Verifiable Credentials (VCs) represent a paradigm shift in how we manage and verify digital identity and claims. Based on the W3C VC specification, they provide a standardized way to express credentials on the web in a way that is cryptographically secure, privacy-respecting, and machine-verifiable.
Key concepts:
- Issuer: The entity that creates and signs the credential (e.g., university, government, company)
- Holder: The entity that possesses the credential (e.g., student, citizen, employee)
- Verifier: The entity that validates the credential's authenticity
- Claims: The assertions made about the subject (e.g., degree, license, certification)
This project brings Verifiable Credentials to the blockchain, combining W3C standards with Ethereum's robust infrastructure:
- Decentralized Trust: No central authority needed - trust is established through cryptographic proofs
- Immutable Records: Credential metadata stored on-chain ensures tamper-proof verification
- Privacy-Preserving: Actual credential data can be stored off-chain, with only hashes on-chain
- Interoperable: Works across multiple blockchain networks (Ethereum, Polygon, BNB, ETC)
Our implementation leverages several key technologies:
- EIP-712 Signatures: Structured data signing that's both human-readable and machine-verifiable
- Zero-Copy Serialization: Efficient data encoding that minimizes gas costs
- Modular Contracts: Each credential type is a separate contract, allowing for specialized logic
- W3C Compliance: Full adherence to VC Data Model for maximum compatibility
- Digital Identity (NebuIA): KYC/AML compliance, identity verification
- Educational Credentials (AlumniOf): Degrees, certificates, transcripts
- Document Notarization (DocumentMultiSign): Multi-party agreements, contracts
- Intellectual Property (IPPBlock): Patents, trademarks, copyrights with transfer mechanisms
Traditional credential systems suffer from:
- Centralized points of failure
- Difficulty in verification across borders/systems
- Susceptibility to forgery
- Lack of user control over their data
Our blockchain solution provides:
- Global Accessibility: Verify credentials from anywhere in the world
- User Sovereignty: Users control their own credentials
- Instant Verification: No need to contact issuing institutions
- Cost Efficiency: Reduced administrative overhead
- Fraud Prevention: Cryptographic guarantees against tampering
- W3C Compliant: Full implementation of Verifiable Credentials specification
- EIP-712 Signatures: Secure, structured data signing with domain separation
- Modular Architecture: Easy to extend with custom credential types
- Gas Optimized: Using Zero-Copy serialization for efficient on-chain storage
- Multi-Chain Support: Deploy on Ethereum, Polygon, BNB Chain, and Ethereum Classic
- Privacy by Design: Flexible data storage (on-chain hashes, off-chain data)
- Cryptographic Proofs: Every credential is cryptographically signed by the issuer
- Domain Separation: Prevents signature replay attacks across different contracts
- Role-Based Access: Owner-only functions for sensitive operations
- Revocation Support: Issuers can revoke credentials when needed
- Expiration Management: Built-in support for time-bound credentials
- Hardhat Integration: Modern development environment with hot reloading
- Comprehensive Testing: Full test coverage with gas optimization reports
- TypeScript Support: Type-safe interactions with contracts
- Deployment Scripts: Ready-to-use scripts for all supported networks
- Clear Documentation: Extensive examples and API documentation
-
NebuIA (Digital Identity)
- Email, phone, address verification
- Document validation
- Biometric attestations
-
AlumniOf (Educational)
- University degrees
- Course completions
- Academic achievements
-
DocumentMultiSign
- Multi-party signatures
- Document notarization
- Contract agreements
-
IPPBlock (Intellectual Property)
- Patent registration
- Trademark management
- Copyright tracking
- Transfer workflows
- Expiration monitoring
verifiable_credential_WEB3/
├── contracts/
│ ├── EIP/ # EIP-712 interfaces
│ │ └── IEIP712.sol # Standard interfaces for credentials
│ ├── libs/ # Zero-Copy serialization libraries
│ │ ├── ZeroCopySource.sol # Efficient deserialization
│ │ └── ZeroCopySink.sol # Efficient serialization
│ ├── utils/ # Utility contracts
│ │ └── Ownable.sol # Access control
│ ├── sample/ # Sample credential implementations
│ │ ├── AlumniOf.sol # Educational credentials
│ │ ├── DocumentMultiSign.sol # Multi-signature documents
│ │ ├── NebuIA.sol # Identity verification
