Quantum-Resistant Cryptosuites v1.0

Quantum-resistant cryptosuites for Data Integrity

W3C First Public Working Draft

More details about this document
This version:
https://www.w3.org/TR/2026/WD-vc-di-quantum-resistant-1.0-20260616/
Latest published version:
https://www.w3.org/TR/vc-di-quantum-resistant-1.0/
Latest editor's draft:
https://w3c.github.io/vc-di-quantum-resistant/
History:
https://www.w3.org/standards/history/vc-di-quantum-resistant-1.0/
Commit history
Editors:
Greg Bernstein (Invited Expert)
Manu Sporny (Digital Bazaar)
Authors:
Greg Bernstein (Invited Expert)
Dave Longley (Digital Bazaar)
Manu Sporny (Digital Bazaar)
Will Abramson (Legendary Requirements)
Feedback:
GitHub w3c/vc-di-quantum-resistant (pull requests, new issue, open issues)
Related Specifications
The Verifiable Credentials Data Model
Verifiable Credential Data Integrity
The Elliptic Curve Digital Signature Algorithm Cryptosuites
The Edwards Digital Signature Algorithm Cryptosuites
The BBS Digital Signature Algorithm Cryptosuites

Copyright © 2026 World Wide Web Consortium. W3C® liability, trademark and permissive document license rules apply.

Abstract

This specification describes several Data Integrity Cryptosuites for use when generating a digital signature using Post-Quantum digital signature algorithms.

Status of This Document

This section describes the status of this document at the time of its publication. A list of current W3C publications and the latest revision of this technical report can be found in the W3C standards and drafts index.

This specification is experimental, do not use it in any production setting.

This document was published by the Verifiable Credentials Working Group as a First Public Working Draft using the Recommendation track.

Publication as a First Public Working Draft does not imply endorsement by W3C and its Members.

This is a draft document and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to cite this document as other than a work in progress.

This document was produced by a group operating under the W3C Patent Policy. W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent that the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy.

This document is governed by the 18 August 2025 W3C Process Document.

1. Introduction

This specification defines several cryptographic suites for the purposes of creating and verifying proofs for Post-Quantum signatures, in conformance with the Data Integrity [VC-DATA-INTEGRITY] specification.

This specification uses either the RDF Dataset Canonicalization Algorithm [RDF-CANON] or the JSON Canonicalization Scheme [RFC8785] to transform the input document into its canonical form. It uses a hash based on SHA-2 [RFC6234] and appropriate to the security category as the message digest, and supports a number of different Post-Quantum signature algorithms with varying properties such as public key size, signature size, and computational and implementational complexity.

1.1 Terminology

Terminology used throughout this document is defined in the Terminology section of the Verifiable Credential Data Integrity 1.0 specification.

1.2 Conformance

As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative. Everything else in this specification is normative.

The key words MAY, MUST, MUST NOT, and SHOULD in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

A conforming proof is any concrete expression of the data model that complies with the normative statements in this specification. Specifically, all relevant normative statements in Sections 2. Data Model and 3. Algorithms of this document MUST be enforced.

A conforming processor is any algorithm realized as software and/or hardware that generates or consumes a conforming proof. Conforming processors MUST produce errors when non-conforming documents are consumed.

This document contains examples of JSON and JSON-LD data. Some of these examples are invalid JSON, as they include features such as inline comments (//) explaining certain portions and ellipses (...) indicating the omission of information that is irrelevant to the example. Such parts need to be removed if implementers want to treat the examples as valid JSON or JSON-LD.

2. Data Model

The following sections outline the data model that is used by this specification to express verification methods, such as cryptographic public keys, and data integrity proofs, such as digital signatures.

2.1 Verification Methods

These verification methods are used to verify Data Integrity Proofs [VC-DATA-INTEGRITY] produced using the cryptographic key material for the various algorithms and parameter sets supported by this specification. The encoding formats for these key types are provided in this section. Lossless cryptographic key transformation processes that result in equivalent cryptographic key material MAY be used during the processing of digital signatures.

2.1.1 Multikey

The Multikey format, defined in Controlled Identifiers v1.0, is used to express public keys for the cryptographic suites defined in this specification.

The publicKeyMultibase property represents a Multibase-encoded Multikey expression of a public key.

Table 1 Public Key Summary, all sizes in bytes.
Signature Name Varint Code Multi-Byte Prefix Raw Public Key Size
ML-DSA-44 0x1210 0x9024 1312
SLH-DSA-SHA2-128s 0x1220 0xa024 32
FALCON-512* 0x122c 0xac24 897
SQIsign-I* 0x122e 0xae24 65

The Multikey encoding of a public key for a signature supported by this specification MUST start with the corresponding multi-byte prefix for the signature named in Table 1 followed by the raw public key bytes. This multi-byte prefix is the varint expression of the varint code given in the previous table. The resulting value will have a byte length given by the raw public key size in the table plus the length of the multi-byte prefix. This value MUST then be encoded using the base-64-url alphabet, according to the Multibase section of Controlled Identifiers v1.0 and then prepended with the base-64-url Multibase header (u).

Examples of all the publicKeyMultibase encodings defined in this specification can be found in appendix A. Test Vectors.

Editor's note

Note*: The codes given in Table 1 for FALCON-512 and SQIsign-I are preliminary and not currently registered with multicodecs. When these signature schemes are formalized by NIST or other SDOs these values should be updated/registered.

2.2 Proof Representations

This section details the proof representation formats that are defined by this specification.

2.2.1 DataIntegrityProof

A proof contains the attributes specified in the Proofs section of [VC-DATA-INTEGRITY] with the following restrictions.

The type property of the proof MUST be DataIntegrityProof.

The cryptosuite property of the proof MUST be one of the values from Table 2, below, or Table 12 for selective disclosure cryptosuites.

Table 2 Cryptosuites.
Name Signature Algorithm Signature Length
mldsa44-rdfc-2024 ML-DSA-44 2420
mldsa44-jcs-2024 ML-DSA-44 2420
slhdsa128-rdfc-2024 SLH-DSA-SHA2-128s 7856
slhdsa128-jcs-2024 SLH-DSA-SHA2-128s 7856
falcon512-rdfc-2024 FALCON-512 666
falcon512-jcs-2024 FALCON-512 666
sqisign1-rdfc-2024 SQIsign-I 148
sqisign1-jcs-2024 SQIsign-I 148

The value of the proofValue property of the proof MUST be a signature produced by the signature algorithm corresponding to the cryptosuite given in Table 2. This signature is produced according to using the algorithms specified in section 3. Algorithms, then encoded using the base-64-url-nopad header and alphabet as described in the Multibase section of [CID].

Examples of the proofValue for all the cryptosuites defined in this specification can be found in appendix A. Test Vectors.

3. Algorithms

The following sections describe multiple Data Integrity cryptographic suites that utilize quantum safe signature algorithms at different claimed security categories. For a given claimed security category, an appropriate hash function MUST be use in the 3.1.1 Hashing.

From Recommendation for Key Management: Part 1r6 ipd -- General, Section 4.6.1.4 on the "Security Strengths of Hash Functions, XOFs, and Their Applications," the following hash function are chosen for use with digital signatures in Table 3.

Table 3 Hashes for Signatures.
Security Strength Hash Function
Category 1 or 2 SHA-256
Category 3 or 4 SHA-384
Category 5 SHA-512

This specification supports cryptosuites based on both the Universal RDF Dataset Canonicalization Algorithm [RDF-CANON], rdfc and JSON Canonicalization Scheme [RFC8785], jcs. When the RDF Dataset Canonicalization Algorithm [RDF-CANON] is used with the 3.1.2 Proof Configuration and 3.1.3 Transformation algorithms the cryptographic hashing function that is passed to the algorithm MUST be from Table 3 appropriate for the claimed security of the signature scheme.

Implementations SHOULD fetch and cache verification method information as early as possible when adding or verifying proofs. Parameters passed to functions in this section use information from the verification method — such as the public key size — to determine function parameters — such as the cryptographic hashing algorithm.

When the RDF Dataset Canonicalization Algorithm [RDF-CANON] is used, implementations of that algorithm will detect dataset poisoning by default, and abort processing upon detection.

3.1 Common Algorithms

3.1.1 Hashing

The following algorithm specifies how to cryptographically hash a transformed data document and proof configuration into cryptographic hash data that is ready to be provided as input to the algorithms for proof serialization and proof verification of each of the respective cryptosuites.

The required inputs to this algorithm are a transformed data document (transformedDocument), canonical proof configuration (canonicalProofConfig), and hash name (hashName). A single hash data value represented as a series of bytes is produced as output.

  1. If hashName is SHA-256, let transformedDocumentHash be the result of applying the SHA-256 (SHA-2 with 256-bit output) cryptographic hashing algorithm [RFC6234] to the respective transformedDocument. Respective transformedDocumentHash will be exactly 32 bytes in size.
  2. If hashName is SHA-384, let transformedDocumentHash be the result of applying the SHA-384 (SHA-2 with 384-bit output) cryptographic hashing algorithm [RFC6234] to the respective transformedDocument. Respective transformedDocumentHash will be exactly 48 bytes in size.
  3. If hashName is SHA-512, let transformedDocumentHash be the result of applying the SHA-512 (SHA-2 with 512-bit output) cryptographic hashing algorithm [RFC6234] to the respective transformedDocument. Respective transformedDocumentHash will be exactly 64 bytes in size.
  4. If hashName is SHA-256, let proofConfigHash be the result of applying the SHA-256 (SHA-2 with 256-bit output) cryptographic hashing algorithm [RFC6234] to the canonicalProofConfig. Respective proofConfigHash will be exactly 32 bytes in size.
  5. If hashName is SHA-384, let proofConfigHash be the result of applying the SHA-384 (SHA-2 with 384-bit output) cryptographic hashing algorithm [RFC6234] to the canonicalProofConfig. Respective proofConfigHash will be exactly 48 bytes in size.
  6. If hashName is SHA-512, let proofConfigHash be the result of applying the SHA-512 (SHA-2 with 512-bit output) cryptographic hashing algorithm [RFC6234] to the canonicalProofConfig. Respective proofConfigHash will be exactly 64 bytes in size.
  7. Let hashData be the result of joining proofConfigHash (the first hash) with transformedDocumentHash (the second hash).
  8. Return hashData as the hash data.

3.1.2 Proof Configuration

The following algorithm specifies how to generate a proof configuration from a set of proof options that is used as input to the proof hashing algorithm.

The required inputs to this algorithm are proof options (options), a cryptosuite identifier (cryptosuite), the canonicalization scheme (canonScheme) and hash name (hashName). The proof options MUST contain a type identifier for the cryptographic suite (type) and MUST contain the cryptosuite identifier (cryptosuite). A proof configuration object is produced as output.

  1. Let proofConfig be a clone of the options object.
  2. If proofConfig.type is not set to DataIntegrityProof, proofConfig.cryptosuite is not set to the cryptosuite, or both, an INVALID_PROOF_CONFIGURATION error MUST be raised.
  3. If proofConfig.created is set to a value that is not a valid [XMLSCHEMA11-2] datetime, an INVALID_PROOF_DATETIME error MUST be raised.
  4. Set proofConfig.|@context| to unsecuredDocument.|@context|.
  5. If canonScheme is rdfc, let canonicalProofConfig be the result of applying the Universal RDF Dataset Canonicalization Algorithm [RDF-CANON] to the proofConfig, with hashing parameter set to hashName.
  6. If canonScheme is jcs, let canonicalProofConfig be the result of applying the JSON Canonicalization Scheme [RFC8785] to the proofConfig.
  7. Return canonicalProofConfig.

3.1.3 Transformation

The following algorithm specifies how to transform an unsecured input document into a transformed document that is ready to be provided as input to the hashing algorithm in Section 3.1.1 Hashing.

Required inputs to this algorithm are an unsecured data document (unsecuredDocument), transformation options (options), a cryptosuite identifier (cryptosuite), the canonicalization scheme (canonScheme) and hash name (hashName). The transformation options MUST contain a type identifier for the cryptographic suite (type) and a cryptosuite identifier (cryptosuite). A transformed data document is produced as output. Whenever this algorithm encodes strings, it MUST use UTF-8 encoding.

  1. If options.type is not set to the string DataIntegrityProof, options.cryptosuite is not set to the cryptosuite value, or both, then a PROOF_TRANSFORMATION_ERROR MUST be raised.
  2. If canonScheme is rdfc, let canonicalDocument be the result of applying the Universal RDF Dataset Canonicalization Algorithm [RDF-CANON] to the unsecuredDocument with hashing parameter set to hashName.
  3. If canonScheme is jcs, let canonicalDocument be the result of applying the JSON Canonicalization Scheme [RFC8785] to the unsecuredDocument.
  4. Set output to the value of canonicalDocument.
  5. Return canonicalDocument as the transformed data document.

3.1.4 Proof Serialization

The following algorithm specifies how to serialize a digital signature from a set of cryptographic hash data. This algorithm is designed to be used in conjunction with the algorithms defined in Section 4: Algorithms of the Data Integrity specification [VC-DATA-INTEGRITY]. Required inputs are cryptographic hash data (hashData), proof options (options), and a signature function (sigFunc). The proof options MUST contain a type identifier for the cryptographic suite (type) and MAY contain a cryptosuite identifier (cryptosuite). A single digital proof value represented as series of bytes is produced as output.

  1. Let privateKeyBytes be the result of retrieving the private key bytes (or a signing interface enabling the use of the private key bytes) associated with the verification method identified by the options.verificationMethod value.
  2. Let proofBytes be the result of applying the sigFunc, with hashData as the data to be signed using the private key specified by privateKeyBytes. proofBytes will have a length as indicated by the cryptosuite.
  3. Return proofBytes as the digital proof.

3.1.5 Proof Verification

The following algorithm specifies how to verify a digital signature from a set of cryptographic hash data. This algorithm is designed to be used in conjunction with the algorithms defined in Section 4: Algorithms of the Data Integrity [VC-DATA-INTEGRITY] specification. Required inputs are cryptographic hash data (hashData), a digital signature (proofBytes), proof options (options), and a verification function (verifyFunc). A verification result represented as a boolean value is produced as output.

  1. Let publicKeyBytes be the result of retrieving the public key bytes associated with the options.verificationMethod value as described in Section 4: Retrieve Verification Method of the Data Integrity specification [VC-DATA-INTEGRITY].
  2. Let verificationResult be the result of applying the verifyFunc, using the public key specified by publicKeyBytes, with hashData as the data to be verified against the proofBytes.
  3. Return verificationResult as the verification result.

3.2 Instantiate Cryptosuite

This algorithm is used to configure a cryptographic suite to be used by the Add Proof and Verify Proof functions in Verifiable Credential Data Integrity 1.0. The algorithm takes an options object (map options) as input and returns a cryptosuite instance (struct cryptosuite).

  1. Initialize cryptosuite to an empty struct.
  2. If options.type does not equal DataIntegrityProof, return cryptosuite.
  3. If options.cryptosuite is mldsa44-rdfc-2024 or mldsa44-jcs-2024 then:
    1. Set cryptosuite.createProof to the algorithm in Section 3.3.1 Create Proof (ML-DSA).
    2. Set cryptosuite.verifyProof to the algorithm in Section 3.3.2 Verify Proof (ML-DSA).
  4. If options.cryptosuite is slhdsa128-rdfc-2024 or slhdsa128-jcs-2024 then:
    1. Set cryptosuite.createProof to the algorithm in Section 3.4.1 Create Proof (SLH-DSA).
    2. Set cryptosuite.verifyProof to the algorithm in Section 3.4.2 Verify Proof (SLH-DSA).
  5. If options.cryptosuite is falcon512-rdfc-2024 or falcon512-jcs-2024 then:
    1. Set cryptosuite.createProof to the algorithm in Section 3.5.1 Create Proof (FALCON).
    2. Set cryptosuite.verifyProof to the algorithm in Section 3.5.2 Verify Proof (FALCON).
  6. If options.cryptosuite is sqisign1-rdfc-2024 or sqisign1-jcs-2024 then:
    1. Set cryptosuite.createProof to the algorithm in Section 3.6.1 Create Proof (SQIsign).
    2. Set cryptosuite.verifyProof to the algorithm in Section 3.6.2 Verify Proof (SQIsign).
  7. Return cryptosuite.

3.3 ML-DSA Cryptosuites

The Module-Lattice-Based Digital Signature Standard defined in Module-Lattice-Based Digital Signature Standard [FIPS-204] defines parameter sets for three different claimed security strengths. The claimed security strengths, private key, public key, and signature sizes are summarized in Table 4.

Table 4 ML-DSA Signatures Summary, all sizes in bytes.
Name Security Private Key Public Key Signature
ML-DSA-44 Category 2 2560 1312 2420
ML-DSA-65 Category 3 4032 1952 3309
ML-DSA-87 Category 5 4896 2592 4627

Supporting both the Universal RDF Dataset Canonicalization Algorithm [RDF-CANON], "rdfc", the JSON Canonicalization Scheme [RFC8785], "jcs", and a maximum security category of 2, leads to the family of ML-DSA cryptosuites given in Table 5.

Table 5 Supported ML-DSA Cryptosuites.
Name Canonalization Signature/Verification Hash
mldsa44-rdfc-2024 RDFC ML-DSA-44 SHA-256
mldsa44-jcs-2024 JCS ML-DSA-44 SHA-256

3.3.1 Create Proof (ML-DSA)

The following algorithm specifies how to create a data integrity proof given an unsecured data document and an ML-DSA cryptosuite chosen from Table 5. The choice of cryptosuite sets the values of canonScheme, hashName, sigFunc, and verifyFunc per Table 5, which are used in the algorithm below. Additional required inputs are an unsecured data document (map unsecuredDocument), and a set of proof options (map options). A data integrity proof (map), or an error, is produced as output.

  1. Let proof be a clone of the proof options, options.
  2. Let proofConfig be the result of running the algorithm in Section 3.1.2 Proof Configuration with options, the cypherSuiteName, canonScheme, and hashName passed as parameters.
  3. Let transformedData be the result of running the algorithm in Section 3.1.3 Transformation with unsecuredDocument, options, the cypherSuiteName, canonScheme, and hashName passed as parameters.
  4. Let hashData be the result of running the algorithm in Section 3.1.1 Hashing with transformedData, proofConfig, and hashName passed as a parameters.
  5. Let proofBytes be the result of running the algorithm in Section 3.1.4 Proof Serialization with hashData, options, and sigFunc passed as parameters.
  6. Let proof.proofValue be a base64-url-encoded Multibase encoding of the proofBytes.
  7. Return proof as the data integrity proof.

3.3.2 Verify Proof (ML-DSA)

The following algorithm specifies how to verify a data integrity proof given an secured data document. Required inputs are an secured data document (map securedDocument). This algorithm returns a verification result, which is a struct whose items are:

verified
true or false
verifiedDocument
Null, if verified is false; otherwise, an unsecured data document
  1. Let unsecuredDocument be a copy of securedDocument with the proof value removed.
  2. Let proofOptions be a copy of securedDocument.proof with proofValue removed.
  3. Set cryptosuiteName to securedDocument.proof.cryptosuite, which must be one of those listed in Table 5. From cryptosuiteName, set the values of canonScheme, hashName, and verifyFunc, as found in Table 5.
  4. Let proofBytes be the Multibase decoded base64-url value in securedDocument.proof.proofValue.
  5. Let transformedData be the result of running the algorithm in Section 3.1.3 Transformation with unsecuredDocument, and cypherSuiteName, canonScheme, and hashName proofOptions passed as parameters.
  6. Let proofConfig be the result of running the algorithm in Section 3.1.2 Proof Configuration with options, cypherSuiteName, canonScheme, and hashName passed as parameters.
  7. Let hashData be the result of running the algorithm in Section 3.1.1 Hashing with transformedData, proofConfig, and hashName passed as a parameters.
  8. Let verified be the result of running the algorithm in Section 3.1.5 Proof Verification with hashData, proofBytes, proofConfig, and verifyFunc as parameters.
  9. Return a verification result with items:
    verified
    verified
    verifiedDocument
    unsecuredDocument if verified is true, otherwise Null

3.4 SLH-DSA Cryptosuites

The Stateless Hash-Based Digital Signature Standard defined in Stateless Hash-Based Digital Signature Standard [FIPS-205] defines parameter sets for three different claimed security strengths, optimized for size or speed, and a specified hash function family. This specification considers a subset of these parameter sets, optimized for smaller size, and based on the SHA2 hash function family, as shown in Table 6.

Table 6 SLH-DSA Signatures Summary, all sizes in bytes.
Name Security Private Key Public Key Signature
SLH-DSA-SHA2-128s Category 1 64 32 7856
SLH-DSA-SHA2-192s Category 3 96 48 16224
SLH-DSA-SHA2-256s Category 5 128 64 29792

Supporting both Universal RDF Dataset Canonicalization Algorithm [RDF-CANON], "rdfc", JSON Canonicalization Scheme [RFC8785], "jcs", and a maximum security category of 1, leads to the family of ML-DSA cryptosuites given in Table 7.

Table 7 Supported SLH-DSA Cryptosuites.
Name Canonizalization Signature/Verification Hash
slhdsa128-rdfc-2024 RDFC SLH-DSA-SHA2-128s SHA-256
slhdsa128-jcs-2024 JCS SLH-DSA-SHA2-128s SHA-256

3.4.1 Create Proof (SLH-DSA)

The following algorithm specifies how to create a data integrity proof given an unsecured data document and an SLH-DSA cryptosuite chosen from Table 7. The choice of cryptosuite sets the values of canonScheme, hashName, sigFunc, and verifyFunc as found in Table 7, for use in the algorithm below. Additional required inputs are an unsecured data document (map unsecuredDocument), and a set of proof options (map options). A data integrity proof (map), or an error, is produced as output.

  1. Let proof be a clone of the proof options, options.
  2. Let proofConfig be the result of running the algorithm in Section 3.1.2 Proof Configuration with options, the cypherSuiteName, canonScheme, and hashName passed as parameters.
  3. Let transformedData be the result of running the algorithm in Section 3.1.3 Transformation with unsecuredDocument, options, cypherSuiteName, canonScheme, and hashName passed as parameters.
  4. Let hashData be the result of running the algorithm in Section 3.1.1 Hashing with transformedData, proofConfig, and hashName passed as a parameters.
  5. Let proofBytes be the result of running the algorithm in Section 3.1.4 Proof Serialization with hashData, options, and sigFunc passed as parameters.
  6. Let proof.proofValue be a base64-url-encoded Multibase encoding of the proofBytes.
  7. Return proof as the data integrity proof.

3.4.2 Verify Proof (SLH-DSA)

The following algorithm specifies how to verify a data integrity proof given an secured data document. Required inputs are an secured data document (map securedDocument). This algorithm returns a verification result, which is a struct whose items are:

verified
true or false
verifiedDocument
Null, if verified is false; otherwise, an unsecured data document
  1. Let unsecuredDocument be a copy of securedDocument with the proof value removed.
  2. Let proofOptions be a copy of securedDocument.proof with proofValue removed.
  3. Set cryptosuiteName to securedDocument.proof.cypnersuite, it must be one of those listed in Table 7. From cryptosuiteName set the values of canonScheme, hashName, and verifyFunc per Table 7.
  4. Let proofBytes be the Multibase base64-url-decoded decoding of securedDocument.proof.proofValue.
  5. Let transformedData be the result of running the algorithm in Section 3.1.3 Transformation with unsecuredDocument, proofOptions, cypherSuiteName, canonScheme, and hashName passed as parameters.
  6. Let proofConfig be the result of running the algorithm in Section 3.1.2 Proof Configuration with options cypherSuiteName, canonScheme, and hashName passed as parameters.
  7. Let hashData be the result of running the algorithm in Section 3.1.1 Hashing with transformedData, proofConfig and hashName passed as a parameters.
  8. Let verified be the result of running the algorithm in Section 3.1.5 Proof Verification algorithm with hashData, proofBytes, proofConfig, and verifyFunc as parameters.
  9. Return a verification result with items:
    verified
    verified
    verifiedDocument
    unsecuredDocument if verified is true, otherwise Null

3.5 FALCON Cryptosuites

Editor's note

The [FALCON] signature algorithm is undergoing standardization by NIST. The information presented here is based on the Post-Quantum Cryptography Round 3 Submission information. This section will be updated when the NIST specification is issued.

[FALCON] is a lattice-based signature scheme. It stands for the following acronym: FAst Fourier Lattice-based COmpact signatures over NTRU. FALCON defines parameter sets for two different claimed security strengths. The claimed security strengths, private key, public key, and signature sizes are summarized in Table 8.

Table 8 FALCON Signatures Summary, all sizes in bytes.
Name Security Private Key Public Key Signature
FALCON-512 Category 1 1281 897 666
FALCON-1024 Category 5 2305 1793 1280
Editor's note

Private key size information from openquantumsafe.org.

Supporting both the Universal RDF Dataset Canonicalization Algorithm [RDF-CANON], "rdfc", the JSON Canonicalization Scheme [RFC8785], "jcs", and a maximum security category of 1, leads to the family of FALCON cryptosuites given in Table 9.

Table 9 Supported FALCON Cryptosuites.
Name Canonalization Signature/Verification Hash
falcon512-rdfc-2024 RDFC FALCON-512 SHA-256
falcon512-jcs-2024 JCS FALCON-512 SHA-256

3.5.1 Create Proof (FALCON)

The following algorithm specifies how to create a data integrity proof given an unsecured data document and a FALCON cryptosuite chosen from Table 9. The choice of cryptosuite sets the values of canonScheme, hashName, sigFunc, and verifyFunc per Table 9, which are used in the algorithm below. Additional required inputs are an unsecured data document (map unsecuredDocument), and a set of proof options (map options). A data integrity proof (map), or an error, is produced as output.

  1. Let proof be a clone of the proof options, options.
  2. Let proofConfig be the result of running the algorithm in Section 3.1.2 Proof Configuration with options, the cypherSuiteName, canonScheme, and hashName passed as parameters.
  3. Let transformedData be the result of running the algorithm in Section 3.1.3 Transformation with unsecuredDocument, options, the cypherSuiteName, canonScheme, and hashName passed as parameters.
  4. Let hashData be the result of running the algorithm in Section 3.1.1 Hashing with transformedData, proofConfig, and hashName passed as a parameters.
  5. Let proofBytes be the result of running the algorithm in Section 3.1.4 Proof Serialization with hashData, options, and sigFunc passed as parameters.
  6. Let proof.proofValue be a base64-url-encoded Multibase encoding of the proofBytes.
  7. Return proof as the data integrity proof.

3.5.2 Verify Proof (FALCON)

The following algorithm specifies how to verify a data integrity proof given an secured data document. Required inputs are an secured data document (map securedDocument). This algorithm returns a verification result, which is a struct whose items are:

verified
true or false
verifiedDocument
Null, if verified is false; otherwise, an unsecured data document
  1. Let unsecuredDocument be a copy of securedDocument with the proof value removed.
  2. Let proofOptions be a copy of securedDocument.proof with proofValue removed.
  3. Set cryptosuiteName to securedDocument.proof.cryptosuite, which must be one of those listed in Table 9. From cryptosuiteName, set the values of canonScheme, hashName, and verifyFunc, as found in Table 9.
  4. Let proofBytes be the Multibase decoded base64-url value in securedDocument.proof.proofValue.
  5. Let transformedData be the result of running the algorithm in Section 3.1.3 Transformation with unsecuredDocument, and cypherSuiteName, canonScheme, and hashName proofOptions passed as parameters.
  6. Let proofConfig be the result of running the algorithm in Section 3.1.2 Proof Configuration with options, cypherSuiteName, canonScheme, and hashName passed as parameters.
  7. Let hashData be the result of running the algorithm in Section 3.1.1 Hashing with transformedData, proofConfig, and hashName passed as a parameters.
  8. Let verified be the result of running the algorithm in Section 3.1.5 Proof Verification with hashData, proofBytes, proofConfig, and verifyFunc as parameters.
  9. Return a verification result with items:
    verified
    verified
    verifiedDocument
    unsecuredDocument if verified is true, otherwise Null

3.6 SQIsign Cryptosuites

Editor's note

The SQIsign signature algorithm has been submitted to NIST. SQIsign aims for very compact key and signature sizes. The information presented here is based on specification v2.01, 2025-07-07. This section will be updated as appropriate.

SQIsign relies on the hardness of a computational problem from number theory: computing the endomorphism ring of a supersingular elliptic curve, the endomorphism ring problem. SQIsign defines parameter sets for three different claimed security strengths. The claimed security strengths, private key, public key, and signature sizes are summarized in Table 10.

Table 10 SQIsign Signatures Summary, all sizes in bytes.
Name Security Private Key Public Key Signature
SQIsign-I Category 1 353 65 148
SQIsign-III Category 3 529 97 224
SQIsign-V Category 5 701 129 292

Supporting both the Universal RDF Dataset Canonicalization Algorithm [RDF-CANON], "rdfc", the JSON Canonicalization Scheme [RFC8785], "jcs", and a maximum security category of 1, leads to the family of SQIsign cryptosuites given in Table 11.

Table 11 Supported SQIsign Cryptosuites.
Name Canonalization Signature/Verification Hash
sqisign1-rdfc-2024 RDFC SQIsign-I SHA-256
sqisign1-jcs-2024 JCS SQIsign-I SHA-256

3.6.1 Create Proof (SQIsign)

The following algorithm specifies how to create a data integrity proof given an unsecured data document and a SQIsign cryptosuite chosen from Table 11. The choice of cryptosuite sets the values of canonScheme, hashName, sigFunc, and verifyFunc per Table 11, which are used in the algorithm below. Additional required inputs are an unsecured data document (map unsecuredDocument), and a set of proof options (map options). A data integrity proof (map), or an error, is produced as output.

  1. Let proof be a clone of the proof options, options.
  2. Let proofConfig be the result of running the algorithm in Section 3.1.2 Proof Configuration with options, the cypherSuiteName, canonScheme, and hashName passed as parameters.
  3. Let transformedData be the result of running the algorithm in Section 3.1.3 Transformation with unsecuredDocument, options, the cypherSuiteName, canonScheme, and hashName passed as parameters.
  4. Let hashData be the result of running the algorithm in Section 3.1.1 Hashing with transformedData, proofConfig, and hashName passed as a parameters.
  5. Let proofBytes be the result of running the algorithm in Section 3.1.4 Proof Serialization with hashData, options, and sigFunc passed as parameters.
  6. Let proof.proofValue be a base64-url-encoded Multibase encoding of the proofBytes.
  7. Return proof as the data integrity proof.

