The Gateway Credential Standard

Paving the path forward for credentials

In September, we released our vision paper and launched the Gateway Credential D-App. The credential D-App is home to partners like LiFi (a cross-chain DEX and Bridge Aggregator), Piggylet (a DeFi NFT Lending platform), CyberConnect (a decentralized social graph protocol), GoldFinch (an institutional DeFi product), Commonwealth (a DAO Governance and discussion platform), and more. In the 5 months since our market debut, we have surpassed major milestones. Gateway’s platform has over ~400,000+  registered users and has officially passed 1,000,000 credential issuances. Of these 600,000+ have been minted as non transferable NFTs or as we like to call them Verifiable Presentations.

The Gateway credential D-App continues to be a massive traction point for our partners, and we are hopeful it will continue to grow in utility. In the future, organizations using the Credential D-App will be able to issue credentials for on-chain activities, discord activity, and even for engagement  on certain forums. We are still building our roadmap daily, but our intentions are to keep Gateway’s platform very modular and simple to use for teams looking to drive community engagement. 

But what comes next for Gateway?

Last month we discussed the issues of credentials in “web2” and meatspace. There are several thoughts around how NFTs, SBTs, or Verified Credentials could improve the process. This discussion and Gateway’s dApp  solidifies our conviction - build the first web3 native credential protocol. What does this mean?

Current Problem State

In our previous article we presented this example:

1. Olivia applies to a job at Google. 

2. Olivia needs to provide proof that she attended Harvard University - the university listed on her resume. Harvard takes the request, processes the information by checking it against their central database to verify the individual’s status as an Alumni and their transcript.

3. Harvard then ensures all information in the database is valid, and will generate a proof of the individual’s record with the University. 

4. Harvard will share this proof with Google.

NOTE: Since this proof is valid for Harvard only, Google must repeat this outreach process with every other “claim” on Olivia’s degree.

Credentials have no real value as there is no accountability for the creator of the courses, ability to dive deep into what the certificate is exactly awarded for, and, further, closed data makes it very hard to use said credentials across other profiles/platforms. Due to the lack of data transparency, inability to compose across the internet, and siloed data models, credentials are rendered to simply serving as “stickers”. Visual representations that show achievements, but lack context, usage, and value. 

Enter Web3

However, the introduction of web3 technologies allows for greater data-availability, collaborative data-networks (protocols),  and public ledger explorers (etherscan) to be built out. This is why NFTs as a way to easily make information more human-digestible became popular. The only issue is, does everything need to be accessible at the expense of privacy and user-autonomy? The other side of the spectrum requires us to embrace the W3C verified credentials model, which puts privacy and user-sovereignty at the center of attention. Much of these concepts remain unclear, and most do not understand the technical aspects. This is why we must truly prioritize user experience, simplicity, and usability over anything else. Less buzz-words, and more scalable products.

What is the Gateway Protocol?

Gateway is building a protocol that makes it easy for organizations or individuals to  issue credentials, manage credential lifecycles, and leverage our railroads to increase usage of credentials. Gateway makes it  simple for developers to download our SDK and begin building a unique credentialing system for its products and platforms. This allows you to continue to focus on delivering your key value proposition, while leveraging Gateway as a way to credential your community and users.

The Gateway Standard

Privacy

Tamper-proof: Any credential issued via the Gateway protocol will automatically trigger an on-chain transaction. In layman terms, this is a proof generated on a public ledger with details such as date of issuance, issuer ID, recipient ID, Data Model ID, and a basic reference to the actual data on Arweave (data storage). In the case that other platforms would want to use credentials that remain private, they can call upon the Gateway API and “validate”to see if they have read permissions.

Privacy Preserving: Gateway’s credentials are by nature privacy preserving, yet publicly verifiable. This is because while the on-chain proof is generated, the actual metadata is encrypted and inaccessible on Arweave. The user has full sovereignty over making said credential public.

Encryption: Gateway is proud to be partnered with Lit Protocol, a leading infrastructure provider for decentralized public key computing and cryptography. We are using their Lit Actions product to encrypt all credential earners’ metadata. This will allow for people to confirm a credential’s issuance publicly, but the user’s data is encrypted, and access must be shared  for more sensitive data.

Building

Data Models: Data model = Claim Structure. This is simply a series of claims that you are making about an individual/organization. For developers, this is the data-schema. A way to take your complex data inputs and demonstrate it in an organized manner. 

The claim structure will now be stored on Arweave, ensuring only you own your data. If you are an issuer, like a University, your goal is to make a strong data model to standardize a specific vertical.

Why?

By referencing established models, builders/teams/individuals can assess which credentials are the most valuable. This also allows Gateway to provide the best user experiences for querying and curating credential data.  Most importantly, open data models that are easy to fork or build on top of allows the industry to build together, as opposed to a closed network that stifles growth. 

Lifecycle Management: This is the ability for the issuer of the credential to revoke credentials, upgrade credential, set expiration dates, and create stipulations for valid or invalid credentials. Issuers will be able to define such via their SDK implementation, or manually control such through their Issuer Dashboard. This will increase control of credentials in a transparent manner.  We remove the ability for centralized players to privately remove or change the state of credentials by having an on-chain trail for all credentials.

Smart Contracts: We are leveraging smart contracts to help maintain the public verification of credentials including their states. The first piece is the “Issuance Contract”. As part of this Gateway is making an on-chain transaction that verifies certain aspects of credential. The metadata fields include:

• Issuer ID: This is the DID (Decentralized Identifier) associated with the person making the claim

• Target ID: This is the DID associated with the person whom the claim is about.

• Metadata URL: This will be a link to the Arweave hash where the claim information is being stored.

• Date of Issuance: The date when the credential  was distributed

• Data model ID: This is a reference ID URI to the claim structure that was used to issue the credential

• Status: This is a field that dictates whether a credential is still valid or invalid. Credentials can either be valid, suspended, expired, or revoked (note this field would require a new transaction to be created if the Issuer updates the credential via the SDK).

• Permissions: Revoke and Access Permissions

• Credential ID: The unique identifier for the Recipient's credential 

Verifiable Presentation: Users can also mint an NFT of their credential. This is a visual representation of the credential. Gateway’s smart-contract factory will support Ethereum, Polygon, and Solana to begin.

Other Products

GatewayID - Gateway is building a DID (Decentralized Identifier) that will allow users to connect multiple wallets and social accounts to a single identity. No more isolation of wallets/identities across blockchains and web2 platforms.

Gateway Registry: We are working on building a  full database for credentials that is easy to navigate, query, and curate relevant credentials. The best way to think of this credential registry is like etherscan. Today you can search up any wallet, any asset, any transaction, or any smart contract. We hope to do the same with credentials. A place where you can search for credentials regarding DeFi achievements, Governance participation, educational courses, or KYC stamps by institutions. This can also be done at the Data Model level. 

Getting Started
Gateway is launching their SDK and helping priority organizations credential their ecosystem. By the end of Q2 our SDK will be publicly available. If you wish to be considered for the Gateway SDK, please follow the process to be onboarded. Simply looking to learn more about Gateway Credentials? Read our docs here!

First, fill out the following form and include the best way to reach out to you, if you do not hear from us! Second, hop into the Gateway Discord server, and find the SDK Onboarding section. Here you will be able to post a brief intro about yourself, your project, and why credentials excite you. A team member will be in touch shortly after.

LFG!

Discord
Twitter

Go earn your credential for this article here!

Comments

[Xiaofeifei]

Good nice

[dafuweng]

good