Skip to content

SCSVS-AUTH-3

S4.3 Decentralized Identity

Control Objective

Implement decentralized identity solutions to ensure secure and reliable identity verification and management while maintaining user privacy.

S4.3.A Decentralized Identifiers (DIDs)

SCSVS VR ID Requirement L1 L2 L3 SCWE
S4.3.A1 Verify that the smart contract for handling DIDs adheres to the latest standards and best practices for decentralized identity management. βœ“ βœ“
S4.3.A2 Ensure that the DID management contract includes mechanisms to prevent unauthorized modifications and ensure the integrity of DID records. βœ“ βœ“
S4.3.A3 Check that DID documents managed by the smart contract are securely stored and can be retrieved in a decentralized manner. βœ“ βœ“
S4.3.A4 Verify that the smart contract supports reliable DID resolution and includes mechanisms for handling conflicts and updates. βœ“ βœ“
S4.3.A5 Ensure that the smart contract maintains the privacy and confidentiality of DID-related information throughout its lifecycle. βœ“ βœ“

S4.3.B Verifiable Credentials

SCSVS VR ID Requirement L1 L2 L3 SCWE
S4.3.B1 Verify that the smart contract manages verifiable credentials in a way that ensures their authenticity and integrity through cryptographic proofs. βœ“ βœ“
S4.3.B2 Ensure that the issuance process of verifiable credentials by the smart contract includes proper identity verification and validation procedures. βœ“ βœ“
S4.3.B3 Check that the smart contract supports cryptographic proofs to verify the validity of credentials without disclosing sensitive information. βœ“ βœ“
S4.3.B4 Verify that the smart contract includes a secure process for revoking verifiable credentials when necessary. βœ“ βœ“
S4.3.B5 Ensure that the smart contract’s handling of verifiable credentials complies with relevant standards and best practices for secure credential management. βœ“ βœ“