│ │ └── IntellectualProperty.sol # IP rights management
│ └── VC.sol # Main Verifiable Credentials manager
├── test/ # Comprehensive test suites
├── scripts/ # Deployment and utility scripts
├── deployments/ # Deployment artifacts (auto-generated)
└── hardhat.config.js # Network and compiler configuration
graph TD
VC[VC.sol - Credential Manager] --> IEIP[IEIP712 Interface]
IEIP --> NebuIA[NebuIA.sol]
IEIP --> Alumni[AlumniOf.sol]
IEIP --> DocSign[DocumentMultiSign.sol]
IEIP --> IPBlock[IntellectualProperty.sol]
VC --> Store[Credential Storage]
VC --> Verify[Verification Logic]
Store --> User1[User Wallets]
Verify --> Verifier[External Verifiers]
-
Credential Creation:
- Issuer prepares credential data
- Data is signed using EIP-712
- Credential is serialized using Zero-Copy
- VC.sol stores the credential on-chain
-
Credential Verification:
- Verifier requests credential from holder
- VC.sol validates signature and expiration
- Credential data is deserialized
- Result returned to verifier
-
Credential Management:
- Issuers can revoke credentials
- Holders can present credentials
- Automatic expiration checking
- Transfer requests (for IP credentials)
- Solidity ^0.8.20: Smart contract language
- Hardhat: Development environment
- Ethers.js v6: Ethereum library
- EIP-712: Typed structured data hashing and signing
- Zero-Copy Serialization: Efficient data encoding/decoding
# Clone the repository
git clone https://github.com/your-repo/verifiable_credential_WEB3.git
cd verifiable_credential_WEB3
# Install dependencies
npm install
# Create environment file
cp .env.example .env
# Edit .env with your configuration
# IMPORTANT: Add your RPC URLs for the networks you plan to useCreate a .env file in the root directory (copy from .env.example):
# Private key for deployment and testing
PRIVATE_KEY=0x... # Your private key (with 0x prefix)
# Network RPC URLs
SEPOLIA_RPC_URL=https://sepolia.infura.io/v3/YOUR-PROJECT-ID
MUMBAI_RPC_URL=https://polygon-mumbai.infura.io/v3/YOUR-PROJECT-ID
POLYGON_RPC_URL=https://polygon-rpc.com
MAINNET_RPC_URL=https://mainnet.infura.io/v3/YOUR-PROJECT-ID
# Block explorer API keys (for contract verification)
ETHERSCAN_API_KEY=YOUR-ETHERSCAN-API-KEY
POLYGONSCAN_API_KEY=YOUR-POLYGONSCAN-API-KEYAvailable networks in hardhat.config.js:
Local Networks:
hardhat- Local development network
Mainnets:
ethereum- Ethereum Mainnet (Chain ID: 1)ethereumClassic- Ethereum Classic (Chain ID: 61)bnb- BNB Smart Chain (Chain ID: 56)polygon- Polygon (Chain ID: 137)
Testnets:
ethereumSepolia- Ethereum Sepolia (Chain ID: 11155111)ethereumClassicMordor- ETC Mordor (Chain ID: 63)bnbTestnet- BNB Testnet (Chain ID: 97)polygonMumbai- Polygon Mumbai (Chain ID: 80001)
The project uses a custom Hardhat configuration optimized for complex contracts:
module.exports = {
solidity: {
version: "0.8.20",
settings: {
optimizer: {
enabled: true,
runs: 100,
},
viaIR: true, // IMPORTANT: Enables IR-based compilation to avoid stack too deep errors
},
},
networks: {
hardhat: {
chainId: 1337,
accounts: [
{
privateKey: "0x027c30c1fc5d27479a934406c74d971636ac93df159a8553dc5875068bfee3d4",
balance: "10000000000000000000000"
}
]
},
// Additional networks: sepolia, mumbai, polygon, mainnet
}
};# Clean previous builds
npx hardhat clean
# Compile all contracts
npx hardhat compile
# Force recompilation
npx hardhat compile --force- Uses Solidity 0.8.20 with optimizer enabled
viaIR: trueprevents "stack too deep" errors for complex contracts- Artifacts are generated in
./artifactsdirectory
# Run all tests
npx hardhat test
# Run specific test suite
npx hardhat test test/IPPBlock.test.js
# Run tests with gas reporting
REPORT_GAS=true npx hardhat test
# Run tests with coverage
npx hardhat coverage
# Run tests on a specific network
npx hardhat test --network sepoliatest/IPPBlock.test.js- Intellectual Property credential teststest/nebuia.js- NebuIA identity credential tests- Additional test files for other credential types
# Start local Hardhat node
npx hardhat node
# In another terminal, deploy to local network
npx hardhat run scripts/deploy-ippblock.js --network localhost# Deploy to Ethereum Sepolia
npx hardhat run scripts/deploy-ippblock.js --network ethereumSepolia
# Deploy to Polygon Mumbai
npx hardhat run scripts/deploy-ippblock.js --network polygonMumbai
# Deploy to BNB Testnet
npx hardhat run scripts/deploy-ippblock.js --network bnbTestnet
# Deploy to Ethereum Classic Mordor
npx hardhat run scripts/deploy-ippblock.js --network ethereumClassicMordor# Deploy to Ethereum (use with caution!)
