verifier uses Dock’s claim deduction feature to analyze the proof, and determine that the testing center has been authorized to issue the credential on behalf of the government.
Further technical description of the private delegation feature can be found in our concept document and tutorial. And our open-source code can, as always, be found on Dock’s GitHub.
Limitations and Next Steps
The current release is only the first version of our delegatable credentials feature, and has some limitations: it supports full delegation of credential issuing and sub-delegating rights, without an option to granularly specify what kind of statements the delegatee is allowed to make within the credentials they issue (for example, allow the delegatee to issue only the credentials that certify one’s ability to work as a plumber). The current version also requires the credential holder to store and present the proof of delegation as part of their verifiable credential, without a way for the delegator to publish the delegation and allow it to be freely viewed by others.
In the upcoming months, we will release further features to support more nuanced delegation, as well as public attestation for delegations. We will continue to work diligently on delivering these updates, and keep the community posted as always. Stay tuned!