Credential Models

A detailed look at the different types of verifiable credentials used in MCP-I

Credential Models

Overview of Credentials in MCP-I

MCP-I uses W3C Verifiable Credentials (VCs) as the standard format for expressing claims about identity and delegation. The specification defines several credential models to address different requirements:

  1. Standard Delegation Credential: The core credential type for basic delegation
  2. Chained Delegation Credential: For multi-level delegation scenarios
  3. Enhanced Credential: For Level 3 implementations with additional security features
  4. Legacy Compatibility Credential: For interoperability with existing systems

Each model shares core properties while adding specific features for its intended use case.

Standard Delegation Credential

The Standard Delegation Credential is the foundation of MCP-I's delegation model, representing a direct authorization from a principal to an agent.

Structure

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://mcp-i.org/credentials/v1"
  ],
  "id": "urn:uuid:3978344f-8596-4c3a-a978-8fcaba3903c5",
  "type": ["VerifiableCredential", "DelegationCredential"],
  "issuer": "did:example:principal123",
  "issuanceDate": "2025-01-01T19:23:24Z",
  "expirationDate": "2025-12-31T23:59:59Z",
  "credentialSubject": {
    "id": "did:example:agent456",
    "scope": ["read:data", "write:calendar"],
    "constraints": {
      "environment": "production"
    }
  },
  "credentialStatus": {
    "id": "https://example.com/status/123",
    "type": "StatusList2021Entry",
    "statusPurpose": "revocation",
    "statusListIndex": "94"
  },
  "proof": {
    "type": "Ed25519Signature2020",
    "created": "2025-01-01T19:23:24Z",
    "verificationMethod": "did:example:principal123#key-1",
    "proofPurpose": "assertionMethod",
    "proofValue": "z43BsK5Fu9Sdw7tF1JwPnBtYu..."
  }
}

Key Properties

  • id: Unique identifier for the credential (optional but recommended)
  • type: Must include both "VerifiableCredential" and "DelegationCredential"
  • scope: Array of permissions following the action:resource format
  • constraints: Optional conditions that further restrict the delegation

Chained Delegation Credential

The Chained Delegation Credential model supports scenarios where delegation flows through multiple entities. This model is essential for complex workflows where intermediary agents need to further delegate authority.

Structure

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://mcp-i.org/credentials/v1"
  ],
  "id": "urn:uuid:9b37c28d-a7c2-4e5f-8d9a-1b2c3d4e5f6a",
  "type": ["VerifiableCredential", "ChainedDelegationCredential"],
  "issuer": "did:example:agentA",
  "issuanceDate": "2025-02-15T10:15:30Z",
  "expirationDate": "2025-06-30T23:59:59Z",
  "credentialSubject": {
    "id": "did:example:agentB",
    "scope": ["read:data"],
    "constraints": {
      "environment": "testing"
    }
  },
  "credentialStatus": {
    "id": "https://example.com/status/456",
    "type": "StatusList2021Entry",
    "statusPurpose": "revocation",
    "statusListIndex": "42"
  },
  "parentCredential": {
    "id": "urn:uuid:3978344f-8596-4c3a-a978-8fcaba3903c5",
    "type": ["VerifiableCredential", "DelegationCredential"],
    "issuer": "did:example:principal123",
    "issuanceDate": "2025-01-01T19:23:24Z",
    "expirationDate": "2025-12-31T23:59:59Z",
    "credentialSubject": {
      "id": "did:example:agentA",
      "scope": ["read:data", "write:calendar"]
    },
    "proof": {
      "type": "Ed25519Signature2020",
      "verificationMethod": "did:example:principal123#key-1",
      "proofValue": "z43BsK5Fu9Sdw7tF1JwPnBtYu..."
    }
  },
  "proof": {
    "type": "Ed25519Signature2020",
    "created": "2025-02-15T10:15:30Z",
    "verificationMethod": "did:example:agentA#key-1",
    "proofPurpose": "assertionMethod",
    "proofValue": "z82Kn2d7a9FjHnPoQ5..."
  }
}

Key Properties

  • type: Includes "ChainedDelegationCredential" to indicate delegation chain
  • parentCredential: The credential that authorizes the issuer to delegate
  • scope: Must be a subset of the parent credential's scope

Enhanced Credential

For Level 3 implementations, MCP-I defines the Enhanced Credential model with additional security and privacy features.

