A W3C Verifiable Credential (VC) is a tamper-proof digital certificate that says:
"This information came from us (Brighton) and hasn't been changed."
It is digitally signed using a cryptographic key associated with a Decentralized Identifier (DID) — in our case, a did:web that lives at a domain we control (e.g. https://brighton-textiles.org/.well-known/did.json).
In this project, the VC will contain metadata about the product, such as:
- Product name and description
- Creator's name or ID
- Date created or uploaded
- Links to images/media
- (Optional in future: GS1-style identifiers or file hashes)
This metadata is bundled into a JSON-LD credential and digitally signed using the private key tied to the did:web identity of the catalogue.
Note: We do not sign the media files directly. Instead, we include links to them (or optionally, file hashes). The VC acts as a trustworthy certificate about the product, not a direct signature of the image files.
When someone scans the QR code on the textile, they are taken to a public product page that includes:
- The product’s details
- A downloadable or embedded copy of the Verifiable Credential
- A link to the
did:webidentifier that proves the VC was signed by the project
Anyone (including third-party verifier tools) can confirm:
- That the VC was signed by the Brighton project’s
did:web - That the VC hasn’t been altered
- That the credential matches the product it refers to
- Authenticity: Brighton is saying “we issued this record”
- Tamper-evidence: If the metadata changes, the signature breaks
- Portability: The VC can be stored, verified, or re-used elsewhere (e.g. marketplaces or registries)
This method is lightweight, works with today’s web, and is compatible with future options like artisan-controlled DIDs or blockchain anchoring.