| ▲ | myrion 3 hours ago | |
That assumes the companies store the individual tokens, as does the government. Neither of which are part of the design, but could be done if both sides desired it. The Swiss design actually doesn't store the issued tokens centrally. It only stores a trust root centrally and then a verifier only checks the signature comes from that trust root (slightly simplified). | ||
| ▲ | uniq7 6 minutes ago | parent [-] | |
If companies are required to verify age, then it's in their interest to store all tokens, just in case they are ever accused of not verifying it. The Swiss E-ID system stores people identifiers and token status lists in their so-called "Base Registry". From https://swiyu-admin-ch.github.io/technology-stack/#credentia... > Decentralized Identifiers (DID) developed by the W3C represent an identifier standard that provides a subject-controlled method for identifying individuals, organizations, or objects online. In the swiyu Trust Infrastructure, DIDs are utilized as a standard identifier for issuers and verifiers. They are centrally hosted on the swiyu Base Registry. > In this protocol, the trusted authority issues certifications (“trust statements”) concerning the identity (i.e., who is the real-world identity controlling a DID) and legitimacy (i.e., who is allowed to issue or verify credentials of a specific VC schema) about an entity as SD-JWT VC and publishes these trust statements in the trust registry. > Token Status Lists are signed, maintained and published by the credential issuers but hosted on the Base Registry. | ||