GALILEO
Get Started
Galileo Protocol · MMXXVI

Verifiable Credentials

Galileo uses W3C Verifiable Credentials (VCs) for off-chain claims about products and entities. VCs provide cryptographically verifiable statements without requiring real-time issuer contact.

Credential Types

Digital Product Passport

{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://vocab.galileoprotocol.io/v1"
  ],
  "type": ["VerifiableCredential", "DigitalProductPassport"],
  "issuer": "did:galileo:brand:hermes",
  "validFrom": "2024-01-15T00:00:00Z",
  "credentialSubject": {
    "id": "did:galileo:01:00614141123452:21:ABC123",
    "gtin": "00614141123452",
    "productName": "Birkin 25",
    "materials": [
      {"type": "Leather", "origin": "France", "certified": true}
    ],
    "carbonFootprint": {"value": 12.5, "unit": "kgCO2e"}
  }
}

Authenticity Certificate

{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://vocab.galileoprotocol.io/v1"
  ],
  "type": ["VerifiableCredential", "AuthenticityCredential"],
  "issuer": "did:galileo:brand:hermes",
  "credentialSubject": {
    "id": "did:galileo:01:00614141123452:21:ABC123",
    "authenticityStatus": "VERIFIED",
    "verificationMethod": "MOLECULAR_SIGNATURE",
    "verificationDate": "2024-01-15"
  }
}

KYC Credential

{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://vocab.galileoprotocol.io/v1"
  ],
  "type": ["VerifiableCredential", "KYCCredential"],
  "issuer": "did:galileo:issuer:onfido",
  "credentialSubject": {
    "id": "did:galileo:customer:0x1234abcd",
    "verificationLevel": "FULL",
    "jurisdiction": "EU"
  }
}

Credential Lifecycle

Issuance

Credentials are issued by authorized issuers (brands, KYC providers). The issuer signs the credential with their private key.

Verification

  1. Parse credential JSON-LD
  2. Resolve issuer DID to get public key
  3. Verify cryptographic signature
  4. Check credential status (not revoked)
  5. Validate against schema

Revocation

Credentials can be revoked using a StatusList2021 registry. Revocation is checked during verification.

Proof Formats

Galileo supports multiple proof formats for crypto-agility:

  • JsonWebSignature2020 — Current default (ECDSA)
  • DataIntegrityProof — W3C Data Integrity
  • ML-DSA-65 — Post-quantum ready (future)

Storage

Credentials are stored off-chain with on-chain hash anchoring:

  • Full credential in encrypted off-chain storage
  • Content hash registered on-chain for integrity
  • Access controlled via resolver permissions