CRSet: Private Non-Interactive Verifiable Credential Revocation

TL;DR

CRSet is a privacy-preserving, non-interactive revocation mechanism for Verifiable Credentials that leverages Ethereum transactions to securely and privately publish revocation data, enabling local checks without revealing issuer activity.

Contribution

It introduces CRSet, a novel non-interactive revocation scheme that protects issuer privacy and is practical for real-world deployment using Ethereum as a secure publication medium.

Findings

CRSet can handle revocation data for approximately 170,000 VCs per Ethereum blob.

The scheme maintains privacy by preventing leakage of issuer activity.

Empirical evaluation confirms the scheme's effectiveness and efficiency.

Abstract

Like any digital certificate, Verifiable Credentials (VCs) require a way to revoke them in case of an error or key compromise. Existing solutions for VC revocation, most prominently Bitstring Status List, are not viable for many use cases because they may leak the issuer's activity, which in turn leaks internal business metrics. For instance, staff fluctuation through the revocation of employee IDs. We identify the protection of issuer activity as a key gap and propose a formal definition for a corresponding characteristic of a revocation mechanism. Then, we introduce CRSet, a non-interactive mechanism that trades some space efficiency to reach these privacy characteristics. For that, we provide a proof sketch. Issuers periodically encode revocation data and publish it via Ethereum blob-carrying transactions, ensuring secure and private availability. Relying Parties (RPs) can download it to perform revocation checks locally. Sticking to a non-interactive design also makes adoption easier because it requires no changes to wallet agents and exchange protocols. We also implement and empirically evaluate CRSet, finding its real-world behavior to match expectations. One Ethereum blob fits revocation data for about 170k VCs.