3.6.2 Verify Proof (SQIsign)

The following algorithm specifies how to verify a data integrity proof given an secured data document. Required inputs are an secured data document (map securedDocument). This algorithm returns a verification result, which is a struct whose items are:

verified
true or false
verifiedDocument
Null, if verified is false; otherwise, an unsecured data document
  1. Let unsecuredDocument be a copy of securedDocument with the proof value removed.
  2. Let proofOptions be a copy of securedDocument.proof with proofValue removed.
  3. Set cryptosuiteName to securedDocument.proof.cryptosuite, which must be one of those listed in Table 11. From cryptosuiteName, set the values of canonScheme, hashName, and verifyFunc, as found in Table 11.
  4. Let proofBytes be the Multibase decoded base64-url value in securedDocument.proof.proofValue.
  5. Let transformedData be the result of running the algorithm in Section 3.1.3 Transformation with unsecuredDocument, and cypherSuiteName, canonScheme, and hashName proofOptions passed as parameters.
  6. Let proofConfig be the result of running the algorithm in Section 3.1.2 Proof Configuration with options, cypherSuiteName, canonScheme, and hashName passed as parameters.
  7. Let hashData be the result of running the algorithm in Section 3.1.1 Hashing with transformedData, proofConfig, and hashName passed as a parameters.
  8. Let verified be the result of running the algorithm in Section 3.1.5 Proof Verification with hashData, proofBytes, proofConfig, and verifyFunc as parameters.
  9. Return a verification result with items:
    verified
    verified
    verifiedDocument
    unsecuredDocument if verified is true, otherwise Null

3.7 Selective Disclosure Cryptosuites for Quantum Safe Signatures

This section provides algorithms for a relatively efficient approach to enabling selective disclosure of a verifiable credential protected by a quantum safe signature algorithm. This approach utilizes a single quantum safe signature while sharing additional information concerning the cryptographic hashes of the processed claims. This contrasts with the approach taken in [VC-DI-ECDSA] selective disclosure where a short signature is given for each processed claim and no additional hashes are shared. This also contrasts with the approach in [VC-DI-BBS] where the underlying signature scheme supports multiple claims and only a single short signature is shared.

In all the approaches to selective disclosure mentioned above the same core set of selective disclosure processing functions contained in [VC-DI-ECDSA] are utilized which enables flexibility and efficiency in implementations. The approach taken here is roughly more efficient when a signature is longer than twice the size of the corresponding hash for a given security level, e.g., 64 bytes for security category 1 or 2. From Table 2 we can see that this condition is true for all signature algorithms currently considered in this specification.

Editor's note

The general selective disclosure functions in [VC-DI-ECDSA] are planned to be moved to an updated version of [VC-DATA-INTEGRITY].

Selective disclosure is enabled by the issuer creating a base proof as specified in section 3.7.1 Create Selective Disclosure Base Proof. The issuer can specify that certain claims are mandatory, i.e., have to be revealed to the verifier. The holder on receiving the issued verifiable credential with the base proof, uses it to create a related verifiable credential whose claims are a selected subset of claims from the received document. This is done with the algorithm of section 3.7.5 Add Derived Proof Selective Disclosure. Finally the verifier uses the algorithm of section 3.7.9 Verify Derived Proof Selective Disclosure to verify the selectively disclosed verifiable credential.

The selective disclosure cryptosuites defined in this specification are listed in Table 12. Note that all selective disclosure cryptosuites utilize the advanced features of [RDF-CANON].

Table 12 Cryptosuites.
Name Signature Algorithm Signature Length
mldsa44-sd-2024 ML-DSA-44 2420
slhdsa128-sd-2024 SLH-DSA-SHA2-128s 7856
falcon512-sd-2024 FALCON-512 666

3.7.1 Create Selective Disclosure Base Proof

The following algorithm specifies how to create a data integrity proof given an unsecured data document. Required inputs are an unsecured data document (map unsecuredDocument), and a set of proof options (map options). A data integrity proof (map), or an error, is produced as output.

  1. Let proof be a clone of the proof options, options.
  2. Let proofConfig be the result of running the algorithm in Section 3.1.2 Proof Configuration with options passed as a parameter.
  3. Let transformedData be the result of running the algorithm in Section 3.7.2 Base Proof Transformation Selective Disclosure with unsecuredDocument, proofConfig, and options passed as parameters.
  4. Let hashData be the result of running the algorithm in Section 3.7.3 Base Proof Hashing Selective Disclosure with transformedData and proofConfig passed as a parameters.
  5. Let proofBytes be the result of running the algorithm in Section 3.7.4 Base Proof Serialization Selective Disclosure with hashData and options passed as parameters.
  6. Let proof.proofValue be a base64-url-encoded Multibase value of the proofBytes.
  7. Return proof as the data integrity proof.

3.7.2 Base Proof Transformation Selective Disclosure

The following algorithm specifies how to transform an unsecured input document into a transformed document that is ready to be provided as input to the hashing algorithm in Section 3.7.3 Base Proof Hashing Selective Disclosure.

Required inputs to this algorithm are an unsecured data document (unsecuredDocument) and transformation options (options). The transformation options MUST contain a type identifier for the cryptographic suite (type), a cryptosuite identifier (cryptosuite), and a verification method (verificationMethod). The transformation options MUST contain an array of mandatory JSON pointers (mandatoryPointers) and MAY contain additional options, such as a JSON-LD document loader. A transformed data document is produced as output. Whenever this algorithm encodes strings, it MUST use UTF-8 encoding.

  1. Initialize hmac to an HMAC API using a locally generated and exportable HMAC key. The HMAC uses the same hash algorithm used in the signature algorithm, which is detected via the verificationMethod provided to the function, i.e., SHA-256 for a security category 1 or 2 signature algorithm. Per the recommendations of [RFC2104], the HMAC key MUST be the same length as the digest size; for SHA-256, this is 256 bits or 32 bytes.
  2. Initialize labelMapFactoryFunction to the result of calling the algorithm of Section 3.4.4 createHmacIdLabelMapFunction of [VC-DI-ECDSA], passing hmac.
  3. Initialize groupDefinitions to a map with an entry with a key of the string "mandatory" and a value of mandatoryPointers.
  4. Initialize groups to the result of calling the algorithm in Section 3.3.16 canonicalizeAndGroup of the [VC-DI-ECDSA] specification, passing labelMapFactoryFunction, groupDefinitions, unsecuredDocument as document, and any custom JSON-LD API options. Note: This step transforms the document into an array of canonical N-Quads with pseudorandom blank node identifiers based on hmac, and groups the N-Quad strings according to selections based on JSON pointers.
  5. Initialize mandatory to the values in the groups.mandatory.matching map.
  6. Initialize nonMandatory to the values in the groups.mandatory.nonMatching map.
  7. Initialize hmacKey to the result of exporting the HMAC key from hmac.
  8. Return an object with mandatoryPointers set to mandatoryPointers, mandatory set to mandatory, nonMandatory set to nonMandatory, and hmacKey set to hmacKey.

3.7.3 Base Proof Hashing Selective Disclosure

The following algorithm specifies how to cryptographically hash a transformed data document and proof configuration into cryptographic hash data that is ready to be provided as input to the algorithms in Section 3.7.4 Base Proof Serialization Selective Disclosure.

The required inputs to this algorithm are a transformed data document (transformedDocument) and canonical proof configuration (canonicalProofConfig). A hash data value represented as an object is produced as output.

  1. Initialize proofHash to the result of calling the RDF Dataset Canonicalization algorithm [RDF-CANON] on canonicalProofConfig and then cryptographically hashing the result using the same hash that is used by the signature algorithm, i.e., SHA-256 for a security category 1 or 2 algorithms. Note: This step can be performed in parallel; it only needs to be completed before this algorithm terminates as the result is part of the return value.
  2. Initialize mandatoryHash to the result of calling the the algorithm in Section 3.3.17 hashMandatoryNQuads of the [VC-DI-ECDSA] specification, passing transformedDocument.mandatory.
  3. Initialize hashData as a deep copy of transformedDocument and add proofHash as proofHash and mandatoryHash as mandatoryHash to that object.
  4. Initialize salts as an empty array. For each nonMandatory item in the transformedDocument create a cryptographically secure random number of byte length half the size of the hash length, e.g., for security category 1 or 2 using SHA-256 the length of each salt would be 16 bytes.
  5. Initialize saltedHashes as an empty array. For each nonMandatory item in the transformedDocument compute the appropriate hash (SHA-256 for security category 1 or 2 signature algorithms) over the concatenation of each salt and its corresponding nonMandatory item. Add this hash value to the saltedHashes array.
  6. Add salts as salts and saltedHashes as saltedHashes to the hashData object.
  7. Return hashData as hash data.
Editor's note

To do: provide background on cryptographic random number generation in the security considerations section. For example cite appropriate references such as NIST SP-800-90A,B,C documents and/or BSI AIS 20 and AIS 31 documents.

3.7.4 Base Proof Serialization Selective Disclosure

The following algorithm specifies how to create a base proof; called by an issuer of an Quantum-Safe-SD-protected Verifiable Credential. The base proof is to be given only to the holder, who is responsible for generating a derived proof from it, exposing only selectively disclosed details in the proof to a verifier. This algorithm is designed to be used in conjunction with the algorithms defined in the Data Integrity [VC-DATA-INTEGRITY] specification, Section 4: Algorithms. Required inputs are cryptographic hash data (hashData) and proof options (options). The proof options MUST contain a type identifier for the cryptographic suite (type) and MAY contain a cryptosuite identifier (cryptosuite). A single digital proof value represented as series of bytes is produced as output.

  1. Initialize proofHash, mandatoryPointers, mandatoryHash, salts, saltedHashes, and hmacKey to the values associated with their property names hashData.
  2. Initialize toSign the hash of the concatenation of proofHash, mandatoryHash, salts, and saltedHashes where the order of the concatenation MUST be followed. The cryptographic hash algorithm is that specified for signature algorithm in Table 3, e.g., SHA-256 for a security category 1 or 2 algorithms.
  3. Initialize signature to the result of digitally signing toSign using the private key associated with the base proof verification method.
  4. Initialize a byte array, proofValue, that starts with the Quantum-Safe-SD base proof header bytes 0xd9, 0x5d, and 0x10.
  5. Initialize components to an array with five elements containing the values of: signature, hmacKey, salts, saltedHashes, and mandatoryPointers.
  6. CBOR-encode components per [RFC8949] where CBOR tagging MUST NOT be used on any of the components. Append the produced encoded value to proofValue.
  7. Initialize baseProof to a string with the Multibase base64url-no-pad-encoding of proofValue as described in the Multibase section of Controlled Identifiers v1.0. That is, return a string starting with "u" and ending with the base64url-no-pad-encoded value of proofValue.
  8. Return baseProof as base proof.
Editor's note

The Quantum-Safe-SD base proof header bytes 0xd9, 0x5d, and 0x10 were chosen to not collide with any of the [VC-DI-ECDSA] or [VC-DI-BBS] values. They are currently tentative.

3.7.5 Add Derived Proof Selective Disclosure

The following algorithm creates a selective disclosure derived proof; called by a holder of an Quantum-Safe-SD protected verifiable credential. The derived proof is to be given to the verifier. The inputs include a JSON-LD document (document), Quantum-Safe-SD base proof (proof), an array of JSON pointers to use to selectively disclose statements (selectivePointers), and any custom JSON-LD API options, such as a document loader. A single selectively revealed document value, represented as an object, is produced as output.

  1. Initialize signature, salts, saltedHashes, labelMap, mandatoryIndexes, selectiveIndexes and revealDocument to the values associated with their property names in the object returned when calling the algorithm in Section 3.7.6 Derived Proof: Create Disclosure Data, passing the document, proof, selectivePointers, and any custom JSON-LD API options, such as a document loader.
  2. Initialize newProof to a shallow copy of proof.
  3. Replace proofValue in newProof with the result of calling the algorithm in Section 3.7.8 Serialize Derived Proof Value, passing signature, publicKey, signatures, labelMap, and mandatoryIndexes.
  4. Set the value of the "proof" property in revealDocument to newProof.
  5. Return revealDocument as the selectively revealed document.

3.7.6 Derived Proof: Create Disclosure Data

The following algorithm creates data to be used to generate a derived proof. The inputs include a JSON-LD document (document), an Quantum-Safe-SD base proof (proof), an array of JSON pointers to use to selectively disclose statements (selectivePointers), and any custom JSON-LD API options, such as a document loader). A single object, disclosure data, is produced as output, which contains the "signature", "salts", "saltedHashes", "labelMap", "mandatoryIndexes", "selectiveIndexes" and "revealDocument" fields.

  1. Initialize signature, hmacKey, salts, saltedHashes, and mandatoryPointers to the values of the associated properties in the object returned when calling the algorithm in Section 3.7.7 Derived Proof: Parse Base, passing the proofValue from proof.
  2. Initialize hmac to an HMAC API using hmacKey. The HMAC uses the same hash algorithm used in the signature algorithm, i.e., SHA-256 for a security category 1 or 2 algorithm.
  3. Initialize labelMapFactoryFunction to the result of calling the algorithm of Section 3.4.4 createHmacIdLabelMapFunction of [VC-DI-ECDSA], passing hmac.
  4. Initialize combinedPointers to the concatenation of mandatoryPointers and selectivePointers.
  5. Initialize groupDefinitions to a map with the following entries: key of the string "mandatory" and value of mandatoryPointers, key of the string "selective" and value of selectivePointers, and key of the string "combined" and value of combinedPointers.
  6. Initialize groups and labelMap to their associated values in the result of calling the algorithm in Section 3.3.16 canonicalizeAndGroup of the [VC-DI-ECDSA] specification, passing document, labelMapFactoryFunction, groupDefinitions, and any custom JSON-LD API options as parameters. Note: This step transforms the document into an array of canonical N-Quad strings with pseudorandom blank node identifiers based on hmac, and groups the N-Quad strings according to selections based on JSON pointers.
  7. Compute the mandatory indexes. Initialize relativeIndex to zero.
  8. Initialize mandatoryIndexes to an empty array.
  9. For each absoluteIndex in the keys in groups.combined.matching, convert the absolute index of any mandatory N-Quad to an index relative to the combined output that is to be revealed:
    1. If groups.mandatory.matching has absoluteIndex as a key, then append relativeIndex to mandatoryIndexes.
    2. Increment relativeIndex.
  10. Compute the selective indexes. Initialize relativeIndex to zero.
  11. Initialize selectiveIndexes to an empty array.
  12. For each absoluteIndex in the keys in groups.combined.matching, convert the absolute index of any selective N-Quad to an index relative to the combined output that is to be revealed:
    1. If groups.selective.matching has absoluteIndex as a key, then append relativeIndex to selectiveIndexes.
    2. Increment relativeIndex.
  13. Initialize revealDocument to the result of the calling the algorithm in 3.4.13 selectJsonLd of [VC-DI-ECDSA], passing document, and combinedPointers as pointers.
  14. Run the RDF Dataset Canonicalization Algorithm [RDF-CANON] on the joined |combinedGroup.deskolemizedNQuads|, passing any custom options, and get the canonical bnode identifier map, canonicalIdMap. Note: This map includes the canonical blank node identifiers that a verifier will produce when they canonicalize the reveal document.
  15. Initialize verifierLabelMap to an empty map. This map will map the canonical blank node identifiers the verifier will produce when they canonicalize the revealed document to the blank node identifiers that were originally signed in the base proof.
  16. For each key (inputLabel) and value (verifierLabel) in canonicalIdMap:
    1. Add an entry to verifierLabelMap using verifierLabel as the key and the value associated with inputLabel as a key in labelMap as the value.
  17. Return an object with properties matching signature, salts, saltedHashes, verifierLabelMap for labelMap, mandatoryIndexes, selectiveIndexes, and revealDocument.

3.7.7 Derived Proof: Parse Base

The following algorithm parses the components of an Quantum Safe selective disclosure base proof value. The required inputs are a proof value (proofValue). A single object parsed base proof, containing five elements, using the names signature, hmacKey, salts saltedHashes, and mandatoryPointers, is produced as output.

  1. If the proofValue string does not start with u, indicating that it is a multibase-base64url-no-pad-encoded value, an error MUST be raised and SHOULD convey an error type of PROOF_VERIFICATION_ERROR.
  2. Initialize decodedProofValue to the result of base64url-no-pad-decoding the substring after the leading u in proofValue.
  3. If the decodedProofValue does not start with the Quantum-Safe-SD base proof header bytes 0xd9, 0x5d, and 0x10, an error MUST be raised and SHOULD convey an error type of PROOF_VERIFICATION_ERROR.
  4. Initialize components to an array that is the result of CBOR-decoding the bytes that follow the three-byte Quantum-Safe-SD base proof header. Confirm that the result is an array of five elements.
  5. Return an object with properties set to the five elements, using the names signature, hmacKey, salts, saltedHashes, and mandatoryPointers, respectively.

3.7.8 Serialize Derived Proof Value

The following algorithm serializes a Quantum-Safe-SD derived proof value. The required inputs are a base signature (signature), an array of salts (salts), an array of salted hashes (saltedHashes), a label map (labelMap), an array of mandatory indexes (mandatoryIndexes). and an array of selective indexes (selectiveIndexes). A single derived proof value, serialized as a byte string, is produced as output.

  1. Initialize compressedLabelMap to the result of calling the algorithm in Section 3.5.5 compressLabelMap of [VC-DI-ECDSA], passing labelMap as the parameter.
  2. Initialize a byte array, proofValue, that starts with the Quantum-Safe-SD disclosure proof header bytes 0xd9, 0x5d, and 0x11.
  3. Initialize components to an array with six elements containing the values of: signature, salts, saltedHashes, compressedLabelMap, mandatoryIndexes, selectiveIndexes.
  4. CBOR-encode components per [RFC8949] where CBOR tagging MUST NOT be used on any of the components. Append the produced encoded value to proofValue.
  5. Return the derived proof as a string with the base64url-no-pad-encoding of proofValue as described in the Multibase section of Controlled Identifiers v1.0. That is, return a string starting with "u" and ending with the base64url-no-pad-encoded value of proofValue.
Editor's note

The Quantum-Safe-SD disclosure proof header bytes 0xd9, 0x5d, and 0x11 were chosen to not conflict with values used by [VC-DI-ECDSA] and [VC-DI-BBS] and are tentative.

3.7.9 Verify Derived Proof Selective Disclosure

The following algorithm attempts verification of an Quantum-Safe-SD derived proof. This algorithm is called by a verifier of an Quantum-Safe-SD protected verifiable credential. The inputs include a JSON-LD document (document), a Quantum-Safe-SD disclosure proof (proof), and any custom JSON-LD API options, such as a document loader. This algorithm returns a verification result:

  1. Let unsecuredDocument be a copy of document with the proof value removed.
  2. Initialize signature, proofHash, salts, saltedHashes, nonMandatory, mandatoryHash, and selectiveIndexes to the values associated with their property names in the object returned when calling the algorithm in Section 3.7.10 Create Verify Data, passing the document, proof, and any custom JSON-LD API options, such as a document loader.
  3. If the length of salts does not match the length of saltedHashes, an error MUST be raised and SHOULD convey an error type of PROOF_VERIFICATION_ERROR, indicating that the salt count does not match the salted hashes count.
  4. The values of the elements of the selectiveIndexes array must be between 0 and the length of the salts array minus one. If not, an error MUST be raised and SHOULD convey an error type of PROOF_VERIFICATION_ERROR, indicating that the selective indexes are out of bounds.
  5. Initialize toVerify to the byte concatenation of the values: proofHash, mandatoryHash, salts, and saltedHashes in that order with the array values themselves concatenated together.
  6. Initialize verified to true.
  7. Initialize verificationCheck be the result of applying the verification algorithm of the appropriate Quantum Safe signature algorithms as indicated by the "cryptosuite" property and Table 12, with toVerify as the data to be verified against the signature. If verificationCheck is false, set verified to false.
  8. For every entry (nq, index) in nonMandatory, verify the salted hash for every selectively disclosed (non-mandatory) statement:
    1. Let computedHash be the hash of the concatenation of salts[selectiveIndexes[index]] and nq.
    2. Initialize verificationCheck to the result of comparing the computedHash with the value of saltedHashes[selectedIndexes[index]].
    3. If verificationCheck is false, set verified to false.
  9. Return a verification result with items:
    verified
    The value of verified
    verifiedDocument
    unsecuredDocument if verified is true, otherwise Null

3.7.10 Create Verify Data

The following algorithm creates the data needed to perform verification of an Quantum-Safe-SD protected verifiable credential. The inputs include a JSON-LD document (document), an Quantum-Safe-SD disclosure proof (proof), and any custom JSON-LD API options, such as a document loader. A single verify data object value is produced as output containing the following fields: "signature", "proofHash", "salts", "saltedHashes", "nonMandatory", "mandatoryHash", and "selectiveIndexes".

  1. Initialize proofHash to the result of perform RDF Dataset Canonicalization [RDF-CANON] on the proof options. The hash used is the same as the one used in the signature algorithm, i.e., SHA-256 for security category 1 or 2 algorithms. Note: This step can be performed in parallel; it only needs to be completed before this algorithm needs to use the proofHash value.
  2. Initialize signature, salts, saltedHashes, labelMap, mandatoryIndexes, and selectiveIndexes to the values associated with their property names in the object returned when calling the algorithm in Section 3.7.11 Parse Derived Proof Value, passing proofValue from proof.
  3. Initialize labelMapFactoryFunction to the result of calling the algorithm of Section 3.4.3 createLabelMapFunction of [VC-DI-ECDSA].
  4. Initialize nquads to the result of calling the algorithm of Section 3.4.2 labelReplacementCanonicalizeJsonLd of [VC-DI-ECDSA], passing document, labelMapFactoryFunction, and any custom JSON-LD API options. Note: This step transforms the document into an array of canonical N-Quads with pseudorandom blank node identifiers based on labelMap.
  5. Initialize mandatory to an empty array.
  6. Initialize nonMandatory to an empty array.
  7. For each entry (index, nq) in nquads, separate the N-Quads into mandatory and non-mandatory categories:
    1. If mandatoryIndexes includes index, add nq to mandatory.
    2. Otherwise, add nq to nonMandatory.
  8. Initialize mandatoryHash to the result of calling the algorithm of Section 3.4.17 hashMandatoryNQuads of [VC-DI-ECDSA], passing mandatory.
  9. Return an object with properties matching signature, proofHash, salts, saltedHashes, nonMandatory, mandatoryHash, and selectiveIndexes.

3.7.11 Parse Derived Proof Value

The following algorithm parses the components of the derived proof value. The required input is a derived proof value (proofValue). A single derived proof value value object is produced as output, which contains a set to six elements, using the names "signature", "salts", "saltedHashes", "labelMap", "mandatoryIndexes", and "selectiveIndexes".

  1. If the proofValue string does not start with u, indicating that it is a multibase-base64url-no-pad-encoded value, an error MUST be raised and SHOULD convey an error type of PROOF_VERIFICATION_ERROR.
  2. Initialize decodedProofValue to the result of base64url-no-pad-decoding the substring after the leading u in proofValue.
  3. If the decodedProofValue does not start with the Quantum-Safe-SD disclosure proof header bytes 0xd9, 0x5d, and 0x11, an error MUST be raised and SHOULD convey an error type of PROOF_VERIFICATION_ERROR.
  4. Initialize components to an array that is the result of CBOR-decoding the bytes that follow the three-byte Quantum-Safe-SD disclosure proof header. If the result is not an array of the following six elements — a byte array of length corresponding to the signature size; an array of byte arrays, each of length appropriate to the salt size; an array of byte arrays, each of length corresponding to the hash size; a map of integers to byte arrays, each of length 32; an array of integers; and another array of integers — an error MUST be raised and SHOULD convey an error type of PROOF_VERIFICATION_ERROR.
  5. Replace the fourth element in components using the result of calling the algorithm in Section 3.5.6 decompressLabelMap of [VC-DI-ECDSA], passing the existing fourth element of components as compressedLabelMap.
  6. Return derived proof value as an object with properties set to the five elements, using the names "signature", "salts", "saltedHashes", "labelMap", "mandatoryIndexes", and "selectiveIndexes" respectively.
Editor's note

Should we also mention additional checks on the values of salts, saltedHashes, mandatoryIndexes, and selectiveIndexes? In particular, the length of the the salts and saltedHashes must be the same. The all elements of the mandatoryIndexes and selectiveIndexes should be in the range of 0 to the length of salts. There should not be repeated items in the mandatoryIndexes and selectiveIndexesArrays. Also the elements of each of these arrays should be increasing order. Note that the minimal additional checks appear in 3.7.9 Verify Derived Proof Selective Disclosure.

4. Security Considerations

This section is non-normative.

Before reading this section, readers are urged to familiarize themselves with general security advice provided in the Security Considerations section of the Data Integrity specification.

The following section describes security considerations that developers implementing this specification should be aware of in order to create secure software or protocols based on verifiable credentials signed using the cryptosuites defined here.

4.1 Signature Security Properties

All signature suites in this specification are designed to satisfy either existential unforgeability under chosen-message attacks (EUF-CMA) or strong unforgeability under chosen message attacks (SUF-CMA) or both as defined below.

EUF-CMA (existential unforgeability under chosen message attacks) is usually the minimal security property required of a signature scheme. It guarantees that any efficient adversary who has the public key p k of the signer and received an arbitrary number of signatures on messages of its choice (in an adaptive manner): { m i , σ i } i = 1 N , cannot output a valid signature σ for a new message m { m i } i = 1 N (except with negligible probability). If the attacker outputs a valid signature on a new message: ( m , σ ) , it is called an existential forgery.

SUF-CMA (strong unforgeability under chosen message attacks) is a stronger notion than EUF-CMA. It guarantees that for any efficient adversary who has the public key p k of the signer and received an arbitrary number of signatures on messages of its choice: { m i , σ i } i = 1 N , it cannot output a new valid signature pair ( m , σ ) , such that ( m , σ ) { m i , σ i } i = 1 N (except with negligible probability). Strong unforgeability implies that an adversary not only cannot sign new messages, but also cannot find a new signature on an old message. See [Provable_Ed25519] for a real world attack that would have been circumvented with SUF-CMA security over EUF-CMA security.

Besides EUF-CMA and SUF-CMA there are additional properties a digital signature scheme can possess that may be essential for overall software or protocol security depending on the application. These are discussed in [BUFF], which is also referenced by [FIPS-204] and [FIPS-205]. These additional properties are defined in [BUFF] as: exclusive ownership, message-bound signatures, and non re-signability.

Exclusive Ownership (EO): the property that a signature only verifies under a single public key. Without this property a system could be vunerable to an attack that allows constructing another key pair under which a given signature verifies, but never breaks the EUF-CMA property. Such an attack is documented in both [BUFF] and in [Provable_Ed25519] where it is called a "key substitution attack".

Message-Bound Signatures (MBS): the property that a signature is only valid for a unique message. This property is key for data integrity and all signature schemes chosen here currently support it. From [BUFF]: "A possible cause can be the presence of weak keys that verify multiple or even all messages. The absence of this property can lead to problems in protocols that depend on uniqueness properties in the presence of adversarially chosen keys."

Non Re-signability (NR): meaning that one cannot produce a signature under another key given a signature for some unknown message m, i.e., that an adversary cannot produce a legitimate signature verifying under its public key for a message it does not know. See [BUFF] for an example of a system that could be vulnerable without this property.

In Table 13 we summarize the known security properties of the signature schemes in this specification.

Table 13 Security Properties of Signature Schemes.
Name EUF-CMA SUF-CMA EO MBS NR
ML-DSA Yes Yes Yes Yes Yes
SLH-DSA Yes No Unknown Yes Unknown
FALCON* Yes No No Yes No
SQIsign Yes No Yes Yes Yes
Note

Note*: This is based on the "third round FALCON" currently used hear and according to [BUFF] will be updated when FIPS-206 is released.

5. Privacy Considerations

Before reading this section, readers are urged to familiarize themselves with general privacy advice provided in the Privacy Considerations section of the Data Integrity specification.

The following section describes privacy considerations that developers implementing this specification should be aware of in order to avoid violating privacy assumptions.

5.1 Selective and Unlinkable Disclosure

The cryptographic suites described in this specification do not support selective disclosure or unlinkable disclosure. If selective disclosure is a desired feature, readers might find the Data Integrity ECDSA Cryptosuites v1.0 specification useful. If unlinkable disclosure is of interest, the Data Integrity BBS Cryptosuites v1.0 specification provides an unlinkable digital signature mechanism.

Editor's note

A relatively efficient selective, but not unlinkable, disclosure mechanism can be created by combining the selective disclosure functions defined in Data Integrity ECDSA Cryptosuites v1.0 with the "salted hash" approach of SD-JWT, if there is sufficient interest.

A. Test Vectors

This section is non-normative.

A.1 Test Vector Common Inputs

Inputs used in two or more test vectors are given in this section. They include the unsigned document, general proof options, and cryptographic keys.

A.1.1 Unsecured Data Document

The common unsecured data document used for generating all test vectors that require this input is given below.

Example 1: Unsigned Document 
{
    "@context": [
      "https://www.w3.org/ns/credentials/v2",
      "https://w3id.org/citizenship/v4rc1"
    ],
    "type": [
      "VerifiableCredential",
      "EmploymentAuthorizationDocumentCredential"
    ],
    "issuer": {
      "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
      "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
    },
    "credentialSubject": {
      "type": [
        "Person",
        "EmployablePerson"
      ],
      "givenName": "JOHN",
      "additionalName": "JACOB",
      "familyName": "SMITH",
      "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==",
      "gender": "Male",
      "residentSince": "2015-01-01",
      "birthCountry": "Bahamas",
      "birthDate": "1999-07-17",
      "employmentAuthorizationDocument": {
        "type": "EmploymentAuthorizationDocument",
        "identifier": "83627465",
        "lprCategory": "C09",
        "lprNumber": "999-999-999"
      }
    },
    "name": "Employment Authorization Document",
    "description": "Example Employment Authorization Document.",
    "validFrom": "2019-12-03T00:00:00Z",
    "validUntil": "2029-12-03T00:00:00Z"
  }

A.1.2 Proof Options

A general template for the proof options used by test vectors that require this input is given below.

Example 2: Proof Options (general) 
{
   "type": "DataIntegrityProof",
   "cryptosuite": "Crytosuite name to be specified here",
   "created": "2023-02-24T23:36:38Z",
   "verificationMethod": "did:key value for issuer public key here",
   "proofPurpose": "assertionMethod"
}

For each specific test case the cryptosuite and verificationMethod fields need to be set. For example, for the slhdsa128-rdfc-2024 cryptosuite using the appropriate public key information from section A.1.3 Example Cryptographic Keys the specific proof options is given below.

Example 3: Proof Options (slhdsa128-rdfc-2024 example) 
{
  "type": "DataIntegrityProof",
  "cryptosuite": "slhdsa128-rdfc-2024",
  "created": "2023-02-24T23:36:38Z",
  "verificationMethod": "did:key:uoCRINKVf8moX85R6JlvEIQk6Yp0uhjOB-Pn21k9wfPLpWw",
  "proofPurpose": "assertionMethod"
}

A.1.3 Example Cryptographic Keys

Cryptographic keys for used to generate output for specific signature suites are given below. This includes public and private (secret) keys in hexadeximal format and the public key as a publicKeyMultibase.