Structure

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://mcp-i.org/credentials/v1",
    "https://w3id.org/security/bbs/v1"
  ],
  "id": "urn:uuid:5f1c8a2e-3d7b-4c6a-9f2d-8e7b6c5d4e3f",
  "type": ["VerifiableCredential", "EnhancedDelegationCredential"],
  "issuer": "did:example:principal123",
  "issuanceDate": "2025-03-10T08:30:15Z",
  "expirationDate": "2025-09-10T23:59:59Z",
  "credentialSubject": {
    "id": "did:example:agent789",
    "scope": ["read:data", "write:calendar", "admin:settings"],
    "constraints": {
      "environment": "production",
      "networkSegment": "internal",
      "geoFence": {
        "type": "Polygon",
        "coordinates": [[[longitude, latitude], ... ]]
      },
      "timeWindow": {
        "daysOfWeek": [1, 2, 3, 4, 5],
        "hoursOfDay": [8, 17]
      }
    }
  },
  "credentialStatus": {
    "id": "https://example.com/status/789",
    "type": "StatusList2021Entry",
    "statusPurpose": "revocation",
    "statusListIndex": "128"
  },
  "termsOfUse": [
    {
      "type": "DelegationPolicy",
      "prohibition": [
        {
          "purpose": ["Marketing", "DataSelling"]
        }
      ]
    }
  ],
  "auditTrail": {
    "hash": "sha256-8a9d8edf2175b0f2641a94d7as87f2afd847a",
    "logUrl": "https://audit.example.com/logs/credential789"
  },
  "proof": {
    "type": "BbsBlsSignature2020",
    "created": "2025-03-10T08:30:15Z",
    "verificationMethod": "did:example:principal123#key-2",
    "proofPurpose": "assertionMethod",
    "proofValue": "kTJVP7+H8z7F..."
  }
}

Key Features

  • Advanced Constraint Models: Supports complex constraints like geofencing and time windows
  • Terms of Use: Explicit delegation policies
  • Selective Disclosure Proofs: Using BBS+ signatures for zero-knowledge proofs
  • Audit Trail: Explicit links to immutable audit logs
  • Enhanced Crypto: Support for advanced cryptographic suites

Legacy Compatibility Credential

To facilitate integration with existing identity systems, MCP-I provides a Legacy Compatibility Credential model for Level 1 implementations.

Structure

{
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://mcp-i.org/credentials/v1"
  ],
  "id": "urn:uuid:1a2b3c4d-5e6f-7g8h-9i0j-1k2l3m4n5o6p",
  "type": ["VerifiableCredential", "LegacyDelegationCredential"],
  "issuer": "did:example:idp456",
  "issuanceDate": "2025-04-20T14:25:10Z",
  "expirationDate": "2025-05-20T23:59:59Z",
  "credentialSubject": {
    "id": "did:example:agent101112",
    "scope": ["read:profile", "read:email"],
    "legacyIdentifier": {
      "type": "OAuth2Subject",
      "value": "user123@example.com",
      "issuer": "https://auth.example.com"
    }
  },
  "mappings": {
    "oauth": {
      "clientId": "client123",
      "scopes": ["profile", "email.read"]
    }
  },
  "proof": {
    "type": "Ed25519Signature2020",
    "created": "2025-04-20T14:25:10Z",
    "verificationMethod": "did:example:idp456#key-1",
    "proofPurpose": "assertionMethod",
    "proofValue": "zWaF5d8w93jWm..."
  }
}

Key Features

  • Legacy Identifier: Maps to existing identity systems like OAuth, OIDC, or LDAP
  • Mappings: Explicit mappings between MCP-I scopes and legacy authorization models
  • Limited Lifetime: Typically shorter expiration to manage security risk

Credential Format Registry

MCP-I maintains a registry of recognized credential formats at https://knowthat.ai/registry/credential-types. When creating credentials, reference this registry for the latest context definitions and type identifiers.

The registry includes:

  • Canonical context URLs
  • Registered credential types
  • Required and optional fields for each type
  • Approved cryptographic suites

Credential Selection Guidelines

When choosing a credential model for your implementation, consider:

Credential TypeUse CaseConformance LevelSecurity Level
Standard DelegationDirect agent authorizationLevel 1+Moderate to High
Chained DelegationMulti-level delegationLevel 2+Moderate to High
EnhancedComplex enterprise scenariosLevel 3Very High
Legacy CompatibilityIntegration with existing systemsLevel 1 onlyBasic

Implementation Examples

Creating a Standard Delegation Credential

import { createCredential } from "@mcp-i/credentials";

// Example function to create a standard delegation credential
async function createStandardDelegation(issuerDid, agentDid, scopes) {
  return await createCredential({
    type: "DelegationCredential",
    issuer: issuerDid,
    subject: agentDid,
    scope: scopes,
    expiresIn: "90d", // 90 days
    constraints: {
      environment: "production",
    },
  });
}

// Usage
const credential = await createStandardDelegation(
  "did:web:issuer.example.com",
  "did:key:z6MkhaSG3...",
  ["read:email", "write:calendar"]
);

Creating a Chained Delegation

import { createChainedDelegation } from "@mcp-i/credentials";

// Example function to create a chained delegation
async function delegateToSubAgent(parentCredential, subAgentDid, subsetScopes) {
  return await createChainedDelegation({
    parentCredential,
    subject: subAgentDid,
    scope: subsetScopes,
    expiresIn: "30d", // Must be <= parent expiration
  });
}

// Usage
const chainedCredential = await delegateToSubAgent(
  originalCredential,
  "did:key:z6MkhZgT8...",
  ["read:email"] // Subset of parent scopes
);

Next Steps