QFlowLearn: QTI 3.0 authoring
How CredTrail signs Open Badges 3.0 credentials
June 4, 2026 badges

How CredTrail signs Open Badges 3.0 credentials

A short explanation of the W3C and 1EdTech signing profile CredTrail uses for Open Badges 3.0.

How CredTrail signs Open Badges 3.0 credentials

A styled badge page hosted on a trusted domain is useful for people, and a signed credential is useful for verifiers.

CredTrail issues Open Badges 3.0 credentials as JSON-LD W3C Verifiable Credentials. The credential says who issued the badge, who received it, what was earned, and where to check its current status.

The signature sits in a proof block:

{
  "type": "DataIntegrityProof",
  "cryptosuite": "eddsa-rdfc-2022",
  "verificationMethod": "did:web:credtrail.org:tenants:school#key-1",
  "proofPurpose": "assertionMethod",
  "proofValue": "z..."
}

That proof uses W3C Data Integrity with the EdDSA RDF canonicalization cryptosuite. In plainer terms: CredTrail puts the credential into a deterministic JSON-LD form, signs it with Ed25519, and stores the signature in proofValue. Ed25519 is an elliptic-curve signature scheme that gives short keys and signatures, fast signing and verification, and deterministic signatures; it is not quantum-resistant.

The verificationMethod points to the issuer’s DID document. With did:web, that is just an HTTPS JSON file. For example:

did:web:credtrail.org:tenants:school

resolves to:

https://credtrail.org/tenants/school/did.json

That DID document publishes the issuer’s Ed25519 public key as a Multikey (a compact, self-describing way to encode a public key), using the W3C DID Core model:

{
  "type": "Multikey",
  "publicKeyMultibase": "z6Mk..."
}

Verification is straightforward: fetch the credential, follow proof.verificationMethod to the issuer key, verify the DataIntegrityProof, then check the credential status.

That is the stack CredTrail uses for new issuance:

JSON-LD Verifiable Credential
DataIntegrityProof
eddsa-rdfc-2022
Ed25519
did:web
Multikey

The credential needs to survive the LMS, the wallet, and the platform that first displayed it. The proof gives a verifier something concrete to check, and the status URL tells them whether the issuer still considers the credential active.

flowchart TD
  credential["Open Badges 3.0 credential"]
  proof["DataIntegrityProof"]
  proofValue["proofValue signature"]
  suite["Canonical JSON-LD/RDF form"]
  did["did:web DID document"]
  multikey["Multikey"]
  key["Ed25519 public key"]
  status["Credential status URL"]

  credential --> proof
  proof --> proofValue
  proof --> suite
  proof --> did
  did --> multikey
  multikey --> key
  credential --> status

Related Articles

Work with Longsight

Bring us the problems that cross campus systems.

Hosted or on-prem. Security questionnaires. LMS integration. Accessibility at scale. These are familiar conversations for Longsight because we have been in them for twenty years.

Contact Longsight Products