Example 4: Private and Public keys for ML-DSA-44 
{
  "mldsa44": {
    "publicKeyHex": "4a0ed63c0e8fdd5f3606cae5fb058fb574360ce05b928b0d2015d3be7895c51f47aa96de3f08fe2c108486033365283ccba54256a089d1cb05cea5dec50a9fd00090252fb891a3871ea4a873865abcc6deaa7798e485817db4d1fccf74460e5f5aba7372ff4e9f58b60d49c59de51986838e8fa3c4fe9088cc32425fb5aaaa65c183c64b69bbd12dd9b9da64cc782bdf18c86d6ead4a4cf6582f95d820daabfee970ab9b6b97949f54f87378c6d40a9f8520fb9c4fc1b84f191da96dc052713168b64841a8b7367902cbeb33eeb5617cdec4996ce843ff5d418cc91e88bc896cc787088873e460c86cf92c10521a4a1a3731d168e5fa50f10668a828addc99f875d7ee4a17c8a0b5351f0e44674c418aa394edef9320d77bfbb1ec8072e660c1a7a6a9639b5a2dddcddc7da958b20f3b590b92b1c3bb5cd1f71306be72053a0678f54869f4a654f2e98abe1b153c5d404fc2c2bf2282096d7582d140fdedcf54629362662d3e1029db07e639fd233c6ae31fa0879aa7f6ee00e757949666729f313425c8e7d00df7ef7a49d864b392fe266b042f3ca30208ea371f19b7728f15cda34b03630d50b57c46bc15d0dd0d3dd636417a293b7ae656f9fda224161db49cebd3ee420970a4e09a14463496601923d855b332a5a42869a73c76d128423bd88273beaccfd172c89630735cdbd6ebde8e707622d776beb73285f59445aefd31c17de3f526ec6b49b5261ce0727a959bb9b6d23388954084c2c411d94f4323d9b5b02317779d951a8f379bc849ec7e2b55d35929ce53bb6f3636bb14b3ca99539117e9a5cffb607d32d0f1da820c347085cd4a1ef7c15a8d666ce6271e56d3f6a4aefcb9a12cfd641d48a36a7f7d3c7389b79fc0eef4d1b52a6c4955ff2b828c3ec427f1dfa9ba20f34cbf83d4caea4a17ef0630a85350c4155abca0be1db713ef23ddbf3b3d8650b630d5824f75bb81581e62be001606d5f4480c707d06b490ca630f2f92907fbd3b1a493199023dd334a6a50308863b9d15026179b649c5f7a90ead698d2f431d9178679b5bd7803a4febc6ccb78af642bfa135d278b37fe7aa64836139d9440e2a8d78eb80a41f3b5f6dc6dd2d5fb2e27c4d466756d0c92ecda87597c8c121c3afc5f2973fb52d7a561bc93bf14cec25f9d662cb90b08697b0ec99b9c422c5545bdaa50b16fa6e3e775328a34d876eeae2d95bd248484d81e047afc73c03bbd5067093c7989622d6b45000ffff8c7f7b1a2402f05be474011f2aa73057d8c06c13d03c6ea552404b7288a3811dc173077eb5af76a1e666729a09f7b3f3cc16c22fe36ba692761c743548cb185a83ef7994e665ceba6010343fd61f4f8859d114223f6831078b274ef3052343ade90da7434a790ccc665aa21a08a5b9debaa7d7a0155d07aa0b64c98e56e303db02ea9afc184198d8e414804996bb91a69ce4b3d65358edf347272a4286789e23f872622cb4eaaa2e529a07039cff214b5fcd9a0c206d3226219452917d049bd80a10c4082a9a50cd645a73b9b4a7288522aae47ab0bbf1160d1605dad8fb8a04a2999912e0fb6ce35b6ef2721a564e44933017f60091d845f72e4f3af662314b2052dccc86fcda2d3dc6e6eae5c39ff6245796741e4c54c58440f61206f9484a84add539a1d93fc19c40df27a0e31ad829cf776d3c5fa1cece5225c6ced245bce9a54b3f7c73757913a094dcbeda82561a6a3ec4ecb441de384ed6344bf6d886eea21fa8a7af1dfeca7712ad6171122628b2f6090f86414b2ad5e1de94b1f78d487612d0e0d3b1d3eacf84984de96865b231f175b3edfc4b5e53722ebdecf6da7e436e5fd6f4c8ae640b",
    "secretKeyHex": "4a0ed63c0e8fdd5f3606cae5fb058fb574360ce05b928b0d2015d3be7895c51f2e39354028474102fa86be058cd02940e7b26be707a2e7c13aca80b2bbd8b8d1d07b6766ddf790564d3b98ad67640fda16e2a327e981afe0673a7f5a10919fcd25304bdfa13df88ed552e32896e159db019acb23590d2cca0fae597bffe1b36614010053a69083008d0b4249e28829d8c68552800804296d64b485409445484031e24492534892643272d1402d9b067104b070a2b82521b1511b998c0c088a0b482d9b266a62a27004b00c24482e0834210413001a2329e3842904350464126ddca66120b2080ab94c1b394a420480c22489c3b851220990d1c630202924092286c8408a9984000b8145da06290ab145908828e10884caa06c9a460803b4255b46828304851a4501223410d414298836324cc400a2964803c30990400c0c39069c869094182210c54c608841113241020145cca8848a024918a200e3824d4236660a066e23424402a6655b308019b62901166a2031091ba401190311802881d2802090c64de208651ba60454c8645bc631ca326699028ce326819884809cb484da2202043512d3c83121274c99c069c0468951128ca3106cd00489e2188518252148028e5ba80000300a0828015c820821194a41048a63408e99b48dd9222019102193c89108b28ddb840123b8444224700991412191290081085a200152102ec82811e346322035291a3346214906cb286c2327881b492918a54d92b488c002729234888a384283208a901840a3344e2248249344661cc349a1c410db020ce0220d8ac43041823114233213384a6112889aa40c02492dc14441cb966112368a40a2700c0709c842919120521839011b4669013244dcb89008212e53c091d2c4314c2046da3226ca204e438200c9b26dd89285d89490ca988c89c2684cb228842244114529cb4645c23846a1384a1b426d4a106de1926cdb2069d8182edc1211840284c49661d9a43162c02d43842d9a124d0ac12551202e61024021a848d0b80008012808181120c151d03486d34229c1286a1b00014346490098645340619c3260593082e228222287308b064802c66902114648846c083290a0c030104409dc348a4aa650c2928ce122908b362a10002a51b80d18492a0a21298c4230a4068e98420e1ac12501c93153222440086123c760e1103102c1205c341242386c24164e139424949205193408d94292e4c0442217461c408dc1021158c229a3c26552c872a9781e87970f539a3aa15e844ededa801e2fded4fdf54cd907ee3125287165e571ad52a2f7ea218d5c567f87642e64823ac57c4070f49ed557da35d0649ab7fd3f67194345932366e823ea13f18b44a00531482e805a813da0dd3e6834bc830647f62b81dfc94cee5861fdc6bc14e18b53f08895ae51ac5296a195f1419b7032931df15ec0a1f42c86a83b9de895b7b8361d307417f343a688e72ab677107eb496b63a781cdd1336c247d36b0c5f741a22553090e7597c0f1c150b1372da117e33d2d72890c67cfc08892b1c79d25cb737fd3c7b58c1f4b759f75e44e839f21785e1222973507e44a2c3d60551ccaed3d94d84fc488abc4d62d501dcda25fcb9b0b1b6b04f5794896880c63321a1aea08a0f3b67e0cb55efd12e2be0ec7c3e609b3086245245b2ccc1c41ff3afa7b6c706da5a460cfd13ce1fcc139b6bc82d0d69f754c03c0df310683f7bb23d2aeeee210dc0ca5778cb67eaa3422e0616613660e86f3db94d561c950fbcc3ff9e3c1836a565fd8627c8cc4bd6fa9bc2e52445b5c06a523d9863432f23691a6c8e592cdfb45c1911777a66bdfbcf59c540d5aef6732cb71ef8253e685c0229ea670f3b8b79128238abd2aee24ba593c58cbc9a386b0a2ae273e6c8da7721913a708630f9224385d2282cd83585f176348a48cd03ae14d81eddc420def6ca94bf5c575b8f38bb9065886a2ce996e2bb31876a8a74f109bc8df4cb610606212cdfea16bffb2962d7242ef3e4d01615ba4a76c386c76760c2fea0c0e47264151ae81ced36f5f65398f9a9c886cfaf2e9f29eb37323331128f76da15f22b0a28cabf82d0c53cdfb7933f1dc966ec713aee2c50ee453f9190e3644d338dc4323ffb3359dfc5e661c6e5aacd59cf0a79e05395d53ea2048c6b06fc78938a4cfe2945deaf2827cb81e5c898daccfbc288ecff381f8ceede9f612828a36f02676bf07a555b11ca284d7d54b545badeb7a353ac4036fefae62560aeec3a4f001d3a9c6f0de1dc39f85cdf5415eb65f8e0f979fa701721473387e8be42dcceb43ea8fe0a19d03396bfba2fcea8bd04480c2248936f044c1c25699ea82aa746e9660eb565ea48cce9306991876f37d7d6baa966c79e4436717e178b5dfd236f43e1e6f54be1ff9ed26584fb48479bb19ade0dd35000ddad5cf290c78e2eb71e350fb3b2b55f74ce23bdb6ed3bedfe229f37388ed3adbf52c09ca10a3d726f17213f530d486c5123931cb746030cb40d56e952175b90ca275abfc9c893d353c9b530920328ed20b4a09c6223bd20447b297d65932408081a87ffc96dfb9f3d47a0912d16e19b33943d8f89520c97ba04208d4ea059f99c828a04deb26e86761735d00f4d1bbd960dbc18db71b1c703835d9efec82b347e3a1507dc901e18fef44bed1d0be45d40bf793f0e91e17711ed76ffe95824283284bbdcadd9557f85de57783dd142dc11c5b27780305b7c617f0d5e91dbdd750d0e85142568e82d7c8211efbf8fc7c900377e5f73019a1c9037d23d177db1764318202819f59194b198f4065f0a49a83864a77c81ee0fd9698b00ccda5201bf6a512aef2c089ef5fab1b598ac3e144315f2164154b178e5262b7e177cf774abed522de59b1c5c0fe78f1d1ada73599b730122c62f2181e2bdbbb5a91ffb8e145e19d69961473d14e8459b4c1fc95d54ce4e622026625aae7dc95ff4e8bd900b4ace22eeaa48044d1467961e327393b030a00cc6ca94a4478d92f239dc26e65414e6ddc247aafbe4b091373007625d79862b10e51b5bee31f33b2ee04ed91fdff8ad7af0f9d0f83455f40c1ff03253b3bb17213c51b8d43d77a08f857353916bf1289b309de987491d47adde9820a0ead1143a18a83322744916d32341c464d7fb854082e3b67c9df49880ced0f924d228a53182eedf528e7173eb5a32ff513613fe6361ee8b57327bf843613a208979625325340e4728ba41ffc859c4063b4dee068987a82b5dab685c492b92a6ba21bb316183769f4e347c6beeec90627fb37cd83833381bc1243d887867189e1bb9af32dc011f34d4058bbf40ca6a7623e60f0521f9d69c4590c294efa9e4866c47d0edfacf5a316476ec0f7734ab5d7e53d4a03b8e0cfe8dcae5a5a8a21fbc6754c2494abfd93a38ad5c427fe2d021ac263fd1a022225fe6f21543179e7832e10d3b01dd806c6ab413a4c411287a829cd52a8fae72a73e5e46127ac1d26ea3a939d6b175113df75b7382dd3956902d7fecd195920ac34921b735dddeeb4daa248d34f38ade7046ebe26daabdae59f107a1ff7c1be752bdcc93dee3cc1df027f89fbb4eee6ad43fad2914069e936ccb3493",
    "publicKeyMultibase": "ukCRKDtY8Do_dXzYGyuX7BY-1dDYM4FuSiw0gFdO-eJXFH0eqlt4_CP4sEISGAzNlKDzLpUJWoInRywXOpd7FCp_QAJAlL7iRo4cepKhzhlq8xt6qd5jkhYF9tNH8z3RGDl9aunNy_06fWLYNScWd5RmGg46Po8T-kIjMMkJftaqqZcGDxktpu9Et2bnaZMx4K98YyG1urUpM9lgvldgg2qv-6XCrm2uXlJ9U-HN4xtQKn4Ug-5xPwbhPGR2pbcBScTFotkhBqLc2eQLL6zPutWF83sSZbOhD_11BjMkeiLyJbMeHCIhz5GDIbPksEFIaSho3MdFo5fpQ8QZoqCit3Jn4ddfuShfIoLU1Hw5EZ0xBiqOU7e-TINd7-7HsgHLmYMGnpqljm1ot3c3cfalYsg87WQuSscO7XNH3Ewa-cgU6Bnj1SGn0plTy6Yq-GxU8XUBPwsK_IoIJbXWC0UD97c9UYpNiZi0-ECnbB-Y5_SM8auMfoIeap_buAOdXlJZmcp8xNCXI59AN9-96Sdhks5L-JmsELzyjAgjqNx8Zt3KPFc2jSwNjDVC1fEa8FdDdDT3WNkF6KTt65lb5_aIkFh20nOvT7kIJcKTgmhRGNJZgGSPYVbMypaQoaac8dtEoQjvYgnO-rM_RcsiWMHNc29br3o5wdiLXdr63MoX1lEWu_THBfeP1JuxrSbUmHOByepWbubbSM4iVQITCxBHZT0Mj2bWwIxd3nZUajzebyEnsfitV01kpzlO7bzY2uxSzyplTkRfppc_7YH0y0PHaggw0cIXNSh73wVqNZmzmJx5W0_akrvy5oSz9ZB1Io2p_fTxzibefwO700bUqbElV_yuCjD7EJ_Hfqbog80y_g9TK6koX7wYwqFNQxBVavKC-HbcT7yPdvzs9hlC2MNWCT3W7gVgeYr4AFgbV9EgMcH0GtJDKYw8vkpB_vTsaSTGZAj3TNKalAwiGO50VAmF5tknF96kOrWmNL0MdkXhnm1vXgDpP68bMt4r2Qr-hNdJ4s3_nqmSDYTnZRA4qjXjrgKQfO19txt0tX7LifE1GZ1bQyS7NqHWXyMEhw6_F8pc_tS16VhvJO_FM7CX51mLLkLCGl7DsmbnEIsVUW9qlCxb6bj53UyijTYdu6uLZW9JISE2B4EevxzwDu9UGcJPHmJYi1rRQAP__jH97GiQC8FvkdAEfKqcwV9jAbBPQPG6lUkBLcoijgR3Bcwd-ta92oeZmcpoJ97PzzBbCL-NrppJ2HHQ1SMsYWoPveZTmZc66YBA0P9YfT4hZ0RQiP2gxB4snTvMFI0Ot6Q2nQ0p5DMxmWqIaCKW53rqn16AVXQeqC2TJjlbjA9sC6pr8GEGY2OQUgEmWu5GmnOSz1lNY7fNHJypChnieI_hyYiy06qouUpoHA5z_IUtfzZoMIG0yJiGUUpF9BJvYChDECCqaUM1kWnO5tKcohSKq5Hqwu_EWDRYF2tj7igSimZkS4Pts41tu8nIaVk5EkzAX9gCR2EX3Lk869mIxSyBS3MyG_NotPcbm6uXDn_YkV5Z0HkxUxYRA9hIG-UhKhK3VOaHZP8GcQN8noOMa2CnPd208X6HOzlIlxs7SRbzppUs_fHN1eROglNy-2oJWGmo-xOy0Qd44TtY0S_bYhu6iH6inrx3-yncSrWFxEiYosvYJD4ZBSyrV4d6UsfeNSHYS0ODTsdPqz4SYTeloZbIx8XWz7fxLXlNyLr3s9tp-Q25f1vTIrmQL"
  }
}
Example 5: Private and Public keys for SLH-DSA-SHA2-128s 
{
  "slh128s": {
    "publicKeyHex": "4834a55ff26a17f3947a265bc421093a629d2e863381f8f9f6d64f707cf2e95b",
    "secretKeyHex": "765d610794caa0dd67472ed92b8ec0b23c1d57c8ed25a9147be7dcd5dca241fb4834a55ff26a17f3947a265bc421093a629d2e863381f8f9f6d64f707cf2e95b",
    "publicKeyMultibase": "uoCRINKVf8moX85R6JlvEIQk6Yp0uhjOB-Pn21k9wfPLpWw"
  }
}
Example 6: Private and Public keys for FALCON-512 
{
  "falcon512": {
    "publicKeyHex": "098cd51cfa4e97d1bbd6231a76a7756a8582e1899edd031a753b8b20357e66101345677898a291136b0dd952d1df65bc9c1e6425fd18e08f5f9c50da50780c18976816f5062d4024014f50dda1ca50c40a68b3e64b069aaf19cbc61f19ca525aee80e617c1eff82e93a484b20c02c5de8924d53da5d59a28bf72bb98a7df00134595154ea1a5b9cd94238a064c45a9d5b5f5067ca91e75aa826a30a19e4c8aa6242179d08d82b029b6791abad0951c37b764ddc6b35e832d294fd8380f2f03fd97daa34f1eb869b97b4fc3841ba26d2639a9dd339d453b8eeb6a40a818c81783b97fbdc0b7f0abc390ac8824fb27a5bce6883a0964af625987460a2aee399971f15303aa9c9deec850617c399e3522e59d0339953c2a4f4c162886f4fc0000c71d69df677c51064da0fbb237d5e0121c073584e07e1eb967a7ce96ef9c445037646db2733e499a3dcd641d96371167205e6240fc3080eb924d59d399e39a0c3f20ae23825b9d2818fb8a1ac4ce539aabc9b12c43a2fcfdeaeb61799a0466f059c6f867b14194036e31aacdc3d2246c3d904a37b01ee0d80decf7b8accc8c50a12ae76bc45d977afa99d597f93232770a8b2111a1adf2612a4f17427ad7cadd52c921041ba60cd8e376a15cb5135371bf7eab62845cdfbf45a7e3ad61c0b05a7d674cc6b246ad3ba7cc07a89f4e9dc1e2d72b604d037b9b23f11f3cea872bee7bb064cc311c532db96df9a14227264f2dd4a70d48803ac95cc2ab6faf2dd5a2756297399c023591fb1cad26c000e083c144a03536e92f69908616913529d195709135ca6d6e7f5ded390270eef20c141d81e0ebb654f92b49c3212649b0f3460a4d27354dac819c07da66ea7dd6841a835260f134791091a5b25896866bc7bae5c7b315c6d793a05ee218db232ea1063538e2b86fc05f15979ae4b56d26cbb444e1003414763ca65330e46ab99b1ffc58e17d777fe28251e8c697c604985c3ad2298a2819a9bda9252989d33588cde7f591f266228410e2a9b02962e9a740233bbc84031ae385b315b9bc691e8962989cf9b0f786eb19fdeaf44e923929454c61e2c3f29db61280000dd462fe9ac5e6ed2319762ad1c3cd2aa7495e05ac123c2514a7d8c86b3f95589d787d9c0f45dde114c7e1267ba24e65e2191a975ed9d5d7c60dac4a85453f578d36466105fd65bb8d78f8a238d69f2b0deb9a82449e9138528bbb1dc73785e3d6cc88dd73260dda36011f4341619bc5a6ed374d55ea301bc9",
    "secretKeyHex": "590821fafc2f86fc0f42f46008dff0c123f08703affa13eec0f84f88140f3ffc0081f870041bcebdec8100ec1fbf03cfbdefa07e17f03f0fb1c5038141ebf105e7c0fbfbc1bf0fefc00fff7ef8407cf7fe82e37ffdf46f7f1080c2f440fafbc0fa17d039f85048ec4f40003086002ffef4607ff45f3c13d13defdfffec1f42fc1248083fc40400802bff07000081ffdf7b1fe14210523ff80082f42fbdf7fdbc04513e0bf140fb91ba088e42ffa07bffe07afba0c117edf8044fc413d0bff82ff60bf0bc17ff090800870c4fbefc8fc32050020c313907a1fdefe000f80ffd0faf46f7f08403cf3f002040141fc007f1bf102080f010810810c3088f84f7d006fc7f870f6ebc07fffa102eff1feec307df0517f005103f40046e441030c6007d7c038f83fc423eefcffa040081002087fbc0c1040ec0101f7ff7c2be0c8f81002fbd045fbef8207f1c727e13f03ee42ec1fc20c013bf44f84ffbe7e0041c3102f3d07d109f3b142e42ebf0c4fbd003f03e3f000080ef30c3ebe0ffe44ffff3b10513b03c0bc0c11030bef8203af420410f5f7c104f00fc103f0c1f3e03e0c2005ebf083f3dfc2ec4f7ee3f0c3fbf17df40081fc3f420fb0bff46f83f440810400430410ca1fc203100100f79146047f40f3ae49e88efbdfbf0207ef7f081f861fae7ff86f80fc113b181fbaf47f85fffefbef81c0e01e80f82fb9fbd0f90bf103f7ff3b004101e46034041f3ff78f0323d17bf81140f0407fffee82fc303e0c3003f40f040bbf0414207de4518108717c037ec003cefe10cf83fc5f7fe41ebd00107ef41fc5087f05f3eec6f41085fb5f8210107ef42002f4400a23b080e4807e100081146dc8dc7ebf084ffdf7727b0fdf3f03a0bbf3ef40fc1fc313a145fc6044184f82033d44042fc3f4208407dfbff46ec3f3d07c1081bce7703f101f7efc4f3cec30bf1420c013ef40efffc5fbe1bf1bd008f80043fff0c7040042f40208efcffa04317cec1042e7b17e03e040000181201fbf03d03f182e7ffc10ba1b9fc6000001fbbfc1082fbffc5e42fc317d001fba07c03f184f8123ff7f03efc3fbf14f4fa0427e802de2109f6d4e1bc17e2f5eb1a0a1af60b01f410f5fdfa1a08e621dbef0d2112e825052f1023040004ef39e80ff91016030b07feee00fef00523fd17e513063a040605f9e4f321fbd7e622110ce9060924f309301505fb13150f03f63e29ea0be2d70c0de419e1ed05e409f610e9ebee08021506e1f9ede10108d5ffffebe0f7ef1af2db13fd05ed090d11fffdf2e81707f800f807efdb00f226e1e50eeae715e54cfc10050c040f0527100bd2e9191bddebf912120500c90025ee15fb08d620f508fadc34111fdbf5fd0504fa040b06020f27ed16061fc51e06f72c0d041900cce8ebeed3f5dc121e163dea21f2190ae9edf80a1101f7de19e2d1f2c4f10affe714f70f18f70bea0635081200f21efcc505f1e3d8fe1027e00c0214e9150d03d8dbc02fb93a11faef2be6f3e1fdf4a60ee30b081a092cd70e1e00d302263a18ea19f3021af2e11deaff1e351615340007eb1f16401d0b1524032c00e7dcffe8ebd427e2ff24ca2a0a0ff6edfbfd1dec1116090506fc07fee8db31f6eb49ff2028f8d526210aeafb02eb1c01ea31f70ff9e6f0e31b1611f9f60c2bf3ed0103f40a081adcfa26020ef7c8e6ddffe4eff90c20f2d244e0130a09ee0ff13806f6ffcffed5dbd4e6f220f52a410c0b00f8f7ef20eaff3af1300a17e132e5feebfb0e070c011e2cf5121cbb20df01e0edede9f60fe6fceec6f12233e6",
    "publicKeyMultibase": "urCQJjNUc-k6X0bvWIxp2p3VqhYLhiZ7dAxp1O4sgNX5mEBNFZ3iYopETaw3ZUtHfZbycHmQl_Rjgj1-cUNpQeAwYl2gW9QYtQCQBT1DdocpQxApos-ZLBpqvGcvGHxnKUlrugOYXwe_4LpOkhLIMAsXeiSTVPaXVmii_cruYp98AE0WVFU6hpbnNlCOKBkxFqdW19QZ8qR51qoJqMKGeTIqmJCF50I2CsCm2eRq60JUcN7dk3cazXoMtKU_YOA8vA_2X2qNPHrhpuXtPw4Qbom0mOandM51FO47rakCoGMgXg7l_vcC38KvDkKyIJPsnpbzmiDoJZK9iWYdGCiruOZlx8VMDqpyd7shQYXw5njUi5Z0DOZU8Kk9MFiiG9PwAAMcdad9nfFEGTaD7sjfV4BIcBzWE4H4euWenzpbvnERQN2RtsnM-SZo9zWQdljcRZyBeYkD8MIDrkk1Z05njmgw_IK4jgludKBj7ihrEzlOaq8mxLEOi_P3q62F5mgRm8FnG-GexQZQDbjGqzcPSJGw9kEo3sB7g2A3s97iszIxQoSrna8Rdl3r6mdWX-TIydwqLIRGhrfJhKk8XQnrXyt1SySEEG6YM2ON2oVy1E1Nxv36rYoRc379Fp-OtYcCwWn1nTMayRq07p8wHqJ9OncHi1ytgTQN7myPxHzzqhyvue7BkzDEcUy25bfmhQicmTy3Upw1IgDrJXMKrb68t1aJ1Ypc5nAI1kfscrSbAAOCDwUSgNTbpL2mQhhaRNSnRlXCRNcptbn9d7TkCcO7yDBQdgeDrtlT5K0nDISZJsPNGCk0nNU2sgZwH2mbqfdaEGoNSYPE0eRCRpbJYloZrx7rlx7MVxteToF7iGNsjLqEGNTjiuG_AXxWXmuS1bSbLtEThADQUdjymUzDkarmbH_xY4X13f-KCUejGl8YEmFw60imKKBmpvaklKYnTNYjN5_WR8mYihBDiqbApYumnQCM7vIQDGuOFsxW5vGkeiWKYnPmw94brGf3q9E6SOSlFTGHiw_KdthKAAA3UYv6axebtIxl2KtHDzSqnSV4FrBI8JRSn2MhrP5VYnXh9nA9F3eEUx-Eme6JOZeIZGpde2dXXxg2sSoVFP1eNNkZhBf1lu414-KI41p8rDeuagkSekThSi7sdxzeF49bMiN1zJg3aNgEfQ0Fhm8Wm7TdNVeowG8k"
  }
}
Example 7: Private and Public keys for SQIsign-I 
{
  "sqisign1": {
    "publicKeyHex": "e144bdf2447d65170073bf86c3e2d241fe9c6aaae3065c1d7f4a3d0f3ce10303dd99e0b81dec4f85bca1fe5ecfa12ed2f8c2f5bc58bd751b7b1431d8640ca8030b",
    "secretKeyHex": "e144bdf2447d65170073bf86c3e2d241fe9c6aaae3065c1d7f4a3d0f3ce10303dd99e0b81dec4f85bca1fe5ecfa12ed2f8c2f5bc58bd751b7b1431d8640ca8030b63790509f8c0c251959a459b7f0b6cca1f020000000000000000000000000000ec632b3911de57001f37a3d6ffbb6042ddfdffffffffffffffffffffffffffff99d5056c88aaef28a1b8980fcf58a369a7fcffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff000000000000000000000000000000000000000000000000000000000000000024ff19b3d11ba00ecc969af6f4f1a60d36023ec86d66ed68316e613e5768ab0035262a3f5f562ee8be9a3b013b80e3bd461d630ef5b06cd587c786687a6ad500fb5dec2e9c79b6a463eeb473e545cd8a3e1daa7a525517326ab5ad633bb79900b712fad0aa36f07d70194256408072f5ba17a622b53275473fda285c47acec00",
    "publicKeyMultibase": "uriThRL3yRH1lFwBzv4bD4tJB_pxqquMGXB1_Sj0PPOEDA92Z4Lgd7E-FvKH-Xs-hLtL4wvW8WL11G3sUMdhkDKgDCw"
  }
}

A.2 Common Algorithms: Proof Configuration

The Proof Configuration algorithm output is dependent on the specific proof options as well as the parameters, hence an output test vector for Proof Configuration is given for each supported cryptosuite.

