The vocabulary of verifiable credentials.

BBS+ signatures

Also: BBS signatures

A pairing-based signature scheme that supports selective disclosure and unlinkable presentations — popular in privacy-first VC deployments.

Canonicalization

The process of producing a deterministic byte representation of structured data — mandatory before hashing anything meant to be signed.

DER encoding

Also: ASN.1 DER, DER

The binary encoding format for ECDSA signatures as emitted by most HSMs and crypto libraries — ASN.1 Distinguished Encoding Rules.

ECDSA

Also: Elliptic Curve Digital Signature Algorithm

The Elliptic Curve Digital Signature Algorithm — the signature scheme LearnCoin uses over secp256k1, and the one Bitcoin and Ethereum use too.

Ed25519

Also: EdDSA Ed25519

An EdDSA signature scheme over the Curve25519 twist — faster than secp256k1 ECDSA, with deterministic nonces built in.

FIPS 140-2/140-3

Also: FIPS 140-2, FIPS 140-3, FIPS 140

The US federal certification standard for cryptographic modules — defines the HSM security levels LearnCoin's signing keys are certified against.

Google Cloud KMS

Also: GCP KMS, Cloud Key Management Service

Google Cloud's key-management service — the HSM-backed vault that holds every LearnCoin tenant's signing key.

Hardware Security Module

Also: HSM

A dedicated cryptographic device that performs key operations inside a tamper-resistant hardware boundary, with keys never exposed in software.

JOSE

Also: JSON Object Signing and Encryption

The IETF family of standards for signing and encrypting JSON — JWS, JWE, JWK, and JWT all live under this umbrella.

JWS

Also: JSON Web Signature, RFC 7515

The IETF standard for signing JSON payloads — the signature format that wraps JWTs and most OpenID Connect tokens.

JWT

Also: JSON Web Token, RFC 7519

A JSON payload format with standardized claims (iss, sub, exp, iat, aud) — when signed as a JWS, it becomes the most common bearer-token format on the web.

Linked Data Proofs

Also: LD Proofs, Data Integrity Proofs

A family of W3C proof formats that embed a cryptographic signature directly inside a JSON-LD document, rather than wrapping it externally.

Merkle root

The top hash in a Merkle tree — the single 32-byte value that cryptographically commits to every credential in a batch.

Merkle Tree

Also: Merkle root, hash tree

A binary tree of cryptographic hashes that lets a single root commit to an arbitrarily large set of items while keeping per-item proofs small.

MerkleProof2019

The Blockcerts v3 proof suite — a Linked Data Proof that commits a credential to a blockchain-anchored Merkle root.

Resource Description Framework

Also: RDF

The W3C data model underlying JSON-LD — statements expressed as subject-predicate-object triples that form a directed graph.

secp256k1

Also: secp256k1 curve

The elliptic curve used by Bitcoin, Ethereum, and most EVM chains — and the curve LearnCoin uses for every signing key.

SHA-256

Also: Secure Hash Algorithm 256, SHA-2

The 256-bit output variant of the SHA-2 family — the cryptographic hash function LearnCoin uses for leaf hashing, Merkle concatenation, and signature digests.

URDNA2015

Also: RDF Dataset Canonicalization 2015, URDNA

The RDF canonicalization algorithm LearnCoin uses to produce a deterministic byte representation of every credential before hashing.