0xdeadbeef....
, when the user’s Galxe ID is 123123
, Here is an example header. Note that Its type ID is 2, meaning that it is using the primitive credential type containing just one scalar value.
status
claim value stores not only the hash value, but also the original value. This is because that the claim declaration specify that the hash algorithm is user-defined ( c
), storing both values is mandatory by protocol’s specification.
UINT64_MAX
if the credential never expires.issuer_id
is not part of the signed metadata. In our design, the issuer_id
is intentionally omitted. This approach prevents the embedding of trust relationships between the issuer and public keys within the credential, because the verification of a public key trustworthiness can only occur externally to the zero-knowledge proof circuit, as it involves stateful checks beyond cryptographic validation. This simplification eliminates the redundancy of including an issuer_id
for zk proof generation. Furthermore, this flexibility enhances the system’s scalability and the fluidity of trust relationships, thereby maintaining the simplicity of the credential’s structure while accommodating a dynamic network of trust.
Unsigned signature metadata
In the unsigned signature part, there are three mandatory fields: issuer_id
, chain_id
and public_key
. They do not require explicit signing, because the issuer’s signature inherently implies the public key value, and issuer_id and chain_id should not be signed and fixed.
internal_nullifier
and external_nullifier
. When using the babyzk verification stack, this value is computed as poseidon(internal_nullifier, external_nullifier)
.msg.sender
, or indirectly be authenticated through an EIP-712 signature.prop<248, c, 1>
. Here, the least significant bit designates equality, while its [249..1] bits convey the value that underwent comparison.