A.2.1 Proof Configuration (rdfc, sha-256)

Example 8: Proof Configuration mldsa44-rdfc-2024 
_:c14n0 <http://purl.org/dc/terms/created> "2023-02-24T23:36:38Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n0 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/security#DataIntegrityProof> .
_:c14n0 <https://w3id.org/security#cryptosuite> "mldsa44-rdfc-2024"^^<https://w3id.org/security#cryptosuiteString> .
_:c14n0 <https://w3id.org/security#proofPurpose> <https://w3id.org/security#assertionMethod> .
_:c14n0 <https://w3id.org/security#verificationMethod> <did:key:ukCRKDtY8Do_dXzYGyuX7BY-1dDYM4FuSiw0gFdO-eJXFH0eqlt4_CP4sEISGAzNlKDzLpUJWoInRywXOpd7FCp_QAJAlL7iRo4cepKhzhlq8xt6qd5jkhYF9tNH8z3RGDl9aunNy_06fWLYNScWd5RmGg46Po8T-kIjMMkJftaqqZcGDxktpu9Et2bnaZMx4K98YyG1urUpM9lgvldgg2qv-6XCrm2uXlJ9U-HN4xtQKn4Ug-5xPwbhPGR2pbcBScTFotkhBqLc2eQLL6zPutWF83sSZbOhD_11BjMkeiLyJbMeHCIhz5GDIbPksEFIaSho3MdFo5fpQ8QZoqCit3Jn4ddfuShfIoLU1Hw5EZ0xBiqOU7e-TINd7-7HsgHLmYMGnpqljm1ot3c3cfalYsg87WQuSscO7XNH3Ewa-cgU6Bnj1SGn0plTy6Yq-GxU8XUBPwsK_IoIJbXWC0UD97c9UYpNiZi0-ECnbB-Y5_SM8auMfoIeap_buAOdXlJZmcp8xNCXI59AN9-96Sdhks5L-JmsELzyjAgjqNx8Zt3KPFc2jSwNjDVC1fEa8FdDdDT3WNkF6KTt65lb5_aIkFh20nOvT7kIJcKTgmhRGNJZgGSPYVbMypaQoaac8dtEoQjvYgnO-rM_RcsiWMHNc29br3o5wdiLXdr63MoX1lEWu_THBfeP1JuxrSbUmHOByepWbubbSM4iVQITCxBHZT0Mj2bWwIxd3nZUajzebyEnsfitV01kpzlO7bzY2uxSzyplTkRfppc_7YH0y0PHaggw0cIXNSh73wVqNZmzmJx5W0_akrvy5oSz9ZB1Io2p_fTxzibefwO700bUqbElV_yuCjD7EJ_Hfqbog80y_g9TK6koX7wYwqFNQxBVavKC-HbcT7yPdvzs9hlC2MNWCT3W7gVgeYr4AFgbV9EgMcH0GtJDKYw8vkpB_vTsaSTGZAj3TNKalAwiGO50VAmF5tknF96kOrWmNL0MdkXhnm1vXgDpP68bMt4r2Qr-hNdJ4s3_nqmSDYTnZRA4qjXjrgKQfO19txt0tX7LifE1GZ1bQyS7NqHWXyMEhw6_F8pc_tS16VhvJO_FM7CX51mLLkLCGl7DsmbnEIsVUW9qlCxb6bj53UyijTYdu6uLZW9JISE2B4EevxzwDu9UGcJPHmJYi1rRQAP__jH97GiQC8FvkdAEfKqcwV9jAbBPQPG6lUkBLcoijgR3Bcwd-ta92oeZmcpoJ97PzzBbCL-NrppJ2HHQ1SMsYWoPveZTmZc66YBA0P9YfT4hZ0RQiP2gxB4snTvMFI0Ot6Q2nQ0p5DMxmWqIaCKW53rqn16AVXQeqC2TJjlbjA9sC6pr8GEGY2OQUgEmWu5GmnOSz1lNY7fNHJypChnieI_hyYiy06qouUpoHA5z_IUtfzZoMIG0yJiGUUpF9BJvYChDECCqaUM1kWnO5tKcohSKq5Hqwu_EWDRYF2tj7igSimZkS4Pts41tu8nIaVk5EkzAX9gCR2EX3Lk869mIxSyBS3MyG_NotPcbm6uXDn_YkV5Z0HkxUxYRA9hIG-UhKhK3VOaHZP8GcQN8noOMa2CnPd208X6HOzlIlxs7SRbzppUs_fHN1eROglNy-2oJWGmo-xOy0Qd44TtY0S_bYhu6iH6inrx3-yncSrWFxEiYosvYJD4ZBSyrV4d6UsfeNSHYS0ODTsdPqz4SYTeloZbIx8XWz7fxLXlNyLr3s9tp-Q25f1vTIrmQL> .
Example 9: Proof Configuration slhdsa128-rdfc-2024 
_:c14n0 <http://purl.org/dc/terms/created> "2023-02-24T23:36:38Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n0 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/security#DataIntegrityProof> .
_:c14n0 <https://w3id.org/security#cryptosuite> "slhdsa128-rdfc-2024"^^<https://w3id.org/security#cryptosuiteString> .
_:c14n0 <https://w3id.org/security#proofPurpose> <https://w3id.org/security#assertionMethod> .
_:c14n0 <https://w3id.org/security#verificationMethod> <did:key:uoCRINKVf8moX85R6JlvEIQk6Yp0uhjOB-Pn21k9wfPLpWw> .
Example 10: Proof Configuration falcon512-rdfc-2024 
_:c14n0 <http://purl.org/dc/terms/created> "2023-02-24T23:36:38Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n0 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/security#DataIntegrityProof> .
_:c14n0 <https://w3id.org/security#cryptosuite> "falcon512-rdfc-2024"^^<https://w3id.org/security#cryptosuiteString> .
_:c14n0 <https://w3id.org/security#proofPurpose> <https://w3id.org/security#assertionMethod> .
_:c14n0 <https://w3id.org/security#verificationMethod> <did:key:urCQJjNUc-k6X0bvWIxp2p3VqhYLhiZ7dAxp1O4sgNX5mEBNFZ3iYopETaw3ZUtHfZbycHmQl_Rjgj1-cUNpQeAwYl2gW9QYtQCQBT1DdocpQxApos-ZLBpqvGcvGHxnKUlrugOYXwe_4LpOkhLIMAsXeiSTVPaXVmii_cruYp98AE0WVFU6hpbnNlCOKBkxFqdW19QZ8qR51qoJqMKGeTIqmJCF50I2CsCm2eRq60JUcN7dk3cazXoMtKU_YOA8vA_2X2qNPHrhpuXtPw4Qbom0mOandM51FO47rakCoGMgXg7l_vcC38KvDkKyIJPsnpbzmiDoJZK9iWYdGCiruOZlx8VMDqpyd7shQYXw5njUi5Z0DOZU8Kk9MFiiG9PwAAMcdad9nfFEGTaD7sjfV4BIcBzWE4H4euWenzpbvnERQN2RtsnM-SZo9zWQdljcRZyBeYkD8MIDrkk1Z05njmgw_IK4jgludKBj7ihrEzlOaq8mxLEOi_P3q62F5mgRm8FnG-GexQZQDbjGqzcPSJGw9kEo3sB7g2A3s97iszIxQoSrna8Rdl3r6mdWX-TIydwqLIRGhrfJhKk8XQnrXyt1SySEEG6YM2ON2oVy1E1Nxv36rYoRc379Fp-OtYcCwWn1nTMayRq07p8wHqJ9OncHi1ytgTQN7myPxHzzqhyvue7BkzDEcUy25bfmhQicmTy3Upw1IgDrJXMKrb68t1aJ1Ypc5nAI1kfscrSbAAOCDwUSgNTbpL2mQhhaRNSnRlXCRNcptbn9d7TkCcO7yDBQdgeDrtlT5K0nDISZJsPNGCk0nNU2sgZwH2mbqfdaEGoNSYPE0eRCRpbJYloZrx7rlx7MVxteToF7iGNsjLqEGNTjiuG_AXxWXmuS1bSbLtEThADQUdjymUzDkarmbH_xY4X13f-KCUejGl8YEmFw60imKKBmpvaklKYnTNYjN5_WR8mYihBDiqbApYumnQCM7vIQDGuOFsxW5vGkeiWKYnPmw94brGf3q9E6SOSlFTGHiw_KdthKAAA3UYv6axebtIxl2KtHDzSqnSV4FrBI8JRSn2MhrP5VYnXh9nA9F3eEUx-Eme6JOZeIZGpde2dXXxg2sSoVFP1eNNkZhBf1lu414-KI41p8rDeuagkSekThSi7sdxzeF49bMiN1zJg3aNgEfQ0Fhm8Wm7TdNVeowG8k> .
Example 11: Proof Configuration sqisign1-rdfc-2024 
_:c14n0 <http://purl.org/dc/terms/created> "2023-02-24T23:36:38Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n0 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/security#DataIntegrityProof> .
_:c14n0 <https://w3id.org/security#cryptosuite> "sqisign1-rdfc-2024"^^<https://w3id.org/security#cryptosuiteString> .
_:c14n0 <https://w3id.org/security#proofPurpose> <https://w3id.org/security#assertionMethod> .
_:c14n0 <https://w3id.org/security#verificationMethod> <did:key:uriThRL3yRH1lFwBzv4bD4tJB_pxqquMGXB1_Sj0PPOEDA92Z4Lgd7E-FvKH-Xs-hLtL4wvW8WL11G3sUMdhkDKgDCw> .

A.2.2 Proof Configuration (jcs)

Example 12: Proof Configuration mldsa44-jcs-2024 
{"@context":["https://www.w3.org/ns/credentials/v2","https://w3id.org/citizenship/v4rc1"],"created":"2023-02-24T23:36:38Z","cryptosuite":"mldsa44-jcs-2024","proofPurpose":"assertionMethod","type":"DataIntegrityProof","verificationMethod":"did:key:ukCRKDtY8Do_dXzYGyuX7BY-1dDYM4FuSiw0gFdO-eJXFH0eqlt4_CP4sEISGAzNlKDzLpUJWoInRywXOpd7FCp_QAJAlL7iRo4cepKhzhlq8xt6qd5jkhYF9tNH8z3RGDl9aunNy_06fWLYNScWd5RmGg46Po8T-kIjMMkJftaqqZcGDxktpu9Et2bnaZMx4K98YyG1urUpM9lgvldgg2qv-6XCrm2uXlJ9U-HN4xtQKn4Ug-5xPwbhPGR2pbcBScTFotkhBqLc2eQLL6zPutWF83sSZbOhD_11BjMkeiLyJbMeHCIhz5GDIbPksEFIaSho3MdFo5fpQ8QZoqCit3Jn4ddfuShfIoLU1Hw5EZ0xBiqOU7e-TINd7-7HsgHLmYMGnpqljm1ot3c3cfalYsg87WQuSscO7XNH3Ewa-cgU6Bnj1SGn0plTy6Yq-GxU8XUBPwsK_IoIJbXWC0UD97c9UYpNiZi0-ECnbB-Y5_SM8auMfoIeap_buAOdXlJZmcp8xNCXI59AN9-96Sdhks5L-JmsELzyjAgjqNx8Zt3KPFc2jSwNjDVC1fEa8FdDdDT3WNkF6KTt65lb5_aIkFh20nOvT7kIJcKTgmhRGNJZgGSPYVbMypaQoaac8dtEoQjvYgnO-rM_RcsiWMHNc29br3o5wdiLXdr63MoX1lEWu_THBfeP1JuxrSbUmHOByepWbubbSM4iVQITCxBHZT0Mj2bWwIxd3nZUajzebyEnsfitV01kpzlO7bzY2uxSzyplTkRfppc_7YH0y0PHaggw0cIXNSh73wVqNZmzmJx5W0_akrvy5oSz9ZB1Io2p_fTxzibefwO700bUqbElV_yuCjD7EJ_Hfqbog80y_g9TK6koX7wYwqFNQxBVavKC-HbcT7yPdvzs9hlC2MNWCT3W7gVgeYr4AFgbV9EgMcH0GtJDKYw8vkpB_vTsaSTGZAj3TNKalAwiGO50VAmF5tknF96kOrWmNL0MdkXhnm1vXgDpP68bMt4r2Qr-hNdJ4s3_nqmSDYTnZRA4qjXjrgKQfO19txt0tX7LifE1GZ1bQyS7NqHWXyMEhw6_F8pc_tS16VhvJO_FM7CX51mLLkLCGl7DsmbnEIsVUW9qlCxb6bj53UyijTYdu6uLZW9JISE2B4EevxzwDu9UGcJPHmJYi1rRQAP__jH97GiQC8FvkdAEfKqcwV9jAbBPQPG6lUkBLcoijgR3Bcwd-ta92oeZmcpoJ97PzzBbCL-NrppJ2HHQ1SMsYWoPveZTmZc66YBA0P9YfT4hZ0RQiP2gxB4snTvMFI0Ot6Q2nQ0p5DMxmWqIaCKW53rqn16AVXQeqC2TJjlbjA9sC6pr8GEGY2OQUgEmWu5GmnOSz1lNY7fNHJypChnieI_hyYiy06qouUpoHA5z_IUtfzZoMIG0yJiGUUpF9BJvYChDECCqaUM1kWnO5tKcohSKq5Hqwu_EWDRYF2tj7igSimZkS4Pts41tu8nIaVk5EkzAX9gCR2EX3Lk869mIxSyBS3MyG_NotPcbm6uXDn_YkV5Z0HkxUxYRA9hIG-UhKhK3VOaHZP8GcQN8noOMa2CnPd208X6HOzlIlxs7SRbzppUs_fHN1eROglNy-2oJWGmo-xOy0Qd44TtY0S_bYhu6iH6inrx3-yncSrWFxEiYosvYJD4ZBSyrV4d6UsfeNSHYS0ODTsdPqz4SYTeloZbIx8XWz7fxLXlNyLr3s9tp-Q25f1vTIrmQL"}
Example 13: Proof Configuration slhdsa128-jcs-2024 
{"@context":["https://www.w3.org/ns/credentials/v2","https://www.w3.org/ns/credentials/examples/v2"],"created":"2023-02-24T23:36:38Z","cryptosuite":"slhdsa128-jcs-2024","proofPurpose":"assertionMethod","type":"DataIntegrityProof","verificationMethod":"did:key:uoCRINKVf8moX85R6JlvEIQk6Yp0uhjOB-Pn21k9wfPLpWw"}
Example 14: Proof Configuration falcon512-jcs-2024 
{"@context":["https://www.w3.org/ns/credentials/v2","https://w3id.org/citizenship/v4rc1"],"created":"2023-02-24T23:36:38Z","cryptosuite":"falcon512-jcs-2024","proofPurpose":"assertionMethod","type":"DataIntegrityProof","verificationMethod":"did:key:urCQJjNUc-k6X0bvWIxp2p3VqhYLhiZ7dAxp1O4sgNX5mEBNFZ3iYopETaw3ZUtHfZbycHmQl_Rjgj1-cUNpQeAwYl2gW9QYtQCQBT1DdocpQxApos-ZLBpqvGcvGHxnKUlrugOYXwe_4LpOkhLIMAsXeiSTVPaXVmii_cruYp98AE0WVFU6hpbnNlCOKBkxFqdW19QZ8qR51qoJqMKGeTIqmJCF50I2CsCm2eRq60JUcN7dk3cazXoMtKU_YOA8vA_2X2qNPHrhpuXtPw4Qbom0mOandM51FO47rakCoGMgXg7l_vcC38KvDkKyIJPsnpbzmiDoJZK9iWYdGCiruOZlx8VMDqpyd7shQYXw5njUi5Z0DOZU8Kk9MFiiG9PwAAMcdad9nfFEGTaD7sjfV4BIcBzWE4H4euWenzpbvnERQN2RtsnM-SZo9zWQdljcRZyBeYkD8MIDrkk1Z05njmgw_IK4jgludKBj7ihrEzlOaq8mxLEOi_P3q62F5mgRm8FnG-GexQZQDbjGqzcPSJGw9kEo3sB7g2A3s97iszIxQoSrna8Rdl3r6mdWX-TIydwqLIRGhrfJhKk8XQnrXyt1SySEEG6YM2ON2oVy1E1Nxv36rYoRc379Fp-OtYcCwWn1nTMayRq07p8wHqJ9OncHi1ytgTQN7myPxHzzqhyvue7BkzDEcUy25bfmhQicmTy3Upw1IgDrJXMKrb68t1aJ1Ypc5nAI1kfscrSbAAOCDwUSgNTbpL2mQhhaRNSnRlXCRNcptbn9d7TkCcO7yDBQdgeDrtlT5K0nDISZJsPNGCk0nNU2sgZwH2mbqfdaEGoNSYPE0eRCRpbJYloZrx7rlx7MVxteToF7iGNsjLqEGNTjiuG_AXxWXmuS1bSbLtEThADQUdjymUzDkarmbH_xY4X13f-KCUejGl8YEmFw60imKKBmpvaklKYnTNYjN5_WR8mYihBDiqbApYumnQCM7vIQDGuOFsxW5vGkeiWKYnPmw94brGf3q9E6SOSlFTGHiw_KdthKAAA3UYv6axebtIxl2KtHDzSqnSV4FrBI8JRSn2MhrP5VYnXh9nA9F3eEUx-Eme6JOZeIZGpde2dXXxg2sSoVFP1eNNkZhBf1lu414-KI41p8rDeuagkSekThSi7sdxzeF49bMiN1zJg3aNgEfQ0Fhm8Wm7TdNVeowG8k"}
Example 15: Proof Configuration sqisign1-jcs-2024 
{"@context":["https://www.w3.org/ns/credentials/v2","https://w3id.org/citizenship/v4rc1"],"created":"2023-02-24T23:36:38Z","cryptosuite":"sqisign1-jcs-2024","proofPurpose":"assertionMethod","type":"DataIntegrityProof","verificationMethod":"did:key:uriThRL3yRH1lFwBzv4bD4tJB_pxqquMGXB1_Sj0PPOEDA92Z4Lgd7E-FvKH-Xs-hLtL4wvW8WL11G3sUMdhkDKgDCw"}

A.3 Common Algorithms: Transform

In addition to the common unsecured data document the Transform algorithm takes parameters canonScheme and hashName. Only in the case of canonScheme equal to rdfc does the hashName parameter matter. This is reflected in the set of Transformation output test vectors given below.

A.3.1 Transform (rdfc, sha-256)

Example 16: Transform RDFC, SHA-256 
<did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76> <https://schema.org/image> <data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg==> .
_:c14n0 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#EmploymentAuthorizationDocumentCredential> .
_:c14n0 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://www.w3.org/2018/credentials#VerifiableCredential> .
_:c14n0 <https://schema.org/description> "Example Employment Authorization Document." .
_:c14n0 <https://schema.org/name> "Employment Authorization Document" .
_:c14n0 <https://www.w3.org/2018/credentials#credentialSubject> _:c14n1 .
_:c14n0 <https://www.w3.org/2018/credentials#issuer> <did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76> .
_:c14n0 <https://www.w3.org/2018/credentials#validFrom> "2019-12-03T00:00:00Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n0 <https://www.w3.org/2018/credentials#validUntil> "2029-12-03T00:00:00Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n1 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://schema.org/Person> .
_:c14n1 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#EmployablePerson> .
_:c14n1 <https://schema.org/additionalName> "JACOB" .
_:c14n1 <https://schema.org/birthDate> "1999-07-17"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n1 <https://schema.org/familyName> "SMITH" .
_:c14n1 <https://schema.org/gender> "Male" .
_:c14n1 <https://schema.org/givenName> "JOHN" .
_:c14n1 <https://schema.org/image> <data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==> .
_:c14n1 <https://w3id.org/citizenship#birthCountry> "Bahamas" .
_:c14n1 <https://w3id.org/citizenship#employmentAuthorizationDocument> _:c14n2 .
_:c14n1 <https://w3id.org/citizenship#residentSince> "2015-01-01"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n2 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#EmploymentAuthorizationDocument> .
_:c14n2 <https://schema.org/identifier> "83627465" .
_:c14n2 <https://w3id.org/citizenship#lprCategory> "C09" .
_:c14n2 <https://w3id.org/citizenship#lprNumber> "999-999-999" .

A.3.2 Transform (rdfc, sha-384)

Example 17: Transform RDFC, SHA-384 
<did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76> <https://schema.org/image> <data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg==> .
_:c14n0 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#EmploymentAuthorizationDocument> .
_:c14n0 <https://schema.org/identifier> "83627465" .
_:c14n0 <https://w3id.org/citizenship#lprCategory> "C09" .
_:c14n0 <https://w3id.org/citizenship#lprNumber> "999-999-999" .
_:c14n1 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://schema.org/Person> .
_:c14n1 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#EmployablePerson> .
_:c14n1 <https://schema.org/additionalName> "JACOB" .
_:c14n1 <https://schema.org/birthDate> "1999-07-17"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n1 <https://schema.org/familyName> "SMITH" .
_:c14n1 <https://schema.org/gender> "Male" .
_:c14n1 <https://schema.org/givenName> "JOHN" .
_:c14n1 <https://schema.org/image> <data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==> .
_:c14n1 <https://w3id.org/citizenship#birthCountry> "Bahamas" .
_:c14n1 <https://w3id.org/citizenship#employmentAuthorizationDocument> _:c14n0 .
_:c14n1 <https://w3id.org/citizenship#residentSince> "2015-01-01"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n2 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#EmploymentAuthorizationDocumentCredential> .
_:c14n2 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://www.w3.org/2018/credentials#VerifiableCredential> .
_:c14n2 <https://schema.org/description> "Example Employment Authorization Document." .
_:c14n2 <https://schema.org/name> "Employment Authorization Document" .
_:c14n2 <https://www.w3.org/2018/credentials#credentialSubject> _:c14n1 .
_:c14n2 <https://www.w3.org/2018/credentials#issuer> <did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76> .
_:c14n2 <https://www.w3.org/2018/credentials#validFrom> "2019-12-03T00:00:00Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n2 <https://www.w3.org/2018/credentials#validUntil> "2029-12-03T00:00:00Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .

A.3.3 Transform (rdfc, sha-512)

Example 18: Transform RDFC, SHA-512 
<did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76> <https://schema.org/image> <data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg==> .
_:c14n0 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#EmploymentAuthorizationDocument> .
_:c14n0 <https://schema.org/identifier> "83627465" .
_:c14n0 <https://w3id.org/citizenship#lprCategory> "C09" .
_:c14n0 <https://w3id.org/citizenship#lprNumber> "999-999-999" .
_:c14n1 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#EmploymentAuthorizationDocumentCredential> .
_:c14n1 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://www.w3.org/2018/credentials#VerifiableCredential> .
_:c14n1 <https://schema.org/description> "Example Employment Authorization Document." .
_:c14n1 <https://schema.org/name> "Employment Authorization Document" .
_:c14n1 <https://www.w3.org/2018/credentials#credentialSubject> _:c14n2 .
_:c14n1 <https://www.w3.org/2018/credentials#issuer> <did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76> .
_:c14n1 <https://www.w3.org/2018/credentials#validFrom> "2019-12-03T00:00:00Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n1 <https://www.w3.org/2018/credentials#validUntil> "2029-12-03T00:00:00Z"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n2 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://schema.org/Person> .
_:c14n2 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#EmployablePerson> .
_:c14n2 <https://schema.org/additionalName> "JACOB" .
_:c14n2 <https://schema.org/birthDate> "1999-07-17"^^<http://www.w3.org/2001/XMLSchema#dateTime> .
_:c14n2 <https://schema.org/familyName> "SMITH" .
_:c14n2 <https://schema.org/gender> "Male" .
_:c14n2 <https://schema.org/givenName> "JOHN" .
_:c14n2 <https://schema.org/image> <data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==> .
_:c14n2 <https://w3id.org/citizenship#birthCountry> "Bahamas" .
_:c14n2 <https://w3id.org/citizenship#employmentAuthorizationDocument> _:c14n0 .
_:c14n2 <https://w3id.org/citizenship#residentSince> "2015-01-01"^^<http://www.w3.org/2001/XMLSchema#dateTime> .

A.3.4 Transform (jcs)

Example 19: Transform JCS 
{"@context":["https://www.w3.org/ns/credentials/v2","https://w3id.org/citizenship/v4rc1"],"credentialSubject":{"additionalName":"JACOB","birthCountry":"Bahamas","birthDate":"1999-07-17","employmentAuthorizationDocument":{"identifier":"83627465","lprCategory":"C09","lprNumber":"999-999-999","type":"EmploymentAuthorizationDocument"},"familyName":"SMITH","gender":"Male","givenName":"JOHN","image":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==","residentSince":"2015-01-01","type":["Person","EmployablePerson"]},"description":"Example Employment Authorization Document.","issuer":{"id":"did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76","image":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="},"name":"Employment Authorization Document","type":["VerifiableCredential","EmploymentAuthorizationDocumentCredential"],"validFrom":"2019-12-03T00:00:00Z","validUntil":"2029-12-03T00:00:00Z"}

A.4 Common Algorithms: Hashing

The Hashing algorithm takes as inputs the results of the Proof Configuration and Transformation algorithms. Since the Proof Configuration algorithm output is cryptosuite specific the Hashing algorithm output is given for each cryptosuite test case. The Hashing output for each cryptosuite test case is given in hexadecimal format below.

Note

The first half of the hexadecimal Hashing result is the hash of the output of the Proof Configuration algorithm, while the second half of the hexidecimal value is the hash of the output from the Transformation algorithm and both can be useful information when debugging.

Example 20: Hashing (combined) 
{
  "mldsa44-rdfc-2024": "fa074359f280ed66bd74b65c8f644175b2f413e24ef3b917d557b3bc261b28f203f59e5b04ab575b1172cb684f22eede72f0e9033e0b5c67d0e2506768d6ce11",
  "mldsa44-jcs-2024": "1f49de8352bfcdef9457b14be9f4375c7288fb914cf1c974eab20f3d145b011a6ca388adaff807c71d063f666548493ba60c8c0fa109b3dd1e2564d61abe09cc",
  "slhdsa128-rdfc-2024": "26c114126bfe7aa69e33fe6c66150d816134726e71e3b1ab7f991a132f2b6ef803f59e5b04ab575b1172cb684f22eede72f0e9033e0b5c67d0e2506768d6ce11",
  "slhdsa128-jcs-2024": "7cc816b810b96de7a90e38d1ff5bb1666476e1f53a16ea7e14a8447fa5ac34566ca388adaff807c71d063f666548493ba60c8c0fa109b3dd1e2564d61abe09cc",
  "falcon512-rdfc-2024": "588886466ce3de13a82dfb8bad0d7ee27b94f80a73c50f2d7741126c71d143e303f59e5b04ab575b1172cb684f22eede72f0e9033e0b5c67d0e2506768d6ce11",
  "falcon512-jcs-2024": "ba0ab0c5e9a26cfe5aa89a59b4ae53a3f4b6bdf3307769d21fef7f2dc11864be6ca388adaff807c71d063f666548493ba60c8c0fa109b3dd1e2564d61abe09cc",
  "sqisign1-rdfc-2024": "f35e179a21495698798ec6f982353e16bea9d14374ab9b659cd0afebcb1417c903f59e5b04ab575b1172cb684f22eede72f0e9033e0b5c67d0e2506768d6ce11",
  "sqisign1-jcs-2024": "4c1d4ef51ede749b051fb4b471e7da7d3c37af030fdd66323922fc89ef4a7dfa6ca388adaff807c71d063f666548493ba60c8c0fa109b3dd1e2564d61abe09cc"
}

A.5 Create Proof

The Create Proof algorithm output is cryptosuite specific and uses the outputs of the Proof Configuration, Transformation, Hashing, and Proof Serialization algorithms. The output for each cryptosuite test case is given below.

Note

The output of the Proof Serialization common algorithm is not given separately since it is contained in the proofValue attribute in the following examples and can be quite lengthy for some quantum safe signature algorithms.

