Enhanced Credential
Level 3 implementations with additional security and privacy features for advanced MCP-I deployments
Enhanced Credential
For Level 3 implementations, MCP-I defines the Enhanced Credential model with additional security and privacy features.
Structure
{
"@context": [
"https://www.w3.org/2018/credentials/v1",
"https://mcp-i.org/credentials/v1",
"https://w3id.org/security/bbs/v1"
],
"id": "urn:uuid:5f1c8a2e-3d7b-4c6a-9f2d-8e7b6c5d4e3f",
"type": ["VerifiableCredential", "EnhancedDelegationCredential"],
"issuer": "did:example:principal123",
"issuanceDate": "2025-03-10T08:30:15Z",
"expirationDate": "2025-09-10T23:59:59Z",
"credentialSubject": {
"id": "did:example:agent789",
"scope": ["read:data", "write:calendar", "admin:settings"],
"constraints": {
"environment": "production",
"networkSegment": "internal",
"geoFence": {
"type": "Polygon",
"coordinates": [[[longitude, latitude], ... ]]
},
"timeWindow": {
"daysOfWeek": [1, 2, 3, 4, 5],
"hoursOfDay": [8, 17]
}
}
},
"credentialStatus": {
"id": "https://example.com/status/789",
"type": "StatusList2021Entry",
"statusPurpose": "revocation",
"statusListIndex": "128"
},
"termsOfUse": [
{
"type": "DelegationPolicy",
"prohibition": [
{
"purpose": ["Marketing", "DataSelling"]
}
]
}
],
"auditTrail": {
"hash": "sha256-8a9d8edf2175b0f2641a94d7as87f2afd847a",
"logUrl": "https://audit.example.com/logs/credential789"
},
"proof": {
"type": "BbsBlsSignature2020",
"created": "2025-03-10T08:30:15Z",
"verificationMethod": "did:example:principal123#key-2",
"proofPurpose": "assertionMethod",
"proofValue": "kTJVP7+H8z7F..."
}
}
Key Features
- Advanced Constraint Models: Supports complex constraints like geofencing and time windows
- Terms of Use: Explicit delegation policies
- Selective Disclosure Proofs: Using BBS+ signatures for zero-knowledge proofs
- Audit Trail: Explicit links to immutable audit logs
- Enhanced Crypto: Support for advanced cryptographic suites
Enterprise Integration
The Enhanced Credential model is particularly well-suited for enterprise environments with complex security policies, regulatory requirements, and integration with existing IAM systems.