T-01: Identity & Credential Layer
T-01: Identity & Credential Layer
W3C DID 1.1
Decentralized Identifiers. Every participant (human, organisation, AI agent, IoT sensor) has a DID. CTH uses
Decentralized Identifiers. Every participant (human, organisation, AI agent, IoT sensor) has a DID. CTH uses
did:web for organisations and did:key for ephemeral agent sessions.
cth:FPICCredential (CTH-original)
A W3C VC 2.0 credential encoding Free Prior and Informed Consent. Fields:
A W3C VC 2.0 credential encoding Free Prior and Informed Consent. Fields:
territoryId (links to official IGN cadastral ID), permittedPurposes[] (e.g. ['eudr','csrd']), benefitSharingTerms (hash of signed agreement), revocable: true. The community council holds the signing key — stored in their own HSM or managed key service, not CTH infrastructure.
W3C VC 2.0 with BBS+ Selective Disclosure
Verifiable Credentials allow coffee buyers to prove EUDR compliance without revealing GPS coordinates to competitors. BBS+ signatures enable selective disclosure — present only the fields the verifier needs.
Verifiable Credentials allow coffee buyers to prove EUDR compliance without revealing GPS coordinates to competitors. BBS+ signatures enable selective disclosure — present only the fields the verifier needs.
OID4VP (OpenID for Verifiable Presentations)
Presentation protocol used by the compliance export API. EU customs systems can request a Verifiable Presentation containing only the EUDR-relevant fields, verified against the issuer DID.
Presentation protocol used by the compliance export API. EU customs systems can request a Verifiable Presentation containing only the EUDR-relevant fields, verified against the issuer DID.
| Credential Type | Issued By | Held By | Expires | Revocable |
|---|---|---|---|---|
| cth:SubmitterCredential | CTH Accreditation Svc | Data Submitter | 12 months | Yes — by CTH Steward |
| cth:ValidatorCredential | CTH Accreditation Committee | Accredited Validator | 24 months | Yes — by Governance Board |
| cth:CommunityCredential | CTH + Community Council | Community Sovereign | Indefinite | Yes — by Community only |
| cth:StewardCredential | Governance Board | CTH Staff Member | 12 months | Yes — by Board vote |
| cth:AuditorCredential | CTH (on regulatory mandate) | Regulator | Audit scope only | Yes — auto-expires |
| cth:AgentCredential | Delegating human DID | AI Agent / Script | Human session | Yes — immediate |
No hay comentarios para mostrar
No hay comentarios para mostrar