A.5.1 Cryptosuite mldsa44-rdfc-2024

Example 21: Signed credential `mldsa44-rdfc-2024` 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "givenName": "JOHN",
    "additionalName": "JACOB",
    "familyName": "SMITH",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==",
    "gender": "Male",
    "residentSince": "2015-01-01",
    "birthCountry": "Bahamas",
    "birthDate": "1999-07-17",
    "employmentAuthorizationDocument": {
      "type": "EmploymentAuthorizationDocument",
      "identifier": "83627465",
      "lprCategory": "C09",
      "lprNumber": "999-999-999"
    }
  },
  "name": "Employment Authorization Document",
  "description": "Example Employment Authorization Document.",
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "mldsa44-rdfc-2024",
    "created": "2023-02-24T23:36:38Z",
    "verificationMethod": "did:key:ukCRKDtY8Do_dXzYGyuX7BY-1dDYM4FuSiw0gFdO-eJXFH0eqlt4_CP4sEISGAzNlKDzLpUJWoInRywXOpd7FCp_QAJAlL7iRo4cepKhzhlq8xt6qd5jkhYF9tNH8z3RGDl9aunNy_06fWLYNScWd5RmGg46Po8T-kIjMMkJftaqqZcGDxktpu9Et2bnaZMx4K98YyG1urUpM9lgvldgg2qv-6XCrm2uXlJ9U-HN4xtQKn4Ug-5xPwbhPGR2pbcBScTFotkhBqLc2eQLL6zPutWF83sSZbOhD_11BjMkeiLyJbMeHCIhz5GDIbPksEFIaSho3MdFo5fpQ8QZoqCit3Jn4ddfuShfIoLU1Hw5EZ0xBiqOU7e-TINd7-7HsgHLmYMGnpqljm1ot3c3cfalYsg87WQuSscO7XNH3Ewa-cgU6Bnj1SGn0plTy6Yq-GxU8XUBPwsK_IoIJbXWC0UD97c9UYpNiZi0-ECnbB-Y5_SM8auMfoIeap_buAOdXlJZmcp8xNCXI59AN9-96Sdhks5L-JmsELzyjAgjqNx8Zt3KPFc2jSwNjDVC1fEa8FdDdDT3WNkF6KTt65lb5_aIkFh20nOvT7kIJcKTgmhRGNJZgGSPYVbMypaQoaac8dtEoQjvYgnO-rM_RcsiWMHNc29br3o5wdiLXdr63MoX1lEWu_THBfeP1JuxrSbUmHOByepWbubbSM4iVQITCxBHZT0Mj2bWwIxd3nZUajzebyEnsfitV01kpzlO7bzY2uxSzyplTkRfppc_7YH0y0PHaggw0cIXNSh73wVqNZmzmJx5W0_akrvy5oSz9ZB1Io2p_fTxzibefwO700bUqbElV_yuCjD7EJ_Hfqbog80y_g9TK6koX7wYwqFNQxBVavKC-HbcT7yPdvzs9hlC2MNWCT3W7gVgeYr4AFgbV9EgMcH0GtJDKYw8vkpB_vTsaSTGZAj3TNKalAwiGO50VAmF5tknF96kOrWmNL0MdkXhnm1vXgDpP68bMt4r2Qr-hNdJ4s3_nqmSDYTnZRA4qjXjrgKQfO19txt0tX7LifE1GZ1bQyS7NqHWXyMEhw6_F8pc_tS16VhvJO_FM7CX51mLLkLCGl7DsmbnEIsVUW9qlCxb6bj53UyijTYdu6uLZW9JISE2B4EevxzwDu9UGcJPHmJYi1rRQAP__jH97GiQC8FvkdAEfKqcwV9jAbBPQPG6lUkBLcoijgR3Bcwd-ta92oeZmcpoJ97PzzBbCL-NrppJ2HHQ1SMsYWoPveZTmZc66YBA0P9YfT4hZ0RQiP2gxB4snTvMFI0Ot6Q2nQ0p5DMxmWqIaCKW53rqn16AVXQeqC2TJjlbjA9sC6pr8GEGY2OQUgEmWu5GmnOSz1lNY7fNHJypChnieI_hyYiy06qouUpoHA5z_IUtfzZoMIG0yJiGUUpF9BJvYChDECCqaUM1kWnO5tKcohSKq5Hqwu_EWDRYF2tj7igSimZkS4Pts41tu8nIaVk5EkzAX9gCR2EX3Lk869mIxSyBS3MyG_NotPcbm6uXDn_YkV5Z0HkxUxYRA9hIG-UhKhK3VOaHZP8GcQN8noOMa2CnPd208X6HOzlIlxs7SRbzppUs_fHN1eROglNy-2oJWGmo-xOy0Qd44TtY0S_bYhu6iH6inrx3-yncSrWFxEiYosvYJD4ZBSyrV4d6UsfeNSHYS0ODTsdPqz4SYTeloZbIx8XWz7fxLXlNyLr3s9tp-Q25f1vTIrmQL",
    "proofPurpose": "assertionMethod",
    "proofValue": "u_LfmjHGGR1q1D2_Ue-KKAwdZpSirCp8NGDu6EDN3DzRKUAlz_pl_JNlzd3Pg4dNAUCGc-avNt1ZQr4y5P_h6C3tP_HTaNIfVIx1O-D9Ooy59PgjHZLWAWiMiVx2hfPiLg88dVAMqpp1gjuiL8XRYiGLDQONRCoRXjTd-fZ6cg81p-NZ8ISINOjWJfWkf62avqWVp0yTBM2jPaNIkbfHCoUpwdwSj_NhXJMd10qag_hF_Hob_Abjuz-eAmg76AkSP0R-8l7peBmqfwP7TcSKPGBT_FUGjwbEkse2136YiNdYlk-NALtyz1PRk85tXood34_RTqCiHpa465ey2cJQ7Ve8zYQvU00u1SLF49ahIZfFGbiXpbVWHHCmvIGuqIxwq6hkRT_f-5T8SHOWmRUutnk7l5bvK2BqSBB2vd2yJexEe1j_wH-Nd5TYmqFq5Zg42zxpd7abSPqcNkkTZUPeOsrghrFT-glm0xr2uWAoTGn6FYye-_YM58hV2JE295a2PPg1wJcvN1AEnhwANGL_SlM6r2r0g5wesPY0cBMNJpXenI4_iY5EjINGZcjlShAGFGqx37hyPElHaYUortI_5s-PwyWGSJeHJ8IJBNO_M0okoy1yF6DefSbdDghWOnRWUYvzJMiwvM8TkxSABlIJ5oevyiZR5cHVpKgvaNYsIxzkK2bUVPJ_E_GpIHEpGnlS5Y3yji_SdoG5mufkj3D_PLY71qzs3k8SfN7KRtXp5nwwjw1khyHpqN-sRbV1gu31-NcWVR35x_a8zzxEcV5i1Q6hzpp9Gi_VgfOxJZIeuOc8G3uDEmjnIlhFfHgnCIwRJ2TQZs90nahcrYyNUdy7PMtmRKBiVIBYC57fA3kndbzHfzM2Ed12Mv75MnSK1Io55nfk8jTdxKCynrEZRtGhxLlQ9eoA1zO66haknhc95FVJZh5e0tjew4EQprlhdpBR4t0fJChAAqgrJNQ9ov17Nt5Ly6N8gGzgImzI1qN2mClYHX7ow4yzAeetZW_5WEaLyn57f0Tf1kcz9AS3TJNEOHgfAs7ZXfDNCFLgR5Bb0XWhL_2IP6rbeChcB9WQEQX36kGjIJfnUx0B2OSGNUF0Vjj3Zkr6IP37MATawid9pbYtytcY5KC9pn71KhzBqA5c6xJ4mdFXDZIbA9qEPfDsUao4GYPoVeV-0YXVXe7nlUmFp4WTCxoePGZbJcRWtHTegpVgtKvynhmIdHa_CYP_M_KKaeAhiufFCc7JYmyj6rdwz-xipAiAIHsdgrgtRgEdH_jrhFKEPP7gC9S8tK6NCpEWpzXaRnBkQTAQyt0IMMyyGHAgoHx_3wFQynT-7IeKb5si_i7penySiP7QQigJ6SB1nC7m0aLDWvcZ-X3A03BMqlYTgE8EWvJHtjmsjJSoOulD_WN_mLhXIIkI8mhX6-1GggQBg3JkqyRr1i-hdnpjE7iCgQnaS6Gk8O0gU8i_EoQh97275vaf-NwaXun-p3X_0U3cwTzsGGD-EIJu-zUwSThIUa4nKyImm-yrWh-r8tnQ4_o4gl8Avsw4Y4YQ8v9d3U0nr3E_xw0vKWMLxenn2xYGxo-wy-7W-9S8-SnjqyUxeDI1IwRzHYWHjP6_NK88jzpVTP90ySiIg_pAPxff7-xU-xtIgc_41bH1mjIVL_lK0sTS9F6acxGY7J0ijPMglCD72QUUx-J0OdESpxOhx3o4jc2thRhYzLPmZ9mXEMHwMf87Td-pdwBFFI8ff4eOozn7nZbih27UL-w2Xv4fHbBkAi0njje7JDkl5DyuyCkR86aVv1yTFemiq3rY8oHhCUIiUq3HyqCA5wD0mx43RDH00bTEQb2hPQ6CEKrgzpSp39fS6hsZBGCFXkPxsQAGOkRlnTPkIdg-pl1sVz4CNcpDcOBZ9ZNFBSSw7Nc4DUefLTD2n6nCswhQJL2wBbPJt24M5ckBD_0_CH7WwprAJKHgrJS1NY7X5iDaBl_8GvIW73xKsYBL9ZdUbuvp6ALAuQD9lsrXlzGZ0VbO7ap4484dr_v4zxteh82ksGbZZ3ujCqmIU9lqTtR5ahX9GGsLfIqczWyZbczYS9xU3ow7rG5muPDuZ9EVScvEkTbnP8Dw2238YKTuZIIALDShMYUqwPjnUpORlLg_MyRodiaVR6PdXbYSAeRchLXPNiwifsjvHbLnTeFeVGjshluYEpB9FdxJRAJpPMTsa0-t06q0e4FZXU9fs9lOwz0HpbJEa774XUTrM1XtqyAh2yKHhtTCQ6_PduO9PJE-OkLx12W2nc_ql7IW7BGyylwee-RaSVKmg26G_0ozVx--pBa-HZpcgNIleI3CY1TwMzZsT49QNMJ0hmsnr5mumiX8eRmmo_GeT6fKY3AxSnc0Y6yrTmT5MP0wSz3jssXplN6UkzahDPUww_zN2Tc10Kf9ehHrqCGrZho9r5Eq1o6_yXgdNogbiEl_VltIVsujdwoUHNSOzZJ2lKYsB2X0o6G6nSvXjWJr9F3DBivxsDERQTWOyGB3t_0ogmCGnwelnB9k-mz90TwbQ_2K2xd7Eoe6rfSJDTDt25u9dSI9TGvDow7fmglua7obkDlXz8JzQCfNhPqAO2Mv9TqqGywbDqwucJDgfFRhf6Rp7LTRUHQmQeLZCu1wfCCkBHs2SEIyj53AvNP1qtoLon60AQ5jP0sW1XTZHsi6xS0W_6qZq5UXFHNoERFOdkb1Ry1F4ScixWxHvXMn4SkRfQMga7ejtK2AO2ofJc-oun6IkE_qiNnu35JXJjvANMhgPwmoHme75e_bFvmHQn0JY2Fg1DrrvXWgE1S2uDJwtXJ3pi8SlRUfzEJR634Zw4jZWxxSYc96J1PO45jpA67l2PDbIxrqKZhkx17zy1ASfdSnlRLYcbqaTfPqPb1IuXm31cA56IQijOM8YNFbEfe9u5ysx4q-QyiluT91ZcCMtDOyR8pXUBR8UTSFkMNVrvE7erdosWSZM22SHF7LYlSK4-L9pybOndjM81gE_2yRtWgNkmEhTP9wGqBa_MfDxSa7iTUBr9joSn6SgCUyfufT1ZRlnIF0FU_qYYWWL9jdbV4k9v6aetHY5sgS-2fgJRGvy8bKD6M55TfMxQrI3XGCf6RAZGlNnf47T6g0SFx8hJi1EVFljcIuQo7PGBoS7vfUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUOHyQ"
  }
}

A.5.2 Cryptosuite mldsa44-jcs-2024

Example 22: Signed credential `mldsa44-jcs-2024` 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "givenName": "JOHN",
    "additionalName": "JACOB",
    "familyName": "SMITH",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==",
    "gender": "Male",
    "residentSince": "2015-01-01",
    "birthCountry": "Bahamas",
    "birthDate": "1999-07-17",
    "employmentAuthorizationDocument": {
      "type": "EmploymentAuthorizationDocument",
      "identifier": "83627465",
      "lprCategory": "C09",
      "lprNumber": "999-999-999"
    }
  },
  "name": "Employment Authorization Document",
  "description": "Example Employment Authorization Document.",
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "mldsa44-jcs-2024",
    "created": "2023-02-24T23:36:38Z",
    "verificationMethod": "did:key:ukCRKDtY8Do_dXzYGyuX7BY-1dDYM4FuSiw0gFdO-eJXFH0eqlt4_CP4sEISGAzNlKDzLpUJWoInRywXOpd7FCp_QAJAlL7iRo4cepKhzhlq8xt6qd5jkhYF9tNH8z3RGDl9aunNy_06fWLYNScWd5RmGg46Po8T-kIjMMkJftaqqZcGDxktpu9Et2bnaZMx4K98YyG1urUpM9lgvldgg2qv-6XCrm2uXlJ9U-HN4xtQKn4Ug-5xPwbhPGR2pbcBScTFotkhBqLc2eQLL6zPutWF83sSZbOhD_11BjMkeiLyJbMeHCIhz5GDIbPksEFIaSho3MdFo5fpQ8QZoqCit3Jn4ddfuShfIoLU1Hw5EZ0xBiqOU7e-TINd7-7HsgHLmYMGnpqljm1ot3c3cfalYsg87WQuSscO7XNH3Ewa-cgU6Bnj1SGn0plTy6Yq-GxU8XUBPwsK_IoIJbXWC0UD97c9UYpNiZi0-ECnbB-Y5_SM8auMfoIeap_buAOdXlJZmcp8xNCXI59AN9-96Sdhks5L-JmsELzyjAgjqNx8Zt3KPFc2jSwNjDVC1fEa8FdDdDT3WNkF6KTt65lb5_aIkFh20nOvT7kIJcKTgmhRGNJZgGSPYVbMypaQoaac8dtEoQjvYgnO-rM_RcsiWMHNc29br3o5wdiLXdr63MoX1lEWu_THBfeP1JuxrSbUmHOByepWbubbSM4iVQITCxBHZT0Mj2bWwIxd3nZUajzebyEnsfitV01kpzlO7bzY2uxSzyplTkRfppc_7YH0y0PHaggw0cIXNSh73wVqNZmzmJx5W0_akrvy5oSz9ZB1Io2p_fTxzibefwO700bUqbElV_yuCjD7EJ_Hfqbog80y_g9TK6koX7wYwqFNQxBVavKC-HbcT7yPdvzs9hlC2MNWCT3W7gVgeYr4AFgbV9EgMcH0GtJDKYw8vkpB_vTsaSTGZAj3TNKalAwiGO50VAmF5tknF96kOrWmNL0MdkXhnm1vXgDpP68bMt4r2Qr-hNdJ4s3_nqmSDYTnZRA4qjXjrgKQfO19txt0tX7LifE1GZ1bQyS7NqHWXyMEhw6_F8pc_tS16VhvJO_FM7CX51mLLkLCGl7DsmbnEIsVUW9qlCxb6bj53UyijTYdu6uLZW9JISE2B4EevxzwDu9UGcJPHmJYi1rRQAP__jH97GiQC8FvkdAEfKqcwV9jAbBPQPG6lUkBLcoijgR3Bcwd-ta92oeZmcpoJ97PzzBbCL-NrppJ2HHQ1SMsYWoPveZTmZc66YBA0P9YfT4hZ0RQiP2gxB4snTvMFI0Ot6Q2nQ0p5DMxmWqIaCKW53rqn16AVXQeqC2TJjlbjA9sC6pr8GEGY2OQUgEmWu5GmnOSz1lNY7fNHJypChnieI_hyYiy06qouUpoHA5z_IUtfzZoMIG0yJiGUUpF9BJvYChDECCqaUM1kWnO5tKcohSKq5Hqwu_EWDRYF2tj7igSimZkS4Pts41tu8nIaVk5EkzAX9gCR2EX3Lk869mIxSyBS3MyG_NotPcbm6uXDn_YkV5Z0HkxUxYRA9hIG-UhKhK3VOaHZP8GcQN8noOMa2CnPd208X6HOzlIlxs7SRbzppUs_fHN1eROglNy-2oJWGmo-xOy0Qd44TtY0S_bYhu6iH6inrx3-yncSrWFxEiYosvYJD4ZBSyrV4d6UsfeNSHYS0ODTsdPqz4SYTeloZbIx8XWz7fxLXlNyLr3s9tp-Q25f1vTIrmQL",
    "proofPurpose": "assertionMethod",
    "proofValue": "uTSucVLvXmOpmjGGNB-B9rM-u4HzBxN8ZIuZbpTHrjOTNBnahoE4PSdkeD-IzLLXykJn0aYq_APExy-Ka0BcJNMvKgkdjbbP33WmUwkzljno3szRUDrN9KX2DMH7j0iOBakU4ByjD-hTSO1iR6rlxsZPHJM1H-WLMhzVSggBILAuglItzstl663Gz5bFjEfbKAgfe50L4v4PjLFSDbJYcg65GtCKRXISkWrnJRuToWwvTVdcnIBOQwPBFKsvApPJMKrUTkIuZf4-V1uJ81zzct4o20O-DqLQ5bHfOR2n5Y4DSy6e5zg0-S3ADKtMtuPaQ8cAPUTEKRXGRQnSndnrtgMh2dimvpSaaw0TDy7zY6vrDxJa1tkrS0ulKf3Xz8xsNrNIkx4SaKYWPTjhRvdKqjdrpbGRt3mRSFFc0VE8vK44F_EVFIhwouL-4Rm4mXU2QkiO0YkwuAJM-QdWUACqzJ7TSf2QrrU8zAwOLbrGS5uZ1qLGD1PcgWfg2d0zTAYmcWP4LP63fTnFxwr-L0N_3MLFXixHNEp5osMlo2lhl5noDCmQpqCgluxkd5gXs1NSpOBbWVQyYWcj0WMBtMam8AeqXpA39L7oqvYxqbEpiwvKrmHsXIEZrnsHKCk2P0yc10AFCCtsIapvTHwIAjbDhX11HFU5cci4X5vCdG2BUzRsgmGeiYiUClCHmqsBW4z2GA9r0d9jtHZ03nMie_qS95XPsXuAFqypsP1HOfcIUAHHS9Wn4XGFz3hXoqMsmoUGRg9vEpC2j_nkcYZQphYLs54veWq5BBzoMqPuvYhhRdawdCnn-LTf7AxQgVGoRTpTy4IkXxr_pC1LUJZJkdKeG-2TuQzyHSkbMPu3YbWsGy2KxdGeFN2yUI8TTQ-MFHl-_jDCRBrAYyCVOgML4NAtbGqvs7h2tGZYI-m9MfjG0vjp7CUyIPD8BV-Yhku_bHd0hcrseKtYYyUjxISf2wveo4dfQ2AnCVdDAbBmznjPIDlkqx0316sRc-vXJGRQmfXOW1dNk-7WNBrJVQbnT9m6cf0UEl3mEgagk1_lLOxTgjzZRpWcOB827VB3hPi7RdI6U6knXuOflHPt9BZN7i6OAl76k69uMFH2KNH3Abm0GDhOv_nu1lEaOH8aXdOqL3U8Yo0cp5roOoTw5fJP2gxwI3DY0TOWeNOCfLXmnodgoGaKG2Vns4_-gN_Mg7g0ZinguwJMwKACx07H__ffh8jYQdc87EjCNyH4m8hJICvcC81J7CKb89YTZm7IM0D1_qTR5t-DkuU4ypxNuFOCxWpN9y2QiLAAobDdc1Y_S3nXFFkLmsn7hUNhcgXxPC3jLifiM0IV7DAqmQpk2ZGE59l0VTKb3F2Ualj9JcqKtLg_b2KqprUol9WtjFlkbxqJPYyCKnSEitzDnDsfxTRFEIViTx5-1SFb0NjPE_hv5MewCkizNpfo0b-m-FxvyWJnDYt4Igv8JtgF0K_xMRC9Tf3NaQgFHb1OgkBz04C3wsxoPLqTgMWoxcZ2-2x7TRRvX2Nh1Ye-ZrpmF5hVeRMK0ECj_t5HLPaq2md18rqnhwsZv84-V0eReDyXVIhkE2eAKedCM9t13UjTfF1qFoUQ3D8xQ6MfR7zFwf6X78Tb0EFs0cBQ1TatzWysbE2b_0k-YbT78G4Ko8FlmTljBN1b0StKxzOE1Kp1h4nDBY9jZYYPNnVrtAGn2AKN3HWr0bhhF8fW_G4SA_MGu2r6LnobB3MLCSj1lbVZSk5YtCtMnkldAsDagoI8lRBlKW1R7PFvXatSHcwbe352nVuvZYxs9QJVSylf2QS1xeUQUMS4AHd4h8Y9HqmnGPr5JX65uch8sr1bWcpGiNlwnMlFy89pnEZU2v7IiC_foLi8JbxMud1k2XRDwThhepEf5bxqlBcgjF8vAbGEKAJg5Oahl0GCBffuHhuUXmuF6XwOxLovlJUM8oFCTayQL42NGz_Z2cuFltmiy-cbI8NmEpvlOPnGZBj00ZIrp9tAgwepYvlt5ticFn9ufU-f8xZpBpZb-rf5sVTNqYmoOYvhKVhE5cCPpCbzZ5GvW5ukB8yLLJC5sc6df9oSoujovfA_VAXqsvmBuKU4cHcNTNEqzsGEg_l0ln5FIHKH3CRUTDemKN2vbtmTz1snn4VfdBFAlhJhBItpBmd3HibH-1q2WD313j-cE5nW_QgQeDn_JFJ7zwlORQVRUkeB942HJjkHWXCJMXz9LKxdncKalaVNm-yVjDkQdgA1tKl9bc_QnAL7HWhtHFc_XhzJvQxqLJ0aLUkkrnphrqscG6D_Kdh7aTTkDjDSA-dmgRQBh51YVBnfnp5V28AwmGXXglBAWCWChGmAtac6xeLbxW143426J4HMAUIpLgNhjetQoQqKzVTIpzcyo-GK8L3C0calt57orTswSRqDjxg_6zAQ6RPNoThToRqb2QgHr-gOop6NEJkEy0K8GwPg3nYAFgVVjcCyDtMEbIrHXJ9WKg3oTd14eC7GNZgQ75aP3HpUAqT5gqWdxer35Ohs3n1FylwreS1kOZ5Z4OVW5PVJkNHhKPfaNq4mQT5vBAWlWphOotPHwTbN7oMiOGYu-AMTnsLPCn0A3VEXx16EROpu0zlVisEZo1sya8nQaJYiI_i3MEWqvV2ypvcMDYt_ArFjxMU3tjV5tNcJgIoE5E5UCGyo2HQMvN03T0GdHZr7txswg9HpRJqntiJzm0iAr9BhRPfErg4HLQyc92gOH6UdczP4hvbweP3mcW67yUT3lH31vznZ5lIJ0pth3H_7khwUff5daIROar2usWxoMWTItY5HC7v5HBjnfqj4EoVi1A4Uw7RvHhaCMkfDrqqntNM0TDDSfDP1uCB1RwZtcuWpNfLWYyP1B9XqwKg3EworHhIq1vI74gZROvebyYqx8UCFeiLubTfXHJrC2evT99ha6jf7vg8zKgew6Cj3Jz_RSRE5rF5uQQno6PsevbKKtZsQmn0PQphfNzWqacMpred2yrmetGOEG_JvYxx5Scmu8w8Yg-3V7yhMeDsOh0DZ8sjTw5d-w3zKUNeU2IZzz5wvaJ7-8RRxyJqxFsUFaBv7WxUZ0bmWg4pRXdBUKNW53mEUGDigpRF6Fla-6wc4BCDhwfJWdpaixu8Lf4fkRKCs0Y4-lrsTH1-zwNkKBudbd6v4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwbKDA"
  }
}