npx hardhat run scripts/deploy-ippblock.js --network ethereum
# Deploy to Polygon
npx hardhat run scripts/deploy-ippblock.js --network polygon
# Deploy to BNB Smart Chain
npx hardhat run scripts/deploy-ippblock.js --network bnb
# Deploy to Ethereum Classic
npx hardhat run scripts/deploy-ippblock.js --network ethereumClassic-
deploy-ippblock.js- Deploys only IPPBlock and NebuVC contractsnpx hardhat run scripts/deploy-ippblock.js --network <network>
-
deploy-all.js- Deploys all contracts (NebuVC, NebuIA, AlumniOf, DocumentMultiSign, IPPBlock)npx hardhat run scripts/deploy-all.js --network <network>
After deployment, the scripts will:
- Display all deployed contract addresses
- Save deployment data to
./deployments/<network>-deployment.json - Test basic functionality of deployed contracts
After deployment, verify contracts on Etherscan:
# Verify IPPBlockVC
npx hardhat verify --network sepolia <IPPBLOCK_ADDRESS> \
"https://ippblock.io/issuers/001" \
'["https://www.w3.org/2018/credentials/v1","https://ippblock.io/credentials/v1"]' \
"https://ippblock.io/credentials/ip/1" \
'["VerifiableCredential","IntellectualPropertyCredential"]' \
"https://ippblock.io/issuers/001#key-1" \
'{"id":"https://ippblock.io/schemas/intellectual-property.json","typeSchema":"JsonSchemaValidator2018"}' \
"QmIPPBlockLogoHash123456789"
# Verify NebuVC (no constructor arguments)
npx hardhat verify --network sepolia <NEBUVC_ADDRESS>- Creates and stores verifiable credentials
- Verifies signatures and credentials
- Manages credential lifecycle (issuance, revocation)
- Supports multiple credential types
- Personal identity verification
- Multiple verification methods (email, phone, address, document, biometric)
- University affiliations
- Subject certifications
- Document hash verification
- Multiple signatories support
- Complete IP lifecycle management
- Transfer requests and approvals
- Expiration tracking
- Multiple IP types (Patent, Trademark, Copyright, Trade Secret, Industrial Design)
# Development
npx hardhat clean # Clean artifacts
npx hardhat compile # Compile contracts
npx hardhat test # Run tests
npx hardhat node # Start local node
npx hardhat console # Interactive console
npx hardhat help # Show all commands
# Deployment
npx hardhat run scripts/deploy-ippblock.js --network hardhat
npx hardhat run scripts/deploy-all.js --network sepolia
# Verification
npx hardhat verify --network sepolia <ADDRESS> <CONSTRUCTOR_ARGS>
# Gas analysis
npx hardhat test --gas
REPORT_GAS=true npx hardhat test
# Security
npm audit # Check dependencies
npx hardhat check # Run security checksIf you encounter "Stack too deep" errors:
- Ensure
viaIR: trueis set in hardhat.config.js - Use Solidity 0.8.20 or higher
- Consider breaking complex functions into smaller ones
- The project uses Zero-Copy serialization for efficient storage
- Optimizer is enabled with 100 runs
- Monitor gas usage with
REPORT_GAS=true
- Never commit
.envfiles - Always use environment variables for sensitive data
- Test thoroughly on testnets before mainnet deployment
- Verify contracts after deployment
- Create your credential contract inheriting from IEIP721:
contract MyCredential is IEIP721, IEIP721Metadata, Ownable {
// Define your credential structure
struct MyData {
string field1;
uint256 field2;
// ...
