QFlowLearn: QTI 3.0 authoring
How CredTrail signs Open Badges 3.0 credentials
June 4, 2026 badges

How CredTrail signs Open Badges 3.0 credentials

How CredTrail signs Open Badges 3.0 credentials with W3C Data Integrity, Ed25519, did:web, and Multikey.

How CredTrail signs Open Badges 3.0 credentials

A styled badge page helps people read a credential. A signed credential gives verifiers something concrete to check.

CredTrail issues Open Badges 3.0 credentials as JSON-LD W3C Verifiable Credentials. The credential says who issued the badge, who received it, what was earned, and where to check its current status.

The signature sits in a proof block:

{
  "type": "DataIntegrityProof",
  "cryptosuite": "eddsa-rdfc-2022",
  "verificationMethod": "did:web:credtrail.org:tenants:school#key-1",
  "proofPurpose": "assertionMethod",
  "proofValue": "z..."
}

That proof uses W3C Data Integrity with the EdDSA RDF canonicalization cryptosuite. In plainer terms: CredTrail puts the credential into a deterministic JSON-LD form, signs it with Ed25519, and stores the signature in proofValue. Ed25519 is an elliptic-curve signature scheme that gives short keys and signatures, fast signing and verification, and deterministic signatures; it is not quantum-resistant.

The verificationMethod points to the issuer’s DID document. With did:web, that is just an HTTPS JSON file. For example:

did:web:credtrail.org:tenants:school

resolves to:

https://credtrail.org/tenants/school/did.json

That DID document publishes the issuer’s Ed25519 public key as a Multikey (a compact, self-describing way to encode a public key), using the W3C DID Core model:

{
  "type": "Multikey",
  "publicKeyMultibase": "z6Mk..."
}

Verification is straightforward: fetch the credential, follow proof.verificationMethod to the issuer key, verify the DataIntegrityProof, then check the credential status.

That is the stack CredTrail uses for new issuance:

JSON-LD Verifiable Credential
DataIntegrityProof
eddsa-rdfc-2022
Ed25519
did:web
Multikey

The credential needs to survive the LMS, the wallet, and the platform that first displayed it. The proof lets a verifier check the signature, and the status URL tells them whether the issuer still considers the credential active.

flowchart TD
  credential["Open Badges 3.0 credential"]
  proof["DataIntegrityProof"]
  proofValue["proofValue signature"]
  suite["Canonical JSON-LD/RDF form"]
  did["did:web DID document"]
  multikey["Multikey"]
  key["Ed25519 public key"]
  status["Credential status URL"]

  credential --> proof
  proof --> proofValue
  proof --> suite
  proof --> did
  did --> multikey
  multikey --> key
  credential --> status

Related Articles

Work with Longsight

Bring us the problems that cross your LMS, identity, and compliance systems.

We can host the service, help you run it on campus, answer security review, integrate with your LMS, and work through accessibility requirements.