Development of Soul-bound Credentials System
Soul-bound credentials — verifiable credentials implemented through non-transferable tokens (SBT). Combine cryptographic verifiability of VC with on-chain permanence and composability. Protocol developers can verify credentials on-chain in smart contracts — what regular VCs don't support directly.
Difference from Regular SBT
Regular SBT: NFT with metadata. Metadata contains claims, but verifying them requires trust in issuer and knowledge of their signing key.
Soul-bound credential: SBT where on-chain available not only the fact of existence, but also verifiable claims. Smart contract can verify that SBT issued by specific trusted issuer and contains certain attributes.
Implementation
contract SoulBoundCredentialSystem {
// Trusted issuers with their public keys
mapping(address => bool) public trustedIssuers;
struct Credential {
address issuer;
uint256 issuedAt;
uint256 expiresAt;
bytes32 credentialType;
bytes encodedClaims; // ABI-encoded claims
bool revoked;
}
mapping(uint256 => Credential) public credentials;
mapping(address => uint256[]) public holderCredentials;
uint256 private _tokenIdCounter;
function issueCredential(
address recipient,
bytes32 credentialType,
bytes calldata claims,
uint256 validityPeriod
) external onlyTrustedIssuer returns (uint256) {
uint256 tokenId = ++_tokenIdCounter;
credentials[tokenId] = Credential({
issuer: msg.sender,
issuedAt: block.timestamp,
expiresAt: block.timestamp + validityPeriod,
credentialType: credentialType,
encodedClaims: claims,
revoked: false
});
holderCredentials[recipient].push(tokenId);
// mint SBT (non-transferable)
_mintSoulBound(recipient, tokenId);
return tokenId;
}
// Other smart contracts call this for on-chain verification
function verifyCredential(
address holder,
bytes32 credentialType,
bytes32 requiredClaim,
bytes32 requiredValue
) external view returns (bool) {
uint256[] memory tokenIds = holderCredentials[holder];
for (uint i = 0; i < tokenIds.length; i++) {
Credential memory cred = credentials[tokenIds[i]];
if (cred.credentialType == credentialType &&
!cred.revoked &&
block.timestamp < cred.expiresAt &&
trustedIssuers[cred.issuer]) {
// Check specific claim in encoded data
if (_checkClaim(cred.encodedClaims, requiredClaim, requiredValue)) {
return true;
}
}
}
return false;
}
}
ZK Soul-bound Credentials
Public on-chain claims compromise privacy. ZK approach:
Sismo Protocol: user generates ZK proof based on their SBTs/on-chain data. Proof proves fact without revealing specific tokens. Zkdrop — claim governance power or rewards based on ZK proof.
Anonymous attestations: prove "I have SBT from Trusted Issuer X with claim level >= 2" without specifying tokenId or other data.
Soul-bound credentials become infrastructure layer for compliant DeFi, DAO governance and web3 reputation systems. Development: 4-8 weeks.