}
// Implement required functions
// - hash()
// - verify()
// - serialize/deserialize
}- Deploy and integrate with VC.sol
- Create tests for your credential type
- All credentials use EIP-712 for secure signing
- Domain separation prevents replay attacks
- Owner-only functions for sensitive operations
- Signature verification on all credential operations
- W3C Verifiable Credentials Data Model
- EIP-712: Typed structured data hashing and signing
- EIP-1812: Reusable Verifiable Claims
# 1. Install dependencies
npm install
# 2. Configure environment
cp .env.example .env
# Edit .env with your private key
# 3. Compile contracts
npx hardhat compile
# 4. Run tests
npx hardhat test test/IPPBlock.test.js
# 5. Deploy locally
npx hardhat run scripts/deploy-ippblock.js --network hardhat
# 6. Deploy to testnet (choose one)
npx hardhat run scripts/deploy-ippblock.js --network ethereumSepolia
# or
npx hardhat run scripts/deploy-ippblock.js --network polygonMumbai
# or
npx hardhat run scripts/deploy-ippblock.js --network bnbTestnetIPPBlock is a specialized implementation of Verifiable Credentials for managing Intellectual Property rights on blockchain. It provides a complete framework for registering, transferring, and verifying IP ownership with built-in expiration and transfer request mechanisms.
- Multiple IP Types: Patents, Trademarks, Copyrights, Trade Secrets, Industrial Designs
- Transfer Management: Request and approval system for IP transfers
- Expiration Tracking: Automatic expiration date management
- Ownership History: Complete trail of previous owners
- Multi-category Support: Flexible categorization system
- Document Hash: Cryptographic proof of IP documentation
struct IntellectualProperty {
string id; // Unique identifier
string title; // IP title
string description; // Detailed description
IPType ipType; // Type of IP
address owner; // Current owner
address[] previousOwners; // Ownership history
string country; // Country of registration
uint256 registrationDate; // Registration timestamp
uint256 expirationDate; // Expiration timestamp
IPStatus status; // Current status
string registrationNumber; // Official registration number
string[] categories; // IP categories
string certifyingEntity; // Certifying organization (IPPBlock)
TransferRequest transferRequest; // Pending transfer details
string documentHash; // IPFS or document hash
}const IPPBlockVC = await ethers.getContractFactory("IPPBlockVC");
const ippBlockVC = await IPPBlockVC.deploy(
"https://ippblock.io/issuers/001", // issuer
["https://www.w3.org/2018/credentials/v1"], // context
"https://ippblock.io/credentials/ip/1", // id
["VerifiableCredential", "IntellectualPropertyCredential"], // types
"https://ippblock.io/issuers/001#key-1", // verification method
{
id: "https://ippblock.io/schemas/ip.json",
typeSchema: "JsonSchemaValidator2018"
},
"QmIPPBlockLogoHash" // logo hash
);// Prepare IP data
const ipData = {
id: "IP-2024-001",
title: "Innovative Blockchain Authentication System",
description: "A novel method for decentralized identity verification",
ipType: 0, // Patent
owner: ownerAddress,
previousOwners: [],
country: "Mexico",
registrationDate: Math.floor(Date.now() / 1000),
expirationDate: Math.floor(Date.now() / 1000) + (365 * 24 * 60 * 60), // 1 year
status: 0, // Active
registrationNumber: "MX-PAT-2024-001234",
categories: ["Blockchain", "Security", "Authentication"],
certifyingEntity: "IPPBlock",
transferRequest: {
from: ethers.ZeroAddress,
to: ethers.ZeroAddress,
requestDate: 0,
approved: false,
reason: ""
},
documentHash: "QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG"
};
// Sign the data using EIP-712
const domain = {
name: "IPPBlock Intellectual Property",
version: "1",
chainId: 1,
verifyingContract: "0xCcCCccccCCCCcCCCCCCcCcCccCcCCCcCcccccccC"
};
const types = {
TransferRequest: [
{ name: 'from', type: 'address' },