A.5.3 Cryptosuite slhdsa128-rdfc-2024

Example 23: Signed credential `slhdsa128-rdfc-2024` 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "givenName": "JOHN",
    "additionalName": "JACOB",
    "familyName": "SMITH",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==",
    "gender": "Male",
    "residentSince": "2015-01-01",
    "birthCountry": "Bahamas",
    "birthDate": "1999-07-17",
    "employmentAuthorizationDocument": {
      "type": "EmploymentAuthorizationDocument",
      "identifier": "83627465",
      "lprCategory": "C09",
      "lprNumber": "999-999-999"
    }
  },
  "name": "Employment Authorization Document",
  "description": "Example Employment Authorization Document.",
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "slhdsa128-rdfc-2024",
    "created": "2023-02-24T23:36:38Z",
    "verificationMethod": "did:key:uoCRINKVf8moX85R6JlvEIQk6Yp0uhjOB-Pn21k9wfPLpWw",
    "proofPurpose": "assertionMethod",
    "proofValue": "uqJPI9rTSZFuAXX9ib8DRWyqMHYB9UDLcPjtsvPg2F8YXSdxikxgpxgwM5WlJhw1Flwo5cbg-k489IM2iYoUjWlmwIp9lSAjbdm4eSd5yFiG8YVUhAdtql0AzFk4EYfJb6pQQlDQJ6m4ECkTd1oG1mxzdSZWXL910p6bwXjWWPZ-2LtuH26vR40u3tFeM1y1GIdtsqOiCgchAaDGGe12f_q-1d60yZwiyTEjC4O5lsCJ_P4ahN0DUQ_v2MObEYOCTGaG2zRaqkNIcbXXhjh31mMI8fb3S1LSyV3aMwiAmE9UdbcTA-O5JIsJf2bNZR_c3ehKzPvGNwLXdi3ufyTVcrazXRxVHJbC5PUnikvzHNUjdTGEc83i_BMbog71V8sKDmhgD4hflBm2nGDm8K91MtsrrWUWSU_oeUuPNkrvtN8V-ElAcW2TQUaazIlNazLISgR183cUmQn724i9icbflpgcKlfZ3nH8RYO2u0UZHnNUFNRQkuOEz7R2y9klpmKr-bVMl3Z8eaBOqIcQaBM_M-uDMqP4uP7B2EDdbXX1ukc9O2fIXrK4GykvCI88URhqA1hMZnV4K3dBlpCgiU4XU9wYJNSeghfo4-D1gJFoU7GienDgmq6lP-qn1HnWKwnb652aufVD8pL2aM-GTg4pUJfZNUGCOiKijtAQSo38arskxv9IC3NGo74ATzRsM6ZIpLU9s9KB2wCa8LHbVy1ZAIrSf8S_dH7IsfXkrc_pHjePTR-xatlH0kRLLWTbDFawRhlUFelI-TmLEmZm_ERNMxwBbCuHV4IuPDeFfTRhN1UDaFkN05PrVtLC-q4Yb8qrLH8S18My64SJa1mf0lobAglpwK--p9XTkNJdfSMU30i-djVWkd7Zar0clsJQP9SVPTYsH7WztqLqnmWL4YgmVKJ753fUeG3DdL-4ZcsD8o-1S7PGFbnnRvJwpcCF8nlKMSnpOqlZGq8eeuZyQ6PSxJ_WO2kW-Xp15Rvryn_VVCocNTQkjoo0e88xQEvqCE8dtrWvSY-ngK6qQ9dqLpZUCwWA4cXwlPJYRzOPBee2PMOkaQJPAAXIdHhAd096MK9-aDdquyTpoxc2EatT_Iy39KoxATxFxOseZah-D36VTTxwtEU4HO0LBUN_ddSO5R55BmOA70LkEaExSLxB4DhZfdQXhoMjKkTtG2YIoSEPX959du7yXsRyIDwp2Gdy3SdoxTDyP-VLaiEyC5hVut9rwBZRhnhETRZ1awX8Y9TobnkZs_qRTRtd8HftybqUrIebvABPhpmzEdeE2eBKP8PsM6u4UCBRw0p6d2t9xPODQjcEbOle_nSKPJHlGVl9xdg8CDjvRJoc2o7cDKtCeGPs_Y6jLnnQqPXAbRHayy517upEauA0LiCRTcAv6kYSMjcEPLn67wEfc3fti-EgBIG4q00F-rMdFb3mhRMB1ZnMNwddaxMeXabbwTxjaxCA7mArg0U3goldqJO8pHzy-ObnlDXArDlTx8YMyAWvB0c6WY7F9GIs4VckbOLoNMF0yVR5LDAJsL1LpROUVsM7fHQAI2jTh-6KVwFSEcXY0EnG0Isnr34npSeD0hXxc09SdfUzgl8XWHaILQmuI_OWq3m60uIKjvtzXkU56mKQKRgR5ARmEj_65iApDoQgpEe0JfSaqQJGnz2eCF1RHU-ZbsLl5G5oBayATl5CC77uKqpH2NnX5wqBsDV7UV6qgC__oRG7ykTogOw_ojqQ0pEUUaWAI-f1E1GpGF2zyZ7A4MxUghFvVW2rsoC6X01et5IBM6nwkCgk03J_uUurAKJUCeKCOoZJ_tLW_cV_aQLSII0SRUSqLY2k0AEMFjXI6gfY4-aV-pQmefmdOjXyiRZyS8LU_EHo52NMxsePzbstZ2TKFMOHZpQpW_H-Y-PWgr6mkQYH5436fztJuBhSqMF0SWYAECdjF7hOzyAAIHkkyDhhSYJhpPxftPHSxlE4tPalBk8jQvg6mXVrCGMW1gM2w04qfKAy4bwuQxWdHVG2hjaR8JBAIgEA5uLhUCI05QSCuzYvqc5-oEshwSiQiHeHupjCSViMN_Ri-2G8AbFkFekNKtUx0cryVMSsTSKq8XIn5NxngQfhNbHRmwhUmiqNeaVmqZ4KiXgXXzpFJibD-DdLfOKuH1E2cLPklQ1UUNozNDDA__YWvODGy8gRR7emCLxpVuaKP3XTUQZTATXtwCpdongbIWTf8MQ9FhaRssbYHc45F9UPMSzUGlIvyNUiiTypC8-gVQRDNeHkhhg6aG3huWvtso4m9RmiO1Yzma6ff5ib21eJAMJh-kjds-WEoQpKMcvSXXanvrKXPylvXkx4irUSezXkxM5SzxguPNRXz7m5XHIYi7TgZArXL09eE-zMl5Zdi3unvq4Uj8If512aeGWHtWUwQ-cHQX85FFizf7aQJy2vcBZjEXSvbEApSgB5uSy99dWNghZeK2zsH6xU6r1JYksxqTySl4HuM5T-HwpZsUI27WrJ9ztso1RNDXP6m6BcShtSJm1r9BoLrogLqANijcWdjuCre0cbzTmEGJ41igw3EQae_wvweWWhxM06IGOaj9WTU7rDykmF0oR-HV8w1ACi8xRgyOVy0_nREaVVln1BZZJqSHpPuMBuJjMMDvuY9AU-9e5aCRpYiHTpTT_k4c7T34DrUgyzA4K8nlmrjDbdgEtDDnqq0UB6rPEVUTZ3PD5efdPWd6lCMQtlXlDFURFpM7htw3RqNPI1MjQGDfir6_qTY-MRD9XiEFv-ec6S7PXj2RW9s9f8mmERaX_BDCJasRPBoQ0lGzaGgovCU20rf4YAjejw2ldw7x0cJINJQ5mx8RZqNyLyytYbioZLgXqtBm266P51cIpEb1_dwAdacTfhoHPohC2BJcHnQosLKTkqq1JlCHhcbpg5YP1mFjjs-jdqFJLGD69zD2ubDE-ImduGJqg6iWU1bSwoDa5yQgMZAT5GtXjOxhEUUdLFd-Rvuxe9OA-O_XiSSXH5A3sy5lxtTCuO1Gm9mR9gbxxwlkT3TsKkQTDUNPnk_KjptNk4NNiyjNMxrQ6E6YiX2xLNPTVr37kTb-BtGgo39FzrHczOQsYa-jlENcGk4SyfItIgVHfzemv0v4VtGVIRC5rVn8MuwRVI-tZLPVAwxMgFIv0O6D6rrndmIlWZq_4oh_CwmoNMsHbR6yOdoBhSa_7ig2lLOriru9sAia6-dU3eMNj4b0yD7Gf0NGJ2lQmaBozk3kHwv_9bQLxRclbgT-BzBtlKQeV0cj9zZTmbqUJG0CGqQg7chsbVa8gJnTqNEefdEdpX_lsmqAiqxDkcgShURhkPM3ctuVxau3Mgz2GKDuCQdzOZQsJqOUyio09IlGimX7ojkB_RVpSYPPZAyC6G7mP2rGrZDYk-GXy5o2LlG8zHoBYLEOzmvAsUDGbR-PQG5yDcQ6nGnmrozYKH2PLLKGI0Ur9ucuSy6BQm2QX51f_ng9yl3D8cXQfOD_E5pO85zs3I_r8KbZZU2Izq7dTlF-Vk71ne4kPA7bJsX9RulW93xEsRDoilCVtgqJB6R9_1kwk79jlcNaY2SvNjaGq49zaDjyhoeBupVkWV8uHtwJa-m8dv8-sWZmRZFGM-n1Cwt-gR6sTfvxtnezDntSwqpj8uUsG1eECsrIRI5Wjq_a0vcHUK2_R-Mm8EiYchgrgSBPVwzbae-yw_1Mvq1kcTynS_DmTcaqS3JLWypx9LjzgInn2be_9t96HLk7Gy9KWiNyxVV3dJaS1vwRLA8ff2r4Oy_xCdkAiXpssE-LUV_vU_zqpdEaJ6Cs8b9eCN6rjc_xhXf8bganch6jqCZCb-8cOr9vNYFzxeDODAvER4wGTvS1lmT3FZf5TcITyKpBeIwwK00ZwEj9n47-mS3zeAkc3C5wvuKaphaDoCmUDBBiP8LWku_oOnPygYAxNtHjrno0NKlcE2WVcqTSZ_V8B-YNl-PKjZfT1TnJ67nfo0cplsZL610ErqH2ws_3GPlEdQKie4I4-e_uYLoodHI3Uzt8D67WzwLePTFFFhLlzWBfbWo_t9UvcHgjZ00VMrwpSxzAMKgQYI2U-P9Rq_36aXabzWsiXUXxWFxDUMm_-sE_VfyHUNjfJpF6v2ejnYj2Fph5JoXh1OYNmvACjciqNWJKtSa8KoNAflBUqHOANh6F0mFLbB43thhGv0q-mo2sRJ8ecihZM1kyS_vLf0gDSu9o-vHW64vD0ueVZwPqnGOL7_jtMhb5hCt5kfvzr4w18KtyF6rxDn2YT1dYAVQ-hMfreFWTLWDu8-hCD40Ykmrg0bl4ls6Dtzoxtf79f9c64jiOA6n3OsVp0jfNCY7m5D6iXVHUW6qHsZDmMyqskc1QraJ-b9nkVLaf9UTAzWRnakW_HTLH_YTG64Lnr8jeFR8b2NGypI5XVUID-WYRQCw-2Ft1hywqrAVG3e9WVANPbxrFlhY6MN-jUpNlaKKZYrRdtIvjfa-rCuwfvZbqSk3XX4wfetJq5UPQaSst-yuc_O1EHFgVEPFQxE8UnWrMbcyPsfbGV4oKSzMeSQzUjmyBw98YnmFSo5GMzXcV6i3CpfHpMkpBd1Q-sQ1oZ1ofGwHWWklcPgLiwOoU5AQ4vxtH5EnjyEhOGIX_5yjaulHIBs_PNRzaC3kC89MhJLMFTDWYEh6M5jCqV70zny0EWiMc4l8vMiv72TmgdpQzihP0uUrchLMZIke_3uRQsSubsbcBZ5BL-GYHO7EPQ5w1zBI9UuG6wHQ1ALMryqP2vyz-ta3uiEa78tt_Py2PY9pRZavE9qWXDPWA0fQrSPIgaK1DAgsv2ZTbioVCiYCcPYl528iuKYwnr4ni412xp0gXZXXswVbaDHmtez7_vLizx-L5EDeYh4vVm59FdoZFd1vslv9rL_Kq3-D2-Zfv0U9qi5fEU0ItbGMxf8x_gVmsBKSkMfScc2v3zHi76FwwtighF08j9AFnxCsYwR6wK8l2aawgCSA6HxtSCsEaYcf-SyMTMtKZDchlh4qapaUz8HSLuGw7C_kVktbGgeqggDu-3sRr3nqi8fM_Eijago-B2_Z-cgN4lOKVErgmrKlRMdlP_S5viCxSMxPDOGRwk05deFA8RVEO83ZWkLkFkFAFyNL9z3AEx4AltH60rl_J31eUV_04x3s2GY0X7n3TN1K9rXh3h3MWFEJYxV46vlFG8w91H2vvNAOZTF2a5M8wMBLEyZvaMK72oSRd-J29xD69Ev8nZQOCtpQ73KZ2RiLP_BffF2GGv8ohoojTa_b06seXxlLZXh1331JjuZ-k4FEvyOEFYpQ5yV7fat_l3HDpangVRnL9IL-60c9oYFcUy5GZ83dbolMkd0oAPmIqChJSumwulIRRD3gfIp34KyOjYvoGAHDeiLO0m-LeZOsNv4dyi5KlifW-UXtL_K8chmFuPBeqbHhAS3gdomeI6tER9sHoOHg_iVEfDqlc91Qy0kVTO_yLPtX1wgZsitnl51fFBsoQOW2_OV4xpYXL26-0hzgS2PrOy8n11ccA8DE-T2l84wQ4wgnMs15ezAPGXLdzOMvvSCMOp5qbMNBIjz-FHMfkQVZTfwAjqMxS32dli2MOf-dOmGbV2n6MJcEUMIZ9mGPulpAgrJsR6j4xKPWn-RsRBrbK5cVHzsCPLT_7LqDkVp2YT47TNTaWCBTfH9PoT5huDb1t3uEMtN_iGEB0LoDlCWSI2H_Wkkr8XifcGf2NBYOTHXY7VZI9uNAUvW5U6lniFIxNjiFeccJCG_DPzAY7bO3XgWqtDzaFgDgDmCEf1ZFMXN5Fmu4GWfLv18V__mPvXYFu0NkAjVDVX2te8GZwcgc0SPoju8-RAlntfqFD4YFaoJXJ7Duwa0vAWazNWsSXq2muPQII_JFRVjmqF3zFe2JFZDCbAbiec1g_2zH5XXDFO1S7GVVsrphiec_MFFMA8t2vMzqVT9VLoufXreMq9tvQSA2gN7_MrSreH9bx9F3vpN3nh1wI1jd-RvgaOAbwIF1x6-Re7VVMassV1jqKE3CXyNiW2IjgOYpjbNilvcpAy4p-m3cpV5FGR0tERJSBeV5jeV4J3tWybFEvY_bqY2TsfSq_Poe3UIrr409YwcpLUaPvrqBdYE4eOB5iQG_R2-UvN9Wwt3SLaulG7jp9Xvh5fk2PHLaQ1F_xK1iZghBHRQzORhpTEaT4hTKJRwiMnku052jKM0IhyWsEx3wGYendvHEsJWfN5SGN7o3K2QOpRTGc39A_YcfcLuVYWWmFNhvg-tf-_RxwbPipzf7uyPCNNyZJ_yfkS4VNk-KIpM76nv4BYEdVfx5ngp6H7lbQIK0qE7gQbFamCZQFgQn8uqrA7JFZDZUPo03U0uRZe-weWt0OCsYYoyt4O2y4bItFv865DwQJqDzQQxiailXEP3kO22VR6TqnokBz5GYfigSudSRFsqlJaDUt-JeSBDwQHqnlPTvLU7Bx_PzOde20jAKGk78v7trSDv9rNo_aDYUeu8_PheED5C0dgXx0a6zmkU8aNMZoym5HDm8-7_DZQoWFAniblUGFXcFTn8qpezDEnFTFwtlcrDgHxdREAbfSMvoMoeTwe0U2cJPJFT51EB_RYxJR5qIyTDjp2IgzyyCuwEXh2tRKPdkX5QTZLVcy0rbC4TPQcgqkJogvkjnB-u8D0N5pmGiSf5U4LxUpAgXOI9-ThLQiwrDMxP3KAMZJoJiT2tiLzo34ajMfmviKQZDRy63Eoyvh5m19gJCWXXfOBXepCYEi2U_9aYYBSMTPb_19rn5pCaiK1G8fRzeammBtXr0Aa1bwPLVcNTv1rFbHKbn4S-OklXjd_-8JesA21wtVKbBFsahuoW-oaEyBMDA9vPNhz1cR6lmT1spqTxpgBDckFivTnjY4YTGWpXi9M7nirdVQiS4jUWugCGHLWI15wAJ2vAABqTp4AfolFBdGVauOn1Wc7MqVIZ2TCMRAiDnJvLMdCoXZ1toJwe65-AfK0_YXDoWCDieArF32Ggzs1oDDBQDKvhBy2AZFbJ4hAmvnhouiv1zHyMlUg0xHLxopyKtHnJshHWyB4z38YMCb_ee79ILJmFRA8ftSW7qvkAYst65-su6usGG15hiuLi3GwJ5ZZZoAuKUWtM7XB1_FIIgmDw-q3qUff3Z6YXK28ee1cp7azN66R-b94Z0y6igtRnu80xCThMUCZoDdePamuxf2LeEwB5PUIj-KHZbe7mB09OXyR-DF_SZR80Ncr6rB5f5psQQm6GvBfYnPIw3hfiYbx8a--OzWaqu3_-CZcJrcFrLZR0jN8_tialEEzFX_6ktbUCwtsMhDe6bs8u0G7qHH15NFm87l0ZXWo_BXVGyg_0yFFsEkXKk8kDWfTG0fW3xxg_CXfIYrywTO9BUyTqwdul0s-spSTJ_TXMz5MjwBO67BGNzlikVOTdXnUg6enkaA5F-Gonj-gfEaWh1tByNC5Ud5t-Jb2CJmgeZ1OP-0uWbg7LnoKaJF-gWo3M_Aga7dyUAvCnCn2nZycjYH9ehDQFHwPqeoyQdj40_F7nJH3Gxi0bw9JWVYZrLjHaDVW2exW6Lj7z-UhsklKKflmoii_L7kYNb-cJ8oqNaEXJyXnKmuj5w0ZCowM4xD1QxgUBaFlzxwDQCvR5IiC0oBqachjdx6bXadba2x4zVcXTakVQn-YOmbOkGkTKRC1doa5Sd846piUyC9TSGUEpbgXXgDRHyLenv-o-HLS20fILrp8fFjEJlpdxHIBHA7PQ2NZ55G1IfwvZPL4bgigNWOgJyh-kFS7Sbqtiyi9sZtKq45bJLw4IpUqubHiTvI2fUw13rWk-eTHOVZIHfWlV4WDsuYVJsrt0PgwoaVGt0HWpsTQcUWKkGP-0QmGqP8ghbO33p0awaBl5jDIROAACWOFqeFnAtQWcfEjlgPCEKAAjAMVroW46s5gi1JaeNxmMR9Ax4LA-A-NcgPManukGh6FPEXOrwl3kxca8nJJwQLTvEPIPqeKmg0mSbimkWbsXe_MnqgzCSyqIbksYx_HLGcXKw3sVX6kInw-xTK-UsJn5N-sJAYNrCJPJMoL9GopkF9aDrY1bkijGGFnY4Ube7Ac5Y9p3xVX7CUZ5PPYDQgihuvdVlPMdQvl3RiVft1np5RX6_PJPlFcSs6eCgs4Vj5o1MGwI_KvT7KRpEjnMr2B4_LxkKitCIopcCBjxGAjBQjno_ygJ3dhyQzM8UsWoJZDow_XxFOWKvlzieNGKkIb6SxsMYZHCVqKdO8XYV0LKqfKJTcArd2sA3xzP6FvpzV_L1s-3CRFXwHiOv6_U-ayumxRIt2Z6eQlLgeE0-jxBa9xPeMdw2VXlZtVssxLtX5_4gkZgXNt2Lge7Ev-CnI3uf-39-UdFm98oUrAdT031m8HMIgddwfRHVlAaO2ZmdxxoCGpAZy5XrhZuK9yW-u9kvrL5_wuFNGbiysVJpnB9TtKY7qj-PtAdIQTNi0aAgH14z2L7jEXtJCZfS2hASqyGX7nmh4iyUfnAkKfE7_NThadomJZ0om_W-CW2LMviCwNEHQDjW6dXzndgIJAcQyYy4auLBUFPXhfb3rBpGflatT5KGMYQ9N9_ep6VyFMvNcRBQnI-8JnmfTpQo687dIENkwFRPtia3idrAjOGr6r3m2kaqQu9Ya7GZmtvhX7N3ppIvc-RiLVM0OaBxo-491qRhjECNV_lunCezE5lHA5dtM2ha5NzXWtlz4t1WpeOD5GeWR3URGdYhVL0xuhU-X-9X6m1ilsYkMR7m7M5n2K9ebWW_koHUJ3SvdM0a6u12se3Jv82XTGxrrTamUrOS80y3-1ZWVgHZbyE_4XWrEO3WswJD40aEB1Yy7_WtM8B738RMuTZy8K8jLhRIKmXGMxYqhM-R6mEs-nSqvsKCf0FG8CyQUByqNIx6ITovaFkDGeiK0Se3-kaFzxZS3j0JypZgoOh-3I_4qcHbB_qJmB5P1LcLKBbEeRFG97uQPEBBTD5BwGV3518y0n6wA4H1NL-Y8GngmEKFaQ9ihdKtmZT_2EYI_LH-wge3jtWBrHnR-zkNR-VjtPBiDnBcGcQ38fnywUv3xqjpZ-10GgQ9ZZUqm2_oPa3bVo3Z7mxJq3hmLKnjCjsuzx7zbszNhdt3rmevknkPD601Redsd_7966RhDX44MPP-87KV8RxxjuWdkv7C3Eo46YmlWgxDb-yWwtHd9QWkwgvejSiE4K_CbaIYs9PueevqC1byTVD3JvuMGpuqfRAnsKdWtr2Ux5VL8go5zDEj1PTjjG8IctMoTZ7wTM6GLV84DaEMlr83Shs6NZqbR_fw-oQwIRSEbN0f0Zn-_q67xV0XWNExaYYz5DJm3nq1xpkNr1etEizXCPh2loYjMDHGrJbq3I-VikB3lutUOoe3hP6mZhNQ_PvMXVIXdOFtGhsbyUQKdo0kUssBnAIKikGfVc82Sy6NCRaZSmx-R-PTWfg1OL9H0fhz9Gw-bqPPOcxv21d9BNKdiKWIOBtWGeW6oqqiF0mGFwxcMeZwqjVQTZTzprLEO8akCQP892-1eM302f102bukztpzn-bP1QV9HeLfAeFsrRy5YngxAqQ95Kkmsx71sxoOxbN5d1CMfdMAXeacXU4VJJeezeaVCqDKoI1fmxjorL46yI7sDtQEPr69tNr_p-VMjcB1ZFwI-RnK3iUL9qLsm3bEDHpD0rIZHNl0AdEHABbtQRgT7OK0SPTH7STUIY_Axqd0Lhou2mtVf-CKfYgZ5LUYVjhdiYi4pUfZL_RJHc7DBAhuIgJtWeZTAeCWLOz-cwkTyMdW4UfW7BA7T2vr5P5jlhtr6bx-I9gwP4Q5HzdD21dHuunE1NwSdnpmZqco417zRDWtGhIOyJRkJGOMgSaPXeKrGBfgK9NqE_kWbnlV8Yjz3VFUsPKX0gpZncl0i291hHOcO5lJstb-cW0J-iQiXOKlaR6wzAubyi89t3BQHGZ8kgd5iI4rsDzn6dDkAY9Y-W7ROhGoUwy-3fVEF9iNl90Qzv904GPkepYWkzba7U8rGvb3yTAkfPecfB6ur2lHZlhuhQPry1Gxy2YfacgQWwr5VmhChKaEeccmL_L1mJjSKT3rEPnzisld2D20QBxt6XatRympMGNyqFpWfSfQFvLtlEkVH87TejqUaMGRrbA3b3M5M_fWbuOpXXqvye5DlcB_PG3eIe7lIAt7HSBw7NV6t7z3WqD79r2KycyKngkm3WdiPrEA8zZIPvFIs8sXGhKj33GBpxwgMmdSlD3tydCMgaZ-OqkypCOUG8pMU1P0fcw5nY8ZU-4HkFYsScqz1dM74cAVevDRofWE9NPD1obItClPfOvSJZ2tL791xW3lakktIXS7JYmPQ2ATWTKtuUbIsx2VZdSA3HcHoFEcWXDNgxnVcYSwdNlA-ucc41GVd1nL2QHpi1moIzxYWWE1uA2Eg4PmNJ1XcSc"
  }
}

A.5.4 Cryptosuite slhdsa128-jcs-2024

Example 24: Signed credential `slhdsa128-jcs-2024` 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "givenName": "JOHN",
    "additionalName": "JACOB",
    "familyName": "SMITH",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==",
    "gender": "Male",
    "residentSince": "2015-01-01",
    "birthCountry": "Bahamas",
    "birthDate": "1999-07-17",
    "employmentAuthorizationDocument": {
      "type": "EmploymentAuthorizationDocument",
      "identifier": "83627465",
      "lprCategory": "C09",
      "lprNumber": "999-999-999"
    }
  },
  "name": "Employment Authorization Document",
  "description": "Example Employment Authorization Document.",
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "slhdsa128-jcs-2024",
    "created": "2023-02-24T23:36:38Z",
    "verificationMethod": "did:key:uoCRINKVf8moX85R6JlvEIQk6Yp0uhjOB-Pn21k9wfPLpWw",
    "proofPurpose": "assertionMethod",
    "proofValue": "uydwPXwIG5xeISzV2g5s6luXAd9DxAYVsUjldGgtxctiG0YhYY0Hil7psRASwlzEh6ORQ75Tsqh2m8ZVW8TFye8_PdfsS2K2qHy3bOnxWFrxAia5EDz7x0qUjC2Evgz15TSpzA5ZY30NN9eSgWVJi7trrh2DiJvXad_S583lNP_ChDjU0D_jZ7x0tY4-3CZjlLIvzeFd-yjgQJXOf4xB-bfWm7xAQBjNZ1dvncvlADnsEZ_a1Sl3BbCyKQX-dUOhe3kNlHX_LG7tUE2kIqvp0M7qdfBzDx9fmdoh9Mup1AHoBFxPbQ3LiD-UkqnKnhd2rO-TWjIaYH6hhXybFoibNXHIM6hD0U8Ak-4ItxEQeD0z2eTrEbNviZohYxnZIrSQjx-JWmaDE6YZdEhfdwg6HLOS5pM_gJXrSNV8sYVuRUzl-8xzIol0ZLvnnQQiegZ0lbIdOg1HrndBoE4F1s_kpJSFMw-XAEGGztUOXBfh26tAvFCkBepW_nT9ly3qevWHINQ5hF7l_XZ7fMMjYqKfKetgpi6tOUNTbeeA4n40ESJ8MSAyUIUW3te6T0_FaIn-BTgKvTRnrgiZrdCKkc0Qd46GloxLog81fcq2wV7G_eThOCZLnmcUihkXNHkHMmO_BAPwp9gNjaR8kb8FS5KQ0unN-b311DEH2Dvtq0EZzxIueYEa3DJdHlzjyLCAVTT3Ym-PKNk6tY2uDIKY9Yws2YVaLqzxJlFwm-kCo2XEA38Xpzz7X9MKpFVmRVeXb2lr3Mb-HjdMuZMcw4MvI8UVEGotJ4RjwRQc1w70rh7ZIMfCjSyDVSWo9jGTCkEa0yY6osnwJHXDMM-k8iMM8VB2u3qaGX8-kmsqhc2OnpSAbI5B4ad7EB6aw9PHT-Jodmu8z9dz63kCJ_tGNPR7HWSKEitbfPpOGY7ZgmyfAvjYCwUX7qoDA9bF0e_HerH1iTXSr4Vlc7ZnudoXN4NT7MbFqekuS2Szx4YNsQHZOx9h3RDshS4vmr_YQwEMmAl7YkDYe92FtCqkhCKiHUNmYVmodSEGOMKTMqRv74zAzVE3Ihk7ZoET89l3VFAdtqJRyKjyv09icSSM5MqhwJIQj3t-43L6ElkrWtYQNpIzE2vlDap5fNq_pUOXmGFUl3hQscvzRJFW9-wmPhD51OlfDcvRKPcQJHJK_v-WbCaiAyrw4b0YJKXRgzqKPp61iAGpieUBlmtX4Oxlc5HjQ4vquy2gKK60KMp-36ERZeCSnhvvjHkd-aUwXqJqoUnn61HWLGGdhGBCbANWX3DeX6LPu1eOEnyqYEBV32wPQ4EXrpKQOO3GxxiVEPme34yYeiex1nnkpj5AI03pbAEa1dBIrf-mjb14YPSYCVf-XdJSLm-hxMVjAfEGBVmPsE9oRNefQf7eHHhzvUkA031FrD5cWyQmmeQy7RSKIj0yzwqJOkRbLQdiaAfiT68KCL9I5EqZ9ct5yATViQwbU3EnGYNe1ZcolzjYQPonjAc-FWkTkeA6LizWK05voDTiYjBQTKa789QGcyyP0JfogkCsjMUJHwCM9eZJ1XuwhXt20sKarloVFZ7QRbUh_afvJiEWWIj3H4A0fXw15hmPyFMrO3EMLc72j16_cakHxpJS4M1AABNMHdYGD7UOmEG6jwRjj_Rmo38tw4-_0r4nl7v2GzWRX1igKWV630GTAnScvsIriCu50eo9_E_lGIYv_07OUE2XpN5GmCfs8gn7ySyISvRVqqZvsFGGQXpehp9vsFwZb5gBWENb5GqUB6dt4qrU-9kYRhEL313CGgJi84siWkaYYVqDxRSWM4iCWl4dow7OC9q0wsa2hbZgMObLZWGRp3I73lPtZ4dfDqYf2wIXl5sR4LggcL1NEuJ4ufaSUNWVDQAGXdOnfKi5sDBNUFi52ND1Om-EWzqbXNCKxhuI2O-W4TNhFZ68xa5aHVQW2qZDxWDslLabhn0tlTBgUf-KCJXX8hzw61VyePhbxbrYow1C5o7lEZpMMhBbUE3ivyPPSn4ubR3aX4YXrJsje2rJ83FFcBckLBTPDbyfUjKcnHEz0RZnf529RxjpNsARurc1fk5uwdd7A0JK5K2d0fRwpfPibe2SXdsFdg5OrNglsJ47h6AmMlvJFVTbSTaSnyYwlxzF53BO1r3ZGXR6vJMxDWgsXrW05CvnqKANyll3R1LRM4-0CiqNx_JzqBMxOq4438162CLkwVg0BE6hoopHyuV2dp5gTn_WqY1xAvgIk6pyanI9jkY0sHP-yVf0M-QMnVoCQT77C26JxWmYzxtBKI9HRALTCDrwGZy1twevi-KvipRQCd4cy2huxqF2sQkwLfvr_EBissP7CyH-JSFLwQPVFIY4ysuVsQev0mNdRXDXGPQ8cSNWfrn67QlEmE60v4YNeWvVZZ3rYgt02oPBXeKro-C4-2_w6vrbqqpiJleKaFSmpWkO1SXQ5a074f0VOg-rCFBXc4DP67WZitXcK-ZXT7FR0iWQj7X9uqMLsd7cAMiLQIgwMKY1p3MoQSnxyMTKeGvbhpw5PNCF414f_U3izG1CpHh_ZQ2Q-qsD-4mHKrQbA8GyNi-foi2V2xAdHWr1zC4FfU1zLCSZZTB1295PDX2XvSt9x1aooP1eVQCz5wCtT3eDwb10JKDznKkmkkl_zhkURbXTzW0EKrsTHJt-z2ekEUkHcxmCjAorjKm3-XAJfFmx1nlmghLD5wTLgOQG61IHCRiTBNFYuK14YWJCy-x0tngGhtGwlYODKpMB4xx60ByisW1DkQfrNWSrKkf-yjt3WAzHIRo5pv2IwQMAKgxvC7w2MI7eD_Dbl4j2RI5d7PyraTNBVlkbtH-7HpgyuiMepRo5sH1ZKF_0yQXk5lJJI1nnQgSVLzLTq6AbHT0aWH_hoLMsLkLnR_gW5J4jNXDHP07lRSNIAFFuy88fah3eTaH0WfBY6BfkQ91n3kYNK4LOZD24-8sMZnnLh5VMCDFHZoicwdUq-wWcUkbAh67VwFFWzIGxyZ0USYsSNcXnbcRkt5x9Wmv_XNr2vaQW_xXY7-24Pe8qH3Ol5ufTOCOh8wEmN3UBJnCXUU2RXxn76fmaraDXyKaiMUuq1PqVvzOiMmBp8035dwGuhloTof8QorFxjoFokLV59JGrW1z7HhqEHMe5CISX31h6wXiAyeewuDT7MN2KWOAWF1FtPabexYZGe-NV20iHg4Yl2SdFCGBK4GVQANUG8I69E4lb7EQ3GORstN03GUmCyXNDRsWrFrsKe4jTdHKVNG4pLGMieuMYqQvX3zq2wyDL1jkQZpyn2tXsJXm19nc2UJfyKLIrwXdYfaT6OD4fQzYC1WLgfV5BBGm6-JIaxNfd1OUVSaHv6HvS4HrovKvngSDsQ1M5kuERH6h2bot6R6RYeQIuNJv4q_b53nwl_boZdUkVuoq4Ql7beGGXPhrwIXHRM6OMOIe5fIyB9O0YPLomEHHRoM3BKn5VBk9Kg0pRfZBZgfmRivLhIACuVk7Na8vh63g80pQSf4jj8RG7TuQ05AxYSn4YLwXgJo0OK4axnRcO7TIgiGbP1QpSnRr2p6-h3U65H4KA1aI7wofh9WANtjYQAMMzLvq_wbIgpNnvFf3zYwgGbt6_lInA4xuHiYZ8-O5iDbBpIZjs6IV9r9e8NnMcyMRAF1NtBYaisy8An_2uJv-x8N5emOGw2U9ceELo7JbBAyc283tR9mwC5L2InUyx2hqjI55PCn37NKFghehYHWRJ7C48TT0H6naTMJZ1O5pHgt6ZcQqLtyQJDmb-1dB7vxQN0FcLFbC2qcLyWdqf5qXzmvcBLyoPpOAvXaXTllgFngvCZvxLEY_KiuLXuCldJX_1zg-qfLvGOn4y6zmebQ0sA-SJtDEDQsebJUjwP1X9R-pwcYTTPT9gXw_TYX939mWywJWma5SGX-YH2w8rC_57Sy1Gj8J6DHd6OmV4lWef43Ll1Bac6ZGAgS9lvbEMFjUQvs4U1TmTJreZ_NwUXsw8aixVwSK4BRwwGBcdTrw2Xl7t9CLkvPrVkrF9WVkDTZawJLFLMpfLOWzdlS1yTOHBibUl6vtOF6PD-j0NglJiBt-FqJ1O6dAr3N2YvhPBcuqIlYoPtPyXqL-l1-lFhV-2W-w0TM2p4YbXZcTkfZqV7p7PWTvscnOunkBm_yOje2dcJZkcrqMNd6ibpAvSDjioi32cDv9_VRNc5Kf_HlQUxaSwrkgHbuqcOnis6aUTcxXBdhc8pxW7r4uP_cNtQi86KQVRJqNazv7z07ZXTWt-xIFzbeRwKSufniDpzbvLTRZ3egxSUxDSLiZJVA9RyTvaWtQNNfVVkZZ1DMew6eoMB_lElAMQJ9Yh1I2JAbyrSaOutECRywR76DqpWM3OxxL9OOz9FWQaN6smm5l9ry4AziEmqrJmkxzlapXEBC264MLIyb7T2y4fHatK1K0pLdXJuua1FxV6SCi13vyJB1WGM0Zw0Wa_-eODQzmsQXXeQ7RbYhdWpz1IN11gjnWNk7jzi93Ygb9koi5p4rn5-nrqLBie-JzPTQatbHU_Xdsxd5bL2JcSxEEpRQ153dv9NH6L6Knbw-OJXLrlVfmeF1ElE0kzXXw3OW3HG1WqrhWYDNHKuyWFuzTScT6bpJ58JfcDS-tRgkR0SL4ITqd2zo1-F7JmHjBT57DJ1kIXmAAv9vQmodsdXe--tMZYRbPXPc2bSoN-1stUniOgpvr3dO_nPZ16-C9JL_a-ZNkpSBuFbeLWfcLKpnR6qWGRjrredKkYdYGRwUPNM5xLg8IC-haqbDVg9qit_pQ-RHeRxQse_AV2vffYsJ276qtUD4FSF2h0_RBmLrJAptx0cS1rnc1EGWzYU25v7euhhEy5hMq4I5PGHT-FY6fDYiQKzFTc8foagbdC8v7fVTGzvS_ladKwWHnZUSktN3XXT0zKdVX-v5oo2c1y_xIxXpIHQM7stCU7k15W6sDLrdmY4mv7_GINKOKFwJVGqycSTrKFOm2nQVWOAopP5rs0YzLVGPwtc2yWzv__lgFKMoqkBnraaMnmCqo4CRAIsQSs96GdyIJ9t4Hm3EEVZ2crVN2CeWoTnvemVjnJm4_JFJY5TKjygXG3TEWBgbjsug7IcPcTgeSJYGHMLFmzzDV57InNdEip5Bwgn8rAvSfNX436NVbZnwAuSUKd97Vfs_EO5ot5uRstg0aXzaRUUxBasaMr8iQWm81IMzWSlupOpkang-mETY0D7BMEM44LOHFmjjROwD1blYcMXg8v2yt9yk1SYmwkqu7wi9ms7znfXX6ionibpsdgLceOPj9ZjZnQ2taxXjWqvlrg0A_B3NA8uPxIwkIyfHUUicRDOI-SXakztxa0fOLSmWS2YWd3vZ1AFD0rD0LP25_I4zQuGMlXNvQOGPqcrFfk9Lxn9no0-HVpdOus7mrPusQ7Qo4RcNyF08VT_HAjqLh10pNx1BwFleo4A4d910T2FE29aLuAJ9FZ4U-iHik5eE7snGk5MNHtL2qTd7N11DASnRf1AU1WgihulNWUaWhq_6hK1gas_2gtGrS_CiPnvTqFdwKKFar7XbvH2kwBYDlS13HLvrjBPmtzRJ4Xu5o3ByFCxEeRPXaLCH74R5hOWFQN_opWC6axcUVOOI8cEeVdk2F6ujcTZbSvvtHjRsZbyKA3cI_i_7r4piMb-FWIevouAASHVb8I3oIzY2yOtM-MYjwP6BGjbK0ibWHMzjiWKujjcsWnMz2Onki3AKorQnDG48x-0yWXz3HVjlaFoRzfAlQUdBMPM4hEHf5_d-15auVkD18NDp1OFvRMn8RcdCpx8vBtjVmYJCx_1LH6qZ3UkjKb5SUVoH9y1_J7EIcUIY_mls3zVifPlsbau-i5xMsvgIYoikQk8wwCgIBG7Oo7Dc7s8zxPE_eg5Jn6bwn7hiZ0cUnM2FPZBjc7rhOqrG4ddhujIPJBvPLmxzWlFHQ10q15pxRMC7Iq9jg5vo8HcejG9C1fDjvGnO9abv8vkqCYuSlTo48c9vbkFGKch_In85VMICa06Otv5pBDpGivFiF-nX-PS0yA_7RwhEcwDuaKFOj3eSzE0XYuE1u1FaHD-JB2vaR-uMaH6lrOpl-KiCJpiRWg95MdcPeAmHbHonPzQvPKTYPDLKuZHPKmSi9OstytBm97owJwV8FPK2cyeCYBtp13WLLNjCtQWB654EB-bKorJRp0vfA8gbg-LpO2n9-fjN8HA8_2biBSEeLAScis0-IkxBHFKk2YDkEFgEAZtaNk8UjN-jYWevpu7wlxjgB1WwEqjYG5ODoCUewvfSKdF7q0anckNNsComGBuTB4Wsx7tjPqnjBkKd0bRuT66UjlQxyMs_rkiNJnIVNY2SyHS9IpWzUZ1XyHdp-7Ohg5GKKC3SXk-ZfVSQ-coZ0fDrHD5Pc23Hrz3GyaTy6-gz79jCICA-K_3sd91ej4TmAfQ078So98m3cDbLSbWetzA5_LIVnOr5poo7TCj6FfhO3m6Ji1ykKiGxlqrg3njFFLVVVi7-7TxvSbcwjD1gFpJhfCc-1r5xxynmaHrfOhZ6e8CLQsOh5K7arVkrmT91wNfT0FPytF36BEwRUNoJ_kVoN5aCB9j7FoWcaYzxBN_7Ixr6Tvg31eyAdQfvv9jNT9QfTX9pe1qpmG1XrPwcUkmHvm_KtwxNTHGTL0pzXfdBiicPCiRgD2ZA-fQh5szdDI5h95Sit1nndHPdwZK7IaKc0CwHrS_5yKPAD2PMGEPugGpoY65exiHjKR5XyyOhE4QLf4wWaOqTyYjVJlVAvrIGQJZzq6l_jr1lzD-3LGbOGj5bPWCrB3X7iP-3Mi07mTd3ylBYW-0z8zpHFgmJMgoY1uejSMJg78coGXestyonMeSBcVQEeqOBl3WrW2ZH1XzanmdYGceFdojx2bb-if6fqv64O6i-EfplZXl7bKp7NFZArsH8NR2ZwPsXoSG4er37rNXq_YZGHe0jbyJzZNjcTwoA4vuGhOC7rngtZW_pdCJNfAU9Tp1U-DRJ6UWym7u5nlMX3kJ4zQQ19LasWz5RKtojLAV3WA7R97cl4AqsTituILg-48RdICSqE4VIpWfAtS5LQA68fSs9gtE2odv-Qhg9luT6o_h2g2F_nAw73r8PN6_6U1VcH8plehGGV59wuVDdaY1ecVWLgUaGdocDkFpcV_Gjt1og6rYFNmfzGAEIzUH99_G79_BreZglNjiUn_UhLTHTkr7MEvOdtCsEPgUS4X9ThxRjRtpRvOJhLiYdI2Z8tMPikXCN5UcpSf-pMNW0xy_Vmy2F-gI2Tk7im0oDs_Hcw7k0FgPjDjAtru342G-DcEy6f2MmJvJStJ-G0jIQ_M1acHmvtr_Fk3hJeYC8glzEFcHxg67LU0kedezF6ztWAAJGCatbR9SfLM8JEUC6iTh21dY56gkbkW0Tn7iQiZ-OfzBaSQefrukP5XLAP-PAyIJLqEGotl0JNXEatRMmZx6pqXzayYua7FslWIGJL5ehJhxgz1kgTScW0V8dpHiEps900XHhiUVs0EJ5DJmZfNlxjzXyDAscL5ttPBhDUc3zS6APO5VTyuN8FjBcoAFO_uexMqJR_zs2NdnbBjxVYnBoRef9qCKqzQiM4l8o-C19atrhqNsuXp66_IQA6R-laAjOM4YaFMhji5yGsLog7UrrnGHBGLYYh124gW1LAYT0kcwGMcqnXQQIBkXA7p6JiaBCU3A2VM95qjjXPH9mqrMxT7UIhjcreByDruLi7xhhYYyknMADynQpgLyFui3o0ssiAzMjSrq8TsWv2k1lHN5r_dSN-cAvKRGNSQH4QR7ZCyCauyTdBbz2iVDOxaOWPsw1YoLa6J7hWii6xTQ6LBH6kSO2PjdvL2eVH_T3JviUE3iipmDgECghRgqB1nYgOZ7Q0Eca2QiEInyYpQ0TURZq01xr67_HLsAofIofifvmztNGxL1wlTvGmlpZhuDNz81kTVxV_jLwdNh5dzNBpsCDLuEAdOwmvrj2_Nei-Es06J2IgzXmS66t6cujCvPipI8SVuikabA3-ceblyyjo8NAdjHQo5DjCOgIiThkdE-cFzdQo-UGySo0B_FhaPIsJLM9Zo7F-TT8LJlNqWLL4mK4ebTguVEKhFV4JJQl9zdkP4hFxKEYKQxY21h3gDbGX7n437WgH3_OWxuSJWChttcXuRzNModWCd7jZdrbKjv64zo5XOql7KeWeFiP4BC5S2FiKpwoU8vxU9s5tn1spzjbFkO5OQKbes43qJ-9wbOFxNYsqnqyOh5s1Wq6gIoauMyvymtNs_JnhQF-z05S1Hii41kY773WsLYbxZqjRfu46GJ5olEmURtLZZu53s1wXmxG3itq6kyGK4gP-Zn8-y4jwtxiEGmA_HD8ualbLEJKaO0UT0ZF1IJWkRVl_p-MJATJFcLEtYSCWUDVWpxQAJifwtxGcJGzweGNBj0XxWacXwqxrebx2pS3GmLZvP4mpLArOSACfGzdaqlQPtKQfXQNfdvo9-ou9gIToleBAKwmByJ3VJQSMT477Gtns4Iv6ahm3_vazusyNaUi9xqzc9egYDQTDESf5TGs9ScjiEqQG9dJsR7BpPUxhVpXBoo58hC0_NfgRYab1s3P4JmrPBtdK5mt6WXjcwLlXVQB02-qTVbg_HmSP1YxW3pAG5rodypjXUsdf2QZFWJ8FV77UCbgMS7YdU9VpTevP7-gwNBe2Idz_V-AhQvjTNCXNrUvl_d7Y-bhaQ6FUJ_FoQ2d46g3MKaH9fuCALiZRO3ikhCBsUCp2nS9OyNkDfgeSeGvsF6i0fATu9yQXIApBP2RhsMd8v37awD-UHnv5xn1bgbWoxCRbxBCO4RA36zoH8wdvjnHmR_oThokpyS0Fv7-3_breHld-_jYPQeGCUUG86mBVrB2ukSc3ueMuU9-GBZzFsYhoJcm3BikfZgcVQeo1c9V4lXsFb_Scr-zZSOyKFG-LcK4FtWCr4vYu7bHxTARoQlB-hiUjflSZz1-KURkfqDQi6riPSSFrD5Fz-qN8SbNUReYFhQYEmBKHPQGWraaOB0RXUFCN0rAWn8CSNlN5SuVy8OGNhgF6YbxY6ml0VYSewEtyKMmWb0FjWPiKNx6jxoNkIKrh27M2zQs8uN530pdQECfqypiSio6DtiB6lAADlKV6hYs2uetv5P_t2vQj-I4gkhVK4uGjQgaSu71JqtBXtzW4LRZ-BgojThysiRy4uBC0vjA5uelmZKUXambkQlSZLJQFlWM1TVV8FKxplhos3NDL3f_jJ-C0Kl-DVEgM5bofyyHVDTD6XyvHDEa5PGXJk_dcki4Lxi1bTE7JfPkHSCNp--g5jnoBY86vTepxXukN4mT-ogsIebASiVZgQjHv23qeusBdIAN1rOS3U9Z0ctGVfAIiFmUV_tE3RZIVktq9zLgDjsa6dTWxTuiQbxs4QTJEDasmEr1lHEhYevKO5lPiy2VjTK2sCmEpGO3VXaP4KFqIvQpR56D_RKfk5r2hjvxLBxaMY9N2Yzmu3eJdzkWLuXgA3ZYEHnc23kD2yfOIqRvus1b_fi_pKVrKV9ArhTQT-X7UFwdeqVTD_yeC5i6do6bSi9sAT3TziOBco8vqVJq_IARhzHzgKOKOk-xgR2ioshK69tvu1kyHJdESSZsy6LicQ0y66UHZWPeQVdz1YGXJwbP2nVqC6l6Vf1vfG90UfgEWRbOyG7nvnSP-X4UHk6sI37IhEB6niKsTVV-kodXsUtfwUt3yMVHGNi78-4c57Cu0GZxj3xT2RNsGj1jUb2ky5BT6uXJX0vf8gJuPYFaCDFq_7NFM0Raf7Jc1cfisfT2wUYxBL1TEl3lD2gvIuwAMkFmQLA7CPI2YvjStRU5-TMSi3PUCKpWrDJyvVOZhk7R44ihgqh1olXe6TFoQCpM5DgqJKg18RTwxDEIulMRVlwA00bgXy3E-GlBRZccfWJZfqwCt2nIsXs5exMXVbbjRNpRdp5iepekGuDGFVOz_T7qQBzhRCln1OcBVkV2hvKtG2JTy8O1WTqBXGS71GCl3xrbnz9XdrnMW787HmLun_rpDXo8HodCXmGjJLm1qbdyDxGTX8_H64AVLQWHdK24dvZ8K8uv_BfJSS9CIWT7hB6-oP8JEjfGkyZmDbubhmfzNuVREIn_4kzygY_pt6xq8CRG4AjzL1O9zHq1i9aXgkWkE7C6Xfrg28OH01agq3XwfyhYu4Od1D9NNdDoowwCotNzN9AMUkRGMgJjR0-ZRazRGlW4rA2xDxurXr-qfZFNxG9WsmE4aUHOZUcbmaBFSjl2andtQ7Kc_yKdaA52RLA_K6RpdarNf56_d6hzDPoRnqj9wrE-HrwQMNdlN6waGYDDS1FsVB6P_UILeQRDQy9In2ZHmq3k28BNqtKCPXwV0faUVmht_7Lm0A8pt3HF2WH50-K9WZkCOwORhg8IH8"
  }
}

