VC Sandbox — CDPI Digital Credentials

🪪

Verifiable Credentials (VCs) for DPI

This sandbox demonstrates how a government or service provider can issue, store, and verify digital credentials — using open-source DPGs (Digital Public Goods) that any country can deploy. No vendor lock-in. No proprietary formats.

W3C VC Data Model 2.0 OID4VCI / OID4VP AnonCreds / SD-JWT ISO mDL 18013-5 Offline-capable

End-to-End Flowfrom issuance → wallet → verification

🪪

MOSIP
ID Registry

Citizen has a UIN / VID

→OID4VCI

◈

CREDEBL
Issuer

Signs VC with Issuer DID

→QR / Deep link

📱

Inji Wallet
Citizen App

Stores & shares VCs

→QR / NFC / Online

◎

Inji Verify
Verifier App

Cryptographic check

→DID resolve

🔗

Sunbird RC
Trust Registry

Confirms issuer authority

📋 Credential Types

Civil Registry: National ID, Birth Cert, Marriage
Education: Degree, Professional Licence, TVET
Employment: Employment Record, Farmer Reg, G2P
Health: Health Card, Vaccination Record
Financial: KYC, Bank Account Proof
Travel: mDL, Age Verification, Visa
Business: SME Identity, Supply Chain

🔐 VC Formats Supported

AnonCreds — Zero-knowledge privacy

JSON-LD W3C — Semantic interop

SD-JWT VC — Selective disclosure

ISO mDL / mdoc — Device-bound ID

✓ Verification Modes

Online — DID resolution + revocation check

Offline QR — Cached keys, zero connectivity

Selective disclosure — Prove a field, hide others

NFC tap — Proximity, device-to-device

Try it → Use the sidebar to issue a single VC, bulk-upload an Excel file of citizens, see how it lands in a mobile wallet, then verify it — both online and offline without any internet connection.

CREDEBL — W3C VC issuance over OID4VCI. DID-signed credentials. AnonCreds / JSON-LD / SD-JWT / ISO mDL. Choose a type, fill fields, issue, then push to the mobile wallet.

Issue CredentialCREDEBL

Credential Type

Subject UIN

Issuer DID

Format

Credential Fields (edit values freely)

Credential CardAnonCreds

Credential card will appear here after issuance…

Issuance LogDID Registry

00:00:00CREDEBLIssuer ready. 20 schemas loaded.

00:00:01INJITrust store loaded. 6 issuer DIDs cached.

Bulk VC Generation — Upload an Excel (.xlsx) or CSV file containing citizen data. CREDEBL auto-generates a Verifiable Credential for each row using the selected type. Download the enriched output file with VC IDs and QR payloads.

Upload Citizen DataXLSX / CSV

📊

Drop Excel / CSV here

or click to browse · .xlsx, .xls, .csv

Expected columns: name, dob (YYYY-MM-DD), gender, phone, document_type, document_number
Missing columns are auto-filled with defaults. Download template →

Generation ConfigCREDEBL

Credential Type

Issuer DID

VC Format

Processing Speed

Inji Wallet — Citizen-side credential wallet. Store VCs as visual cards, use fan view, share via QR (offline-capable), NFC, or deep link. Issue a credential first and tap "Wallet" to add it here.

9:41●●● WiFi 🔒

Amara Diallo

did:pkh:UIN-8421-7703-9912

👤

My Cards

Fan View

Activity

CREDENTIALS — 0 cards

Quick ShareOffline-capable

Share a credential without revealing the full document. Choose disclosure method.

Credential to Share

Share Method

Wallet Stats

Privacy Model

Holder controls data.
• VC stored locally on device — not on server
• Selective disclosure: share only required fields
• ZKP (AnonCreds): prove age without revealing DOB
• Offline QR: verifier needs no internet
• Consent screen shown before any data share

Inji Verify — Online verification: DID resolution, cryptographic signature check, expiry, revocation, and schema validation. Issue a credential above and paste its JSON here.

Verification RequestInji Verify

Paste Credential (JWT / JSON-LD)

Verification ResultOnline

Result will appear here...

Selective Disclosure (AnonCreds / SD-JWT)Privacy-preserving

Verifier requests only specific fields. Holder proves them without revealing the rest. Address, phone, biometrics — NOT shared.

Name (required by verifier) Date of Birth Age ≥ 18 (ZK proof — no DOB revealed) Nationality ID Number

Presentation will appear here...

Local / Offline Verification — No internet required after the initial trust store sync. The credential is embedded in the QR code as a signed payload. The verifier uses pre-cached issuer public keys to cryptographically verify — zero network calls at verification time.

Step 1: Sync Trust StoreOne-time online

Download issuer public keys while online. Enables signature verification with no connectivity afterwards.

did:polygon:0xGovID

NOT SYNCED

did:web:civil.gov

NOT SYNCED

did:polygon:0xEduMin

NOT SYNCED

did:web:health.gov

NOT SYNCED

Step 2: Generate Offline QRNo internet needed

Wallet embeds the full signed credential in a QR code. Works with zero connectivity at the point of verification.

Credential Type

Step 3: Scan & Verify Offline0 network calls

Verifier scans QR. Signature check runs locally against cached key. Latency: ~10–20ms.

✓

Parse QR payload

Decode base64 credential

2

Load cached issuer key

From local trust store

3

Verify signature

EdDSA / RSA-PSS

4

Display verified claims

Show only what verifier requested

Why Offline Verification Matters

In remote or low-connectivity regions — health workers, border agents, rural officers — cannot depend on stable internet for identity checks.

The solution: The signed QR contains all claims + a cryptographic proof. The verifier device synced issuer keys once. After that, verification is fully local — cryptographically equivalent to online.

Zero network calls at verification time

Works offline: health clinics, border posts, elections

Cryptographically identical security to online

Privacy-preserving: verifier sees only disclosed fields

Trust store must be periodically refreshed online