{ name: 'to', type: 'address' },
{ name: 'requestDate', type: 'uint256' },
{ name: 'approved', type: 'bool' },
{ name: 'reason', type: 'string' },
],
IntellectualProperty: [
{ name: 'id', type: 'string' },
{ name: 'title', type: 'string' },
{ name: 'description', type: 'string' },
{ name: 'ipType', type: 'uint8' },
{ name: 'owner', type: 'address' },
{ name: 'previousOwners', type: 'address[]' },
{ name: 'country', type: 'string' },
{ name: 'registrationDate', type: 'uint256' },
{ name: 'expirationDate', type: 'uint256' },
{ name: 'status', type: 'uint8' },
{ name: 'registrationNumber', type: 'string' },
{ name: 'categories', type: 'string[]' },
{ name: 'certifyingEntity', type: 'string' },
{ name: 'transferRequest', type: 'TransferRequest' },
{ name: 'documentHash', type: 'string' },
]
};
const signature = await signer.signTypedData(domain, types, ipData);
// Serialize the IP data
const encodedIP = await ippBlockVC.serializeIP(ipData);
// Create the verifiable credential
await nebuVC.createVC(
ippBlockVC.address,
ipOwnerAddress,
encodedIP,
signature,
expirationTimestamp
);// Current owner requests transfer
await ippBlockVC.requestTransfer(
"IP-2024-001",
currentOwnerAddress,
newOwnerAddress,
"Selling IP rights to partner company"
);
// IPPBlock admin approves transfer
await ippBlockVC.approveTransfer("IP-2024-001");// Verify credential validity
const isValid = await nebuVC.verifyByOwner(credentialIndex);
// Check if IP is expired
const isExpired = await ippBlockVC.isExpired(ipData);
// Get remaining validity time
const remainingTime = await ippBlockVC.getRemainingValidity(ipData);The project includes comprehensive tests for the IPPBlock implementation:
# Run IPPBlock tests
npx hardhat test test/IPPBlock.test.jsTest coverage includes:
- ✅ Contract deployment and initialization
- ✅ EIP-712 signature verification
- ✅ IP credential creation and storage
- ✅ Serialization and deserialization
- ✅ Transfer request workflow
- ✅ Expiration checking
- ✅ Access control
IPPBlock is fully compatible with the NebuVC verifiable credentials system:
- Signature Verification: Uses standard EIP-712 domain separation
- Serialization: Zero-Copy serialization for efficient storage
- Credential Management: Standard VC lifecycle (create, verify, revoke)
- Interoperability: Works alongside other credential types
The contract uses several optimization techniques:
viaIR: truecompilation for better optimization- Efficient serialization with Zero-Copy libraries
- Structured storage patterns
- Minimal external calls
- Bulk IP registration
- Royalty distribution system
- IP licensing framework
- Cross-chain IP verification
- Integration with IPFS for document storage
- Fork the repository
- Create your feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
- Follow Solidity style guide
- Add tests for new features
- Update documentation
- Ensure all tests pass before PR
This project is licensed under the MIT License - see the LICENSE file for details.
- NebuIA Team - Initial implementation
- IPPBlock Team - Intellectual Property extension
- W3C Credentials Community Group
- Ethereum Foundation
- OpenZeppelin for contract standards
- Hardhat development team
- Documentation: W3C VC Spec
- Issues: GitHub Issues
- Community: Join our Discord/Telegram
-
"Stack too deep" error
- Solution: Ensure
viaIR: truein hardhat.config.js - Use Solidity 0.8.20+
- Solution: Ensure
-
"Contract size exceeds limit"
- Solution: Enable optimizer with lower runs
- Split contract into smaller components
-
"Signature verification failed"
- Check domain parameters match exactly
- Ensure correct chainId and verifyingContract
-
"Module not found" errors
- Run
npm install - Delete node_modules and reinstall
- Run
If you encounter issues:
- Check existing issues on GitHub
- Review test files for examples
- Consult the documentation
- Open a new issue with details