A.5.5 Cryptosuite falcon512-rdfc-2024

Example 25: Signed credential `falcon512-rdfc-2024` 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "givenName": "JOHN",
    "additionalName": "JACOB",
    "familyName": "SMITH",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==",
    "gender": "Male",
    "residentSince": "2015-01-01",
    "birthCountry": "Bahamas",
    "birthDate": "1999-07-17",
    "employmentAuthorizationDocument": {
      "type": "EmploymentAuthorizationDocument",
      "identifier": "83627465",
      "lprCategory": "C09",
      "lprNumber": "999-999-999"
    }
  },
  "name": "Employment Authorization Document",
  "description": "Example Employment Authorization Document.",
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "falcon512-rdfc-2024",
    "created": "2023-02-24T23:36:38Z",
    "verificationMethod": "did:key:urCQJjNUc-k6X0bvWIxp2p3VqhYLhiZ7dAxp1O4sgNX5mEBNFZ3iYopETaw3ZUtHfZbycHmQl_Rjgj1-cUNpQeAwYl2gW9QYtQCQBT1DdocpQxApos-ZLBpqvGcvGHxnKUlrugOYXwe_4LpOkhLIMAsXeiSTVPaXVmii_cruYp98AE0WVFU6hpbnNlCOKBkxFqdW19QZ8qR51qoJqMKGeTIqmJCF50I2CsCm2eRq60JUcN7dk3cazXoMtKU_YOA8vA_2X2qNPHrhpuXtPw4Qbom0mOandM51FO47rakCoGMgXg7l_vcC38KvDkKyIJPsnpbzmiDoJZK9iWYdGCiruOZlx8VMDqpyd7shQYXw5njUi5Z0DOZU8Kk9MFiiG9PwAAMcdad9nfFEGTaD7sjfV4BIcBzWE4H4euWenzpbvnERQN2RtsnM-SZo9zWQdljcRZyBeYkD8MIDrkk1Z05njmgw_IK4jgludKBj7ihrEzlOaq8mxLEOi_P3q62F5mgRm8FnG-GexQZQDbjGqzcPSJGw9kEo3sB7g2A3s97iszIxQoSrna8Rdl3r6mdWX-TIydwqLIRGhrfJhKk8XQnrXyt1SySEEG6YM2ON2oVy1E1Nxv36rYoRc379Fp-OtYcCwWn1nTMayRq07p8wHqJ9OncHi1ytgTQN7myPxHzzqhyvue7BkzDEcUy25bfmhQicmTy3Upw1IgDrJXMKrb68t1aJ1Ypc5nAI1kfscrSbAAOCDwUSgNTbpL2mQhhaRNSnRlXCRNcptbn9d7TkCcO7yDBQdgeDrtlT5K0nDISZJsPNGCk0nNU2sgZwH2mbqfdaEGoNSYPE0eRCRpbJYloZrx7rlx7MVxteToF7iGNsjLqEGNTjiuG_AXxWXmuS1bSbLtEThADQUdjymUzDkarmbH_xY4X13f-KCUejGl8YEmFw60imKKBmpvaklKYnTNYjN5_WR8mYihBDiqbApYumnQCM7vIQDGuOFsxW5vGkeiWKYnPmw94brGf3q9E6SOSlFTGHiw_KdthKAAA3UYv6axebtIxl2KtHDzSqnSV4FrBI8JRSn2MhrP5VYnXh9nA9F3eEUx-Eme6JOZeIZGpde2dXXxg2sSoVFP1eNNkZhBf1lu414-KI41p8rDeuagkSekThSi7sdxzeF49bMiN1zJg3aNgEfQ0Fhm8Wm7TdNVeowG8k",
    "proofPurpose": "assertionMethod",
    "proofValue": "uOaRP1-nFR8VyHyVk7XBNRw9LaVadAR2LUiAvPtrL-oeD8MqMhzOgwyHjJaFjT-8Q16axhq9UE9t2O3hyis_Cpv3g2W5c6h2CJI1KaM-GCDUw3M-x7MMZZkjybtKKE4actl-bM07Q4bTsUSLpUNF74-bVu8qFBRVz0cPX_nzgpF1tj6rIgz2gN3Z84_2szrv6ZE6ryVixTZ78189YM1YkP-lSz-PRdqTuSSXlYlCn8l6JovTX_c38aTxUqMqmie4xfSbIiwqtCRCKLnhdk39lO4qrUzlJ1lKFg4FVXG5lpw7Ml3XavW3jtTZyg-7C2jfQ_nLrJid-Cd0AI96NZzZMjvhnJ81kpXuTDF7lZ8RgTldLYQjUGF2xF6M5u07CuuyZFJnVxa4WD5bZy9I1pGfPfMdyLrw0NaSGnrXJ0eI2alZtfIcRBBYIzWZNKxPfmuIKygkE0GhO4nuGoT-pdD3mrHY0Jccy5zXZHU5OyfjDmiXfDzfnevxr7g2i48N1RnsPSTzxeuzZBee-Bh3Y1EONJ_fh65IypECZq1AUmVPDINMohwZp3JXZSKdnuJqfOaLh5rHXGQ5OOVDGYRT7q_-WxDBnF6_Rh3EwaK7_W1T1qF43LxzAoTYdmVpIatmUg6-HfWAPRmNeYA_Fg21n5PPxZPoqhAbQiRFvDWJPiFJRlQvEkps4qeqIB8ajsda36xOnMfWeHaMJYBz8tsHmi9L9dnpuJRw-39QqU0uBRfifx_txgclejBNZBUQYN1_1sUcW9uZIa0UHiOpAO9z8TkaFWqZ9Zz34a9vW5XuSZ_LVDy283GtVtmia9uoO0euV9xo23E4n_zmU9Sa83LMnisuYZompo0NYVtPhsN_CykPKmsAAAAAAAAAAAAAA"
  }
}

A.5.6 Cryptosuite falcon512-jcs-2024

Example 26: Signed credential `falcon512-jcs-2024` 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "givenName": "JOHN",
    "additionalName": "JACOB",
    "familyName": "SMITH",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==",
    "gender": "Male",
    "residentSince": "2015-01-01",
    "birthCountry": "Bahamas",
    "birthDate": "1999-07-17",
    "employmentAuthorizationDocument": {
      "type": "EmploymentAuthorizationDocument",
      "identifier": "83627465",
      "lprCategory": "C09",
      "lprNumber": "999-999-999"
    }
  },
  "name": "Employment Authorization Document",
  "description": "Example Employment Authorization Document.",
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "falcon512-jcs-2024",
    "created": "2023-02-24T23:36:38Z",
    "verificationMethod": "did:key:urCQJjNUc-k6X0bvWIxp2p3VqhYLhiZ7dAxp1O4sgNX5mEBNFZ3iYopETaw3ZUtHfZbycHmQl_Rjgj1-cUNpQeAwYl2gW9QYtQCQBT1DdocpQxApos-ZLBpqvGcvGHxnKUlrugOYXwe_4LpOkhLIMAsXeiSTVPaXVmii_cruYp98AE0WVFU6hpbnNlCOKBkxFqdW19QZ8qR51qoJqMKGeTIqmJCF50I2CsCm2eRq60JUcN7dk3cazXoMtKU_YOA8vA_2X2qNPHrhpuXtPw4Qbom0mOandM51FO47rakCoGMgXg7l_vcC38KvDkKyIJPsnpbzmiDoJZK9iWYdGCiruOZlx8VMDqpyd7shQYXw5njUi5Z0DOZU8Kk9MFiiG9PwAAMcdad9nfFEGTaD7sjfV4BIcBzWE4H4euWenzpbvnERQN2RtsnM-SZo9zWQdljcRZyBeYkD8MIDrkk1Z05njmgw_IK4jgludKBj7ihrEzlOaq8mxLEOi_P3q62F5mgRm8FnG-GexQZQDbjGqzcPSJGw9kEo3sB7g2A3s97iszIxQoSrna8Rdl3r6mdWX-TIydwqLIRGhrfJhKk8XQnrXyt1SySEEG6YM2ON2oVy1E1Nxv36rYoRc379Fp-OtYcCwWn1nTMayRq07p8wHqJ9OncHi1ytgTQN7myPxHzzqhyvue7BkzDEcUy25bfmhQicmTy3Upw1IgDrJXMKrb68t1aJ1Ypc5nAI1kfscrSbAAOCDwUSgNTbpL2mQhhaRNSnRlXCRNcptbn9d7TkCcO7yDBQdgeDrtlT5K0nDISZJsPNGCk0nNU2sgZwH2mbqfdaEGoNSYPE0eRCRpbJYloZrx7rlx7MVxteToF7iGNsjLqEGNTjiuG_AXxWXmuS1bSbLtEThADQUdjymUzDkarmbH_xY4X13f-KCUejGl8YEmFw60imKKBmpvaklKYnTNYjN5_WR8mYihBDiqbApYumnQCM7vIQDGuOFsxW5vGkeiWKYnPmw94brGf3q9E6SOSlFTGHiw_KdthKAAA3UYv6axebtIxl2KtHDzSqnSV4FrBI8JRSn2MhrP5VYnXh9nA9F3eEUx-Eme6JOZeIZGpde2dXXxg2sSoVFP1eNNkZhBf1lu414-KI41p8rDeuagkSekThSi7sdxzeF49bMiN1zJg3aNgEfQ0Fhm8Wm7TdNVeowG8k",
    "proofPurpose": "assertionMethod",
    "proofValue": "uOQsNa2vrNpLO7zr2FtOMZELtKKrlLkihlXOTLzkXam8svZ29h9-XHfqDGW8cWX257d9GlpnxlV1ZjDoI4_R1aXk6jxxWsVSnZJEGy-NiMtZI5UHhwK_dvLGHZj4RfHXvQTKCSzKNcW0t6BM-g2itNcQTUmLVxHV9fhvfl85DtpvtUEoeE9Zh8snDTKHcZ5AGD7hQHAT1x4YbHOTGWdLFm1IFwvRBKulmBisAh-vqujSt86IkvGQyq4OItE1upZtydy7r8ZXhY97_RrXTPJgUum-zLDK8O1HiwiNx5htjBbiJGmv3lXma2XaG95DRrN5SDQCLx1CcmYmRMfqL7TS0v_6MuKDyFiQfGkJJZm4nMTKTBi846HJrpBbXVrFb_ZC0n06v-75nVxi76ATR94JqMJW2c7CeWboU_LEuvbhMNzyoMpUDf0hIdx2tbLop5tOwc3psxTzMbpLu3q7CtNL3D88CODS7uT86DMhKzY_xMYAVLOHXqKnYHGbGshmUal7A6keM2FMoeuc1fHgStter_lxSpZ7nkOxVEEs1smCJCErr0FwlNG47Ased1h28rJo6EdyWYthIM3EyoTkQ3tFa4UnlZzdxYqDvSMLTqCFXRi9p-qdLYr2k-yNiWjdMEM27lv1dlg5wR6NJwjE5BmONxkgYfSOdeVhQOCOgR2VZmuNiQFwBO3cko5lcwRNFClvF2qcDqKzIKrzquZIz4xZaJml8fe57TOoVKmDQluRSdlJlPxygZwwSJUmvIATKv0RjJw-jkJrxFu8n73Cqof_VVU2wOO6e1ii2SRtW_U5ikGXlae39Vmxan2I6LEFwN9pu9V0JcMx7dPkj2vuTvwjMOk_1sIBvnZjVHsjW09JGKTGAAAAAAAAAAAAA"
  }
}

A.5.7 Cryptosuite sqisign1-rdfc-2024

Example 27: Signed credential `sqisign1-rdfc-2024` 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "givenName": "JOHN",
    "additionalName": "JACOB",
    "familyName": "SMITH",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==",
    "gender": "Male",
    "residentSince": "2015-01-01",
    "birthCountry": "Bahamas",
    "birthDate": "1999-07-17",
    "employmentAuthorizationDocument": {
      "type": "EmploymentAuthorizationDocument",
      "identifier": "83627465",
      "lprCategory": "C09",
      "lprNumber": "999-999-999"
    }
  },
  "name": "Employment Authorization Document",
  "description": "Example Employment Authorization Document.",
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "sqisign1-rdfc-2024",
    "created": "2023-02-24T23:36:38Z",
    "verificationMethod": "did:key:uriThRL3yRH1lFwBzv4bD4tJB_pxqquMGXB1_Sj0PPOEDA92Z4Lgd7E-FvKH-Xs-hLtL4wvW8WL11G3sUMdhkDKgDCw",
    "proofPurpose": "assertionMethod",
    "proofValue": "u95i_VB8BTjvSCWVS68r0ynhLsxmRRxQ_NNhVq-PfGgMlEWkk2Wiw1dqpNwu3dy0m0fDGrgKtmAHpI-BTH3SyAgAHm2POTk4LZNQxFSgScJc1jhuWKiN5Fb6ntg-5RN-X0v_f9kPcgti85_89Ns7ZU5ul33rcY4HzkiP0vdDSMnuoQsWlzZ6kwQOY-cr8DlzgOAEREQ"
  }
}

A.5.8 Cryptosuite sqisign1-jcs-2024

Example 28: Signed credential `sqisign1-jcs-2024` 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "givenName": "JOHN",
    "additionalName": "JACOB",
    "familyName": "SMITH",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==",
    "gender": "Male",
    "residentSince": "2015-01-01",
    "birthCountry": "Bahamas",
    "birthDate": "1999-07-17",
    "employmentAuthorizationDocument": {
      "type": "EmploymentAuthorizationDocument",
      "identifier": "83627465",
      "lprCategory": "C09",
      "lprNumber": "999-999-999"
    }
  },
  "name": "Employment Authorization Document",
  "description": "Example Employment Authorization Document.",
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "sqisign1-jcs-2024",
    "created": "2023-02-24T23:36:38Z",
    "verificationMethod": "did:key:uriThRL3yRH1lFwBzv4bD4tJB_pxqquMGXB1_Sj0PPOEDA92Z4Lgd7E-FvKH-Xs-hLtL4wvW8WL11G3sUMdhkDKgDCw",
    "proofPurpose": "assertionMethod",
    "proofValue": "uI2_222exFq1NXg8hWMFsENbhQp17XWsPzc8xU0VJIwJY6bIcqOdHmEpmqHRysXP9dPS0ML6ZeeVlT5tNsRyFBAAAGBvscX1D4zKjDbhhFNEuFW0RyKBxRaUoCxzpZzh_Iq-LmCsVLQ8WDQhygTQQTbwWo20zi112MzNTOMU3H6zUZId2q-mRjpZtuzaxjY_QcwELBg"
  }
}

A.6 Quantum Safe Selective Disclosure

The Quantum-Safe-SD utilize the same set of common inputs described in A.1 Test Vector Common Inputs, this includes the unsigned document, proof options and the example keys for ML-DSA-44, SLH-DSA-SHA2-128s, and FALCON-512.

A.6.1 Selective Disclosure Common Inputs

For the base proof transformation of Section 3.7.2 Base Proof Transformation Selective Disclosure, the example mandatory information specified by the issuer is given via an array of JSON pointers as shown below.

Example 29: Mandatory Pointers 
["/issuer"]

As part of the base proof transformation of Section 3.7.2 Base Proof Transformation Selective Disclosure an HMAC key is required. We use the following HMAC key for all selective disclosure test vectors.

Example 30: HMAC Key 
{
  "hmacKeyString": "00112233445566778899AABBCCDDEEFF00112233445566778899AABBCCDDEEFF"
}

To create the derived proof in 3.7.5 Add Derived Proof Selective Disclosure, the holder indicate what, if anything else, they wish to reveal to the verifier by specifying JSON pointers for selective disclosure. The example selective pointers is shown below:

Example 31: Selective Disclosure Pointers 
["/validFrom", "/validUntil", "/credentialSubject/birthCountry"]

A.6.2 SD Base Common Outputs

The result of transform step, 3.7.2 Base Proof Transformation Selective Disclosure, from 3.7.1 Create Selective Disclosure Base Proof depend on the document, HMAC key, and mandatory pointers but not the specific signature algorithm. They result contains appropriately modified maps of mandatory and non-mandatory claims in N-Quad format as shown below.

Example 32: SD Base Transform 
{
  "mandatoryPointers": [
    "/issuer"
  ],
  "mandatory": {
    "dataType": "Map",
    "value": [
      [
        0,
        "<did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76> <https://schema.org/image> <data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg==> .\n"
      ],
      [
        12,
        "_:u4YIOZn1MHES1Z4Ij2hWZG3R4dEYBqg5fHTyDEvYhC38 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#EmploymentAuthorizationDocumentCredential> .\n"
      ],
      [
        13,
        "_:u4YIOZn1MHES1Z4Ij2hWZG3R4dEYBqg5fHTyDEvYhC38 <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://www.w3.org/2018/credentials#VerifiableCredential> .\n"
      ],
      [
        17,
        "_:u4YIOZn1MHES1Z4Ij2hWZG3R4dEYBqg5fHTyDEvYhC38 <https://www.w3.org/2018/credentials#issuer> <did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76> .\n"
      ]
    ]
  },
  "nonMandatory": {
    "dataType": "Map",
    "value": [
      [
        1,
        "_:u3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHg <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://schema.org/Person> .\n"
      ],
      [
        2,
        "_:u3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHg <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#EmployablePerson> .\n"
      ],
      [
        3,
        "_:u3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHg <https://schema.org/additionalName> \"JACOB\" .\n"
      ],
      [
        4,
        "_:u3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHg <https://schema.org/birthDate> \"1999-07-17\"^^<http://www.w3.org/2001/XMLSchema#dateTime> .\n"
      ],
      [
        5,
        "_:u3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHg <https://schema.org/familyName> \"SMITH\" .\n"
      ],
      [
        6,
        "_:u3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHg <https://schema.org/gender> \"Male\" .\n"
      ],
      [
        7,
        "_:u3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHg <https://schema.org/givenName> \"JOHN\" .\n"
      ],
      [
        8,
        "_:u3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHg <https://schema.org/image> <data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==> .\n"
      ],
      [
        9,
        "_:u3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHg <https://w3id.org/citizenship#birthCountry> \"Bahamas\" .\n"
      ],
      [
        10,
        "_:u3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHg <https://w3id.org/citizenship#employmentAuthorizationDocument> _:uVkUuBrlOaELGVQWJD4M_qW5bcKEHWGNbOrPA_qAOKKw .\n"
      ],
      [
        11,
        "_:u3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHg <https://w3id.org/citizenship#residentSince> \"2015-01-01\"^^<http://www.w3.org/2001/XMLSchema#dateTime> .\n"
      ],
      [
        14,
        "_:u4YIOZn1MHES1Z4Ij2hWZG3R4dEYBqg5fHTyDEvYhC38 <https://schema.org/description> \"Example Employment Authorization Document.\" .\n"
      ],
      [
        15,
        "_:u4YIOZn1MHES1Z4Ij2hWZG3R4dEYBqg5fHTyDEvYhC38 <https://schema.org/name> \"Employment Authorization Document\" .\n"
      ],
      [
        16,
        "_:u4YIOZn1MHES1Z4Ij2hWZG3R4dEYBqg5fHTyDEvYhC38 <https://www.w3.org/2018/credentials#credentialSubject> _:u3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHg .\n"
      ],
      [
        18,
        "_:u4YIOZn1MHES1Z4Ij2hWZG3R4dEYBqg5fHTyDEvYhC38 <https://www.w3.org/2018/credentials#validFrom> \"2019-12-03T00:00:00Z\"^^<http://www.w3.org/2001/XMLSchema#dateTime> .\n"
      ],
      [
        19,
        "_:u4YIOZn1MHES1Z4Ij2hWZG3R4dEYBqg5fHTyDEvYhC38 <https://www.w3.org/2018/credentials#validUntil> \"2029-12-03T00:00:00Z\"^^<http://www.w3.org/2001/XMLSchema#dateTime> .\n"
      ],
      [
        20,
        "_:uVkUuBrlOaELGVQWJD4M_qW5bcKEHWGNbOrPA_qAOKKw <http://www.w3.org/1999/02/22-rdf-syntax-ns#type> <https://w3id.org/citizenship#EmploymentAuthorizationDocument> .\n"
      ],
      [
        21,
        "_:uVkUuBrlOaELGVQWJD4M_qW5bcKEHWGNbOrPA_qAOKKw <https://schema.org/identifier> \"83627465\" .\n"
      ],
      [
        22,
        "_:uVkUuBrlOaELGVQWJD4M_qW5bcKEHWGNbOrPA_qAOKKw <https://w3id.org/citizenship#lprCategory> \"C09\" .\n"
      ],
      [
        23,
        "_:uVkUuBrlOaELGVQWJD4M_qW5bcKEHWGNbOrPA_qAOKKw <https://w3id.org/citizenship#lprNumber> \"999-999-999\" .\n"
      ]
    ]
  },
  "hmacKeyString": "00112233445566778899AABBCCDDEEFF00112233445566778899AABBCCDDEEFF"
}

The hashing step, 3.7.3 Base Proof Hashing Selective Disclosure, from 3.7.1 Create Selective Disclosure Base Proof consists of a signature/cryptosuite specific part proofHash and a cryptosuite independent part that includes the mandatoryHash, salts, and saltedHashes as shown below.

Example 33: SD Base Hashing Common 
{
  "mandatoryHash": "a042dc047c236816f49fbe5282a79c5e77abe111e47f4c20203b5064c7f0f059",
  "salts": [
    "8f12b1840b34fddd2fafeeb0ae9f5223",
    "2d31854a63332a5b2b98f585fd2b181e",
    "59c81ad004f9bc8c4f3188863660ed54",
    "151c2088275d61e4d3060eac51b9dfda",
    "7979ee1ec9144dc1c0235135a3839237",
    "6e7a3332fafce91541e38f4d98197596",
    "a6b5292c4720a1fa63908fc97b89dd8a",
    "d437a29e45d7f8e7911e0a120b916764",
    "4d4f3b599712d73a1e4d2c8cc2576bd8",
    "2e701759107c70b8d8fdc8f48ef01ba5",
    "59d9b136e1239cd6e4f3a8691771080b",
    "e81ddda07df65b018b853bd2e12e3374",
    "aebb14e77837208ec1983ddc3f379784",
    "67a9b58a27a9bf0dc2e0ad94d6dd8c66",
    "4b36a6b79702c1a6c3bf222442ef5c40",
    "013accde466dc00fdfa676afb2156c7e",
    "26111b2513f969e6188bbed641b06051",
    "ba17df55784a9653d77b7f9a7a58ce0e",
    "2cab107628c54db2dd281984323594d8",
    "1c5a89e6f4929e4eceb2df3ce7c8f343"
  ],
  "saltedHashes": [
    "dd29c61f75afd13de0a180e7662f3c2136fa4cb7c7f2666d002dacd57ffd2c3c",
    "3f0ae9b79c353cf2a3e8aeaa86ffc8a40a72eb27fba76d09b4ecba58d1a8afb0",
    "123add59487718aa0a30f6ee10525746f244d0099447299137dd7bafe94b0b25",
    "f0fcde43af579a137fe9164028e48c3a46dc3ab6601877d710e75d4262b2d5a6",
    "991a1cd298fe7af5c3543d732bbaa8895b5ebfa5a999d307eaac5563be8edba4",
    "cc69be1237ac5dd246c0ce84fb98ea4c8194fa6dafe7235b7d9ce26877ba8686",
    "1344141bbc875b3f41ecb886979ddf826045e08b3cd6d60a944a57b204ed2543",
    "63971ce7ba557c6c490fc666f464c1fb8502e7eb25aba9cebfa82550a8cddd3e",
    "e3725156cac30b43ab40e3f9ab9efffc903f4f83f3d55749d2e4688615da7560",
    "501ca1a389b0501a08ac549d17930036780bdd27cb54d75f118fb6a4ce9d47dc",
    "6c1c396d83ecbec86568555dc854cdbf661cdef9c308ff605db2e2a8aaf7fcb9",
    "320262fcdcd5d25794ce2729468bbc78055b017d7c2ce8f0a37df6b628feeea6",
    "6ede6459a15a56baa5a919fa61855a36c04aa21856e534695efabee3ae0088c5",
    "2b798a917816630b71f6420d6312c6f5dc74b677de1d904f6eb9c60f9fa4a7a3",
    "3f0065e22558334af2a5dc9539d2c8bf8ed875bd5e08f318734bc6169e9c44af",
    "14c9ada85a8998a62449d0a881e9d46fa71dafbf558d53e5927d1440177f4df4",
    "8d775f85c36ced386a991d85d6427912d8d12430055e005356ccf6b7afdc57b9",
    "2e07e97cbbd244d55019ad3ef77e6748382e25897d24c7abbe324363e05f8b2d",
    "6d6fd1fd31009b2011adbebcd51021b21367b6fd673faca2685c0d98584e6b07",
    "ae9422737082e3aa11242d05bdb7f9592d6d373fec5328d6440232246cc43c12"
  ]
}
Warning

We use the same set of salts across all our examples resulting in the same set of saltedHashes. In practice salt values can not be reused, i.e., reuse of salts can compromise the security of the credential, e.g., leaking data on undisclosed claims.

A.6.3 SD Base Signature Specific Outputs

The cryptosuite specific part of the hashing step, 3.7.3 Base Proof Hashing Selective Disclosure, from 3.7.1 Create Selective Disclosure Base Proof consists of a proofHash. These are summarized below.

Example 34: SD Base Hashing proofConfigs 
{
  "mldsa44-sd-2024": {
    "proofHash": "f119556716f09ebb9efb36e9454671095ed75dc2a8d4ca003d5cf52605f4bad5"
  },
  "slhdsa128-sd-2024": {
    "proofHash": "1808219be86250e9588cf93db2767538992bc72542aae510871c4b9216a45cbb"
  },
  "falcon512-sd-2024": {
    "proofHash": "6619ddc3de75f7c879ac5352449e3a07188e7a8f7b4c7eb92c4efc6b909bb130"
  }
}

The results of 3.7.4 Base Proof Serialization Selective Disclosure is integrated into the final output of 3.7.1 Create Selective Disclosure Base Proof for each of the example cryptosuites are shown below. The signature values in hex are shown in Example 40.

Example 35: mldsa44-sd-2024 Base 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "givenName": "JOHN",
    "additionalName": "JACOB",
    "familyName": "SMITH",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==",
    "gender": "Male",
    "residentSince": "2015-01-01",
    "birthCountry": "Bahamas",
    "birthDate": "1999-07-17",
    "employmentAuthorizationDocument": {
      "type": "EmploymentAuthorizationDocument",
      "identifier": "83627465",
      "lprCategory": "C09",
      "lprNumber": "999-999-999"
    }
  },
  "name": "Employment Authorization Document",
  "description": "Example Employment Authorization Document.",
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "mldsa44-sd-2024",
    "created": "2026-04-15T23:36:38Z",
    "verificationMethod": "did:key:ukCRKDtY8Do_dXzYGyuX7BY-1dDYM4FuSiw0gFdO-eJXFH0eqlt4_CP4sEISGAzNlKDzLpUJWoInRywXOpd7FCp_QAJAlL7iRo4cepKhzhlq8xt6qd5jkhYF9tNH8z3RGDl9aunNy_06fWLYNScWd5RmGg46Po8T-kIjMMkJftaqqZcGDxktpu9Et2bnaZMx4K98YyG1urUpM9lgvldgg2qv-6XCrm2uXlJ9U-HN4xtQKn4Ug-5xPwbhPGR2pbcBScTFotkhBqLc2eQLL6zPutWF83sSZbOhD_11BjMkeiLyJbMeHCIhz5GDIbPksEFIaSho3MdFo5fpQ8QZoqCit3Jn4ddfuShfIoLU1Hw5EZ0xBiqOU7e-TINd7-7HsgHLmYMGnpqljm1ot3c3cfalYsg87WQuSscO7XNH3Ewa-cgU6Bnj1SGn0plTy6Yq-GxU8XUBPwsK_IoIJbXWC0UD97c9UYpNiZi0-ECnbB-Y5_SM8auMfoIeap_buAOdXlJZmcp8xNCXI59AN9-96Sdhks5L-JmsELzyjAgjqNx8Zt3KPFc2jSwNjDVC1fEa8FdDdDT3WNkF6KTt65lb5_aIkFh20nOvT7kIJcKTgmhRGNJZgGSPYVbMypaQoaac8dtEoQjvYgnO-rM_RcsiWMHNc29br3o5wdiLXdr63MoX1lEWu_THBfeP1JuxrSbUmHOByepWbubbSM4iVQITCxBHZT0Mj2bWwIxd3nZUajzebyEnsfitV01kpzlO7bzY2uxSzyplTkRfppc_7YH0y0PHaggw0cIXNSh73wVqNZmzmJx5W0_akrvy5oSz9ZB1Io2p_fTxzibefwO700bUqbElV_yuCjD7EJ_Hfqbog80y_g9TK6koX7wYwqFNQxBVavKC-HbcT7yPdvzs9hlC2MNWCT3W7gVgeYr4AFgbV9EgMcH0GtJDKYw8vkpB_vTsaSTGZAj3TNKalAwiGO50VAmF5tknF96kOrWmNL0MdkXhnm1vXgDpP68bMt4r2Qr-hNdJ4s3_nqmSDYTnZRA4qjXjrgKQfO19txt0tX7LifE1GZ1bQyS7NqHWXyMEhw6_F8pc_tS16VhvJO_FM7CX51mLLkLCGl7DsmbnEIsVUW9qlCxb6bj53UyijTYdu6uLZW9JISE2B4EevxzwDu9UGcJPHmJYi1rRQAP__jH97GiQC8FvkdAEfKqcwV9jAbBPQPG6lUkBLcoijgR3Bcwd-ta92oeZmcpoJ97PzzBbCL-NrppJ2HHQ1SMsYWoPveZTmZc66YBA0P9YfT4hZ0RQiP2gxB4snTvMFI0Ot6Q2nQ0p5DMxmWqIaCKW53rqn16AVXQeqC2TJjlbjA9sC6pr8GEGY2OQUgEmWu5GmnOSz1lNY7fNHJypChnieI_hyYiy06qouUpoHA5z_IUtfzZoMIG0yJiGUUpF9BJvYChDECCqaUM1kWnO5tKcohSKq5Hqwu_EWDRYF2tj7igSimZkS4Pts41tu8nIaVk5EkzAX9gCR2EX3Lk869mIxSyBS3MyG_NotPcbm6uXDn_YkV5Z0HkxUxYRA9hIG-UhKhK3VOaHZP8GcQN8noOMa2CnPd208X6HOzlIlxs7SRbzppUs_fHN1eROglNy-2oJWGmo-xOy0Qd44TtY0S_bYhu6iH6inrx3-yncSrWFxEiYosvYJD4ZBSyrV4d6UsfeNSHYS0ODTsdPqz4SYTeloZbIx8XWz7fxLXlNyLr3s9tp-Q25f1vTIrmQL",
    "proofPurpose": "assertionMethod",
    "proofValue": "u2V0QhVkJdPzfddikiWYcJp2E4Mf9yVI5afaVi29O4fJ7iMvgWERWnQxchHymZhH55kDlH6ViMco7NCwusfg0NrRdhvEk6x-VM7bBl6Vc0eNY_3dFcXVYIl5mltdfkgQX9pHwJgGFF6gfnPSv6A3b0IgA1W5IBFHGRfWQQI860FUuickcypHDCiaXIIQUlaImVBYP-vCffEMjXmpZZHB_5-aSIS_Q54Ysq8tKX_blmiHUzMYk1CFHFRNZdnW3JLFQ8fk5gayucogE8cKNhjMe2_X9xHy90Mso0z5xmgc9iv0M0WUbVc9PGuY6g4rbxtRPf4BLkv56Ve_qrdw3jjss3tZmTmyeaSa6g7WU-0kCbXEtunczc05pJ6pmCD0Z-ElA_ZJkyUhmQLAoJbO5Rr2o4B1A8CrnO55v7ISfEbDL6U0_KWhM5_7W0AFafvntZhK_DLNSX2-OVP-Ndutkl5B8hXFOOdW3VM6YGo9D-wk2uUVvgKuPVGfzEX8xdKepYjlV1PoZO-kf-d3Fd6jRyJnizFwjnnwyu1vE0jDbL1Ek-es4HVKpjVJCco2dpm7RWQVIU8l80qwl9ItCa2auHBdhTP4xLtMrS2BzM38pFxGJskw3weydEQvBJ8ahVBP3oXAzQJ0hnoNCKNxWsVH7EfWSIVoo-mPirsWF_XZyKR3HTpVWJ-XATfBuL8W3XGE1PVwv-jMcMfpkHDjaOauGa60dYVYl_2LXOH872Lz5pSiNHp7hB1cU2xP1JxUCwjucG4OsqMfnh4LuvEP7oI8LPRqPNobcN17UbR78e536NxvlTWAYYw6pS5QOkLptIWwtY1Sy7W4s_qOtJesC43Ybo7Trc-Lh4M5GalNjyaET4FUEtn7S6pQ2zRez7Q3FYradRjr-tv85SEhCz3F7artHCsW5jK1gIyDA4MPlOlF8dh63zgc2_naHM2edoGqP8yximRv-4_8eyHcgbo0R3LSnvUVpSnPBzRz4DVqp-BPgSOM4ZnDThcHjxcN1-onFMqCjCPcAtv4z98ks7BZUmknWTN6rUkgYgYC6VBVEjvTpO2HrI0Izu-kSSOMQTHuzDmm9StVxDiPQ9fZyuhV2CUyjwlypYDysRlLLRX-mu5r3FDckQXCqHH3hM2CEOjNN-SNL7dnfT0jYnO5PjxBlbvht32grrQ4jpxZqHHho2dnhVJ3CpVD7498VeALRzhn0bzhaVmA1JlJiwtRemZWHMVWIRiehrFkuwu-UaBC-5E1SynVCwtqGrH1ftXJLfK_XB3Yf9awYXxzwBYQADDtKZxisSDnl0jJlh6gCXz7yJu95O_FaRZ06O5m-leRUVyLte487OCqjjCIinJ3OcgbFOu3UAs-VzId1rdJekWbohxuqs1dYJoXxJpgfoMS1j5l3s9JZ1Lb2Fsa6PvqXjhJg2NRyGNky9Kt18V3XIbUyKvNmM7B-2X1cwmmw10_yS9s4_3eyEZgl-bBE4nLWZF7ToBRLeW0TYVwTedsj1cNw6d33D6Qkso2iNu0_Q4q_IjuxZcGPjZPUiHy84fqSkyD7R-avvLn5ridSKpgtk98vBRW-xQVcGN0fMDOuctgvLE1SXpYjuw9VZJQeouhzw4JnR0s6WifO9-N38GqjGOgPLVY-skoyLKQ96rLlAOG4FOoU_dhneZmNJvWqlE471m01D1fv2QQmGgGdRwFk1iSWEcH-OS26ACr58g8jdXnOvcl6YZcWRp46Ih9sUaUksbhpP6SLzi1iaGn1jCQiin40zj9rUP2C0XmG0tdag-4zY3auckGK6RlSS8KBvbt7OXfYeEMgb9nwftpTNPqRdz0Gf72zs5bxbC0QDzixHCJIWnbqO0lx1podfd8VCkyqhScaLNVYyY5DxjdP5lVtlH5Jyl81WbqxQhfpwXKLJ1K933mF3hr2LHdvBplQ7LSXzXntRZBs8cp44qTemHnhGl5xM0YKowHiGYX6LKMFnwLeR0VKBzP_H8YZqobDUd7SPKU6U078LVr007JSZvKbziVmjLA4nc2U9nj2E4pA6Q62mbHR0INHOQDrCQ2wTrhjH94IW9KegoFm-c5dRVmZrqOcDuSnOMfo-QrcySbwoGrBZ7oX9mja8wXf20g85ZE1Tllyz-otoa6taYV7Y7SbR1SY9xTDk7DHGN5D7CoP5qFvGUG8HLffi7panPh-aB_OngFpUN8Eogh-egSUfIyWWIxgJ26iW7H9hpoSJWQ0zVJNzoK0dehulih3Co0bga_98vAAhJitp1Ny-e_kjhOfytNQpXDQG1Piz5rtWvoGB5ka11l_i_rvBdYq5LX7w4KYnrlaO6vvQYL4wlO58WwIhG5qAtZjB7w_MCTiTEeSci43HapmNp73BJWmk-IJrClarDXeXATkn93owlv6FASNlXZ7vKtggUh_yFLHDtL7lKjh9yWcDc0EbZHk2oCqGC2_VdqiVbFFxQ-Ga7NxtZBTxEkUm2k8GwMi88jOVe0_RQmJU3LSfLvC1wqDXXBSOhuo1WSGMo1QRhOZPxqPGB_KjzGfEOlvxRdiMoGv5tR4wD_7tGow9UU7E6D-NkION6vKoIhJeSJieJRtFH9AEKdxn5NhOnL_uZEsoIqRwls3H7AVcdwKzcvVVLD8F8eXOwcWuExO0EjjRSw4jd3OfvpeTw-vZRcqCvCJnn1gpus3hX-Q-Ra9Tte9mOibu_lxpYxg3M1gkQfTpA9b8-tx4SJbBuYiKv-3rXr7Mo9sGvGRTRYD9bNVRhfqovIwloHZ7HJaqcv_AiwSf5331LBVeHajqmUNBImQds1sxmyurf1LMOJxMq6ECwH0ZMWPQr5Mu1eYoDK4EIdVf_5ZLQqiomyQrwUqs-Y1mgsofcAzdXlYyl4H7ESG0xPvP3pRZP-OsNNk9KhYVMJv6y2m1NiSC0goML7h2iAY4em2deAxM0RaXh1aiXDFsZXG1xepXNA-EmSDyPJad0Si2f4p2BE4Ic6YTg7k0KvEzREHP8s7GQexFd4niJWEaeBu7BzKM-GkQNVzE8WAGeOqNIGyudmA9Bd7EdKTj5xErTC85hmMMetFXpRTlLi3xO2-yoz8uKz9rxc4d9a14uSzWvRmXjK4GXSpkcln2qHlWY-lCb7uetpMcp_LFhc4TFZcYGuBjJyeqb7Ax8nP7vP-CQw1OT1ff52zusPe5u8JLUlPYHF5fIiOmK6ws7j5_wQHDBIYICwyUVpcXWFiiZy6wMfK0OPu7_kAAAAVIzRNWCAAESIzRFVmd4iZqrvM3e7_ABEiM0RVZneImaq7zN3u_5RQjxKxhAs0_d0vr-6wrp9SI1AtMYVKYzMqWyuY9YX9KxgeUFnIGtAE-byMTzGIhjZg7VRQFRwgiCddYeTTBg6sUbnf2lB5ee4eyRRNwcAjUTWjg5I3UG56MzL6_OkVQeOPTZgZdZZQprUpLEcgofpjkI_Je4ndilDUN6KeRdf455EeChILkWdkUE1PO1mXEtc6Hk0sjMJXa9hQLnAXWRB8cLjY_cj0jvAbpVBZ2bE24SOc1uTzqGkXcQgLUOgd3aB99lsBi4U70uEuM3RQrrsU53g3II7BmD3cPzeXhFBnqbWKJ6m_DcLgrZTW3YxmUEs2preXAsGmw78iJELvXEBQATrM3kZtwA_fpnavshVsflAmERslE_lp5hiLvtZBsGBRULoX31V4SpZT13t_mnpYzg5QLKsQdijFTbLdKBmEMjWU2FAcWonm9JKeTs6y3zznyPNDlFgg3SnGH3Wv0T3goYDnZi88ITb6TLfH8mZtAC2s1X_9LDxYID8K6becNTzyo-iuqob_yKQKcusn-6dtCbTsuljRqK-wWCASOt1ZSHcYqgow9u4QUldG8kTQCZRHKZE33Xuv6UsLJVgg8PzeQ69XmhN_6RZAKOSMOkbcOrZgGHfXEOddQmKy1aZYIJkaHNKY_nr1w1Q9cyu6qIlbXr-lqZnTB-qsVWO-jtukWCDMab4SN6xd0kbAzoT7mOpMgZT6ba_nI1t9nOJod7qGhlggE0QUG7yHWz9B7LiGl53fgmBF4Is81tYKlEpXsgTtJUNYIGOXHOe6VXxsSQ_GZvRkwfuFAufrJaupzr-oJVCozd0-WCDjclFWysMLQ6tA4_mrnv_8kD9Pg_PVV0nS5GiGFdp1YFggUByho4mwUBoIrFSdF5MANngL3SfLVNdfEY-2pM6dR9xYIGwcOW2D7L7IZWhVXchUzb9mHN75wwj_YF2y4qiq9_y5WCAyAmL83NXSV5TOJylGi7x4BVsBfXws6PCjffa2KP7uplggbt5kWaFaVrqlqRn6YYVaNsBKohhW5TRpXvq-464AiMVYICt5ipF4FmMLcfZCDWMSxvXcdLZ33h2QT265xg-fpKejWCA_AGXiJVgzSvKl3JU50si_jth1vV4I8xhzS8YWnpxEr1ggFMmtqFqJmKYkSdCogenUb6cdr79VjVPlkn0UQBd_TfRYII13X4XDbO04apkdhdZCeRLY0SQwBV4AU1bM9rev3Fe5WCAuB-l8u9JE1VAZrT73fmdIOC4liX0kx6u-MkNj4F-LLVggbW_R_TEAmyARrb681RAhshNntv1nP6yiaFwNmFhOawdYIK6UInNwguOqESQtBb23-VktbTc_7FMo1kQCMiRsxDwSgWcvaXNzdWVy"
  }
}
Example 36: slhdsa128-sd-2024 Base 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "givenName": "JOHN",
    "additionalName": "JACOB",
    "familyName": "SMITH",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==",
    "gender": "Male",
    "residentSince": "2015-01-01",
    "birthCountry": "Bahamas",
    "birthDate": "1999-07-17",
    "employmentAuthorizationDocument": {
      "type": "EmploymentAuthorizationDocument",
      "identifier": "83627465",
      "lprCategory": "C09",
      "lprNumber": "999-999-999"
    }
  },
  "name": "Employment Authorization Document",
  "description": "Example Employment Authorization Document.",
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "slhdsa128-sd-2024",
    "created": "2026-04-15T23:36:38Z",
    "verificationMethod": "did:key:uoCRINKVf8moX85R6JlvEIQk6Yp0uhjOB-Pn21k9wfPLpWw",
    "proofPurpose": "assertionMethod",
    "proofValue": "u2V0QhVkesN9OaTFq-GeVNCarEF8-Sg0YLGtCmWLIS5wc2SZGsjqiCr-roAdPQZd3IsupgXTBeyPGxs5drm_dP3qtzxqzcG9RNsQ2APgacu61KH19yylP7JQyl_nfCajF2f-3W6udPh0MWDFUgOIqxxbYqcdPD5DqPvZaNXXMHA3qOal0CGh_ijGU8Cs7iMHhcBOD2s2qtAE1yyRnqC1zypoL5tN3NqOHoYHPFWSokm85X8nTsjsR0H09limIb8591mRjwQrMZwUYWXygIVwI15mkQqfHKYBKLQpX73d0i3LBe80GEtrZB4yLWQtS7y613mN3R0mwQJfQbu64KGMs8Llh_LgaNDpHG9PB9tZINt8X9or3Wo69uHDD3rqPBuDbWh06bMwVtWi_3s9q6-EJQ43eRRz2SBZ1-S_P8K541JKJxb7VCbvYuIMUIQOTqwN8bb4Y5hPiUHDzcLMdRR3tsJSYpwvwCFotj-0k5nYNPxL_B13VxjkwaXD104UZP3SCFy1kaVnxLWdZ2mBGMYQXJgZRhJ7xOQcOh9TTGdzJ_rFrqy8YsfmcwdRJ6owD2U-EZTLphYhmWcssaG4eXA0F-yxuZu0GfkgwbjXCooKezq5Q0941xsUdcH1HoeRyUggL5dUGwePuBNJNfdb63UW9i2Gv8wcCRcJepn86gbGMBSfM61X0PRFTXiDBW7QTuJIRKjBHAcVvsMiCY2bRs4-VSX_ZK2ftqXV8AhqIZ768vs-72IN-kAHw6qVf8xmLWVi6FtCb4M_P_RjrrvQTeR-ACT7ApW4RJBx8CpuYlNFRIZZLz5XLZdpJHkAa_1W1RHbmx86gr_jI87CBJsdZVskhqmG8ac3oHBanDb_8LSXG6wTy79978xPv3JMmiQyota34YgRtBr-WLVjsjK43h5P6j96cwBJEEQWwkkOWYQfpy55PgA9SsL0bXZlbq0mdoPqWUxNWUldVP0e0aWvWwCOTTUOfgJr427MwGPDbsxYGw6FC6PNiuv7ENye_PA9gh3z0qi9asI9HHMkoDD_RL7EjVCGDQKhDrOYumpbyGgVcvkVyCSk-jLsxXJgBGbZTKOynETUbfuz5ZmGqAqF4FeK1T26cTo9ZVF05DPVTDUVA43gurtF72MxyxBRAgB10rvu05PJh3LOSM-qPpsvU4Wg0_qPf5vqyuXHiaI_3uZKvx7N2bpp5fnVxh2brOAxLsNy5QIrIuMZYazqe4A-cEZmIxTqLre7868A0u5QNnQbcWwk0jY4QmvSvYprLq462ZYbjE0809JeXfnwqSUUPDO5WocJ29fA3x9FixfdHT4xoj30TJLtJXm58alf3YGfIPDg8GjLb1BCB_84Mcf9oGDeJS38X-2CRU5ikbigGSAHI1SRqOGedRuCx-JPqwypgk7P7TtdohlU_34YwIY07ocsk8rTS0yvfSaFpT-CX80yGH5L-eph1ZfAQxSIqc11wLmWsQanPUaA6rfTa4m1tLspQDMR3hdDu_WixFOr9pQAplS5llv4oKpKqF10XqTskh7DDh-wqn_1fLJtitHpR21FyUA8DksmlGx30ykl9LdXL_Iw8JatHryMjDWwEiwHCoftJ9Qf9aE65DeiHrH2REnQQ-YPBCAkv52RfmgpuGXTnZmcxLqdvUE9WvlalIBAvqjdUzYLRmyHblXWEMf_nBEclG-y9N3EH_3iUst3PO15Nrn186kPrCdA-IJwS_YIXfIW-qFoD9qEfwH8A6THi75m00eq_8D-4bukY8QNzikhGg9GEEicXKRYHua-u1frkyE5RxJMbOhf5HlndEHLeDbN1O7HSR8P5CTLJ__jZjIP5SJMu_8z_bwtTd8aaOMtiyKDmhBp1KrPe8di1GyXk76ZjCju-VgxiLcCICLkcVXYfodEZfu0KMoSRmOjNF6gd-7Xr3JjrxzYQzQ_rNI968o3sDJY393BDCZMFZzqhaa_8BhbcWDoR0umJU0Zn5RyCKu4ykjwMRWfOZJFI7J7KYcb8uLPpmAbUadn1x6dmRBaVhIeml7vaWI9O5ublhEBgipwoe9Xks_5L4cOBv1KcVV2pgvMSw9cmoU3XzQX3Rajmv1CxeDD_ZRxpL1NGXc6LsX5jST01RPzDY2uPcwyzWkLOQEeQNeaQyGcGQbqfHKVEuwWh9kxf_yO6XDN-XyUZOsO2UunKuwRoSsbmkRylLd8SUe6FuBUx6tBhzzoKjwrFj6PL-FYQVjGFU-1WcDyIJssXToAc99X9mcO8ButfyLhkXp76gM8vwCANG-J48nyrQIvcXKAPlPVMF8ekOfjZY0li4TiWIsLem2Ms5m9ciIvHqaoXEk-SXTnX-fmfeiSBz9ahkmNKWEFMUEt4pHWH3G8GaZnDkuHUiBozsv9yLMBMGROIKve1EKv_-P4PP_6IMEFnf0FodOVUuBIxS0pWBCRGzV8m6Ob4RlN1OsmU_2fgGKZi8BQ5MFu75FhymkghNZ4pnoAiIQhQ5tgKMtLxQdAAkCXEKEne6Dxjh7hIWNByv_Uw-YcfuBmT4qJSqxI5g0audYKnbQSlBN_sGaGHYdFxZRZNae1MiM5pnHtdaZtrLxKxpYbrqcjedQXnq8nnK2-yBgh6xal9Yg_mru0srzj_oSZOyCkcuXhX4UDaeQE3guHzQ6bUTCJKRT5wqZ9lr9rZBctSkGx-WospnGFWwxrAbKzvXVutKS3gFfH5gBSlNGbvJ-Ao5Rr1WG87-LGDLWYqCQZAdg7jm9D0tV7gt-qCANEvAigy66VCRC_RNq_raKyqpS6nSZ3JC6pBIHzErvFodTZw_ZUZJAqTYoDxFUmbUvACWi9rXJN-h1Ia6xXbEKuxt_g_iD9GthlT69Tzm3ZPhY1_777s2JYMyCdL9mclivk5BaPi8b3-e4u0Cof-XAdXIEAVrlQXOmN5VVkoB0LJigVq5LAGJ6cy-NYJ-ldcFklrMjg0Bw35CYCcMaN8C3ho7s83q8FQGFpyteDtexJl9ytaeFnQOIHlVLkDPCMDZPrVt0dZJtwiB6o6uBUwIyrl30KjAssrJzSSvuZo9TGmlbvxUyIXF2Os_iQX2gESs1kjIyHY29jq6LSPqOKG6atwRT-e9HQRy__tq0UJTmGsf4KXC6V1tZU1kMUZDVPHFxCG7SbQsfoVNSggyWgp0pfj4YJfZMz5pUMENELWvsR3TWXOGiwkJPR8eOoy6-8lERlGyG9F89bTRrJOpbPufbSyKGG-oQ63brw832quY9q_WbFlxXktsr8AzIgg4gXI8oJGLL59JdTA1m8K6JcUppi2a8Ago2JodRKAHXsRV0rgEATqqEfHiaMusHaf1eHn-odQeUt4WhLJW8s9ACejJ1qltJ4m3hQh5gIT5MMU2ybrywjD_5pSvzry82Irc1r_LsDuct81YnL844qS7HYdIBzgqlmtXywmnO2vFOvBNNABUFD5iR713I4ctiPoAG3_aWF_Q5efrHNI0h99Ed1e2SpyCSpxRJ8vtfjJxSu3Xvz4HPFklqVZ0yc2d4rgzlWNFgkYP4Nw31Pt6YpYs3XdIXDZ--5dfq5xgbc5qUokOy0WOvYN7AoOwz2EliY_iVqX52ReW3lJFJwYdDE8EsBaKkVEjBHIMLYlDRZcaXzqfr5XZmSNFo2QQqj9eGsr0TfqATvFbjRh5wl5mlbZ9BhE2C8Tjt5b7BSNqu-zNZ9Yq0UTelMH2vF6mDw9KH__J4HLrcA5M1gSqXGOXE1-LpaXjdlOyH_BOkUTvJK6TmUESEf23Wy75a0IJKQvDypBUuSqMy9SY3quK1ajRlfEMuoCzVAqGEP2hbAPOrs8Q4kqMGp-gZL4OhZJR7OfW1Ynv82Ey34C07BiVcoDrGrOXmgRqh5T4JKjaD2fdkv2kTh0oX49YWm74coAGtG8x_mt1vPq3paBgIWuXtCT2xuHCBFuKWY39oGQNy25eTfGfUaDHAbs33PFDgBsfREV-NtVxzijSN8yVdAqlVBL2Pi8PQ9A8qsyKx9NyKvHrj4bsf0wXSiNhO8KJ-VIt7IwzDjhXlUOPG7ql0u2yhZOhx4OgiS24zukv8m8PNE9_1m1Ml-PuC-Hd8q9nYetcylz3XQ8U1lj5b73TcVviUoL1SDmqwaMwxGnAIARcqcFQJgS0X0gs8sHv8lKEo4m7xqKRu2FF7z3QKlZk_IBXWOQqdvmRVf12B5lykXu47DvNuPCjd6bsJmk6ryZcMUC1bfiKi9S3fRq6jAtjrxf0dogimPzyd0_xBtj5NPJMlMj720s8_fyhFcLZK90gz0qO125-VyYxLneF09uUOn0byaWFn9X12k9nbVQGLkhquYwVEtZd8M47kuR0iRLo0cG2j4zb_0XJ_EPXwpaq7YYsutBSCNC4tMSQ0bL8SioCqz8dNI-X212Qb1sW1R5dGqHSEE6zNB_s8y5drRdjP24YUeM73Ik5N97dMPzuGzju-ZbnAVOxgy8tLaFL24IjdFRgGC149HCSroZEx_IedqbRSiT-136aH2RHULxXGjmPge1yFZLSP9eE2tnDxeWc3go23pHljQdMRju9aziXgGageLfeD-gXaTx-wE8LUV3ZboarrS7nz72mfCrok8NdAPT0aYU6PDIXOWDOwE2ajKxbRgekVsEpOXZ5nJT-NUbywwQsrZr6P9neup_JG-oQKhB06V5mw6KPGisspyGL_eCLa4_Bm_ZY9MP1htdjE4fhpR4hj8nrUnr-wDpd50tdJ7tDFXJR7QXUgx3JtH9DGGYm3eSlEwpOjPW5mA9pWUvXCJu1BnYZOTIivoNXYS3EPhM5jIlUM1k7Gm3vRJ7KD83GTK-DzJLjxvsQcMGlSw9Dntvj0z0Qrv3ds3tjZFaSXmgstT4AOjJK--dtuDTJKN_WgFDX09aO3rv-_SVGDhou1IxSlqc3Xw7CFIfX9kHi_0xOSnjcCfrDx9ZNYQF-_4W_A_vRA-U8MAYPirVZVFUDGJIHN77nJS1v0FFHn1ipRpGSBjVd4cSX2b5gv9Y8WkXLuT8Fvw98fjk1-g4eK-vYvgEvsHQeQNTYvJNzaMv8ZkRjcYVsMml0iTcf5KrE_c0bmIGjXbdbfAo69XpcpZaXZ_y0Wwm6A9CwLfT4Iw_duh9ojeEUPmlkaUfd5jLnZmbiJDIGMF0fE0czPgc224NhC8bkV47rU5uIWwiYewW8CD0gdtxy48GmxzIMqJLZPSG8bTYaX-INu0p29LImUYJwUevy5ORN9odIzR6q3Mk5is3eD_uYA5t9NCHFX1cnCvJTKzghT9CXeSLzC1hcoASQ1um3OFZDgy2uPv16HjZtjaqhq9138dbEzt5MhYYO7OqDB4I7wXQGvSIbSZMb1HCt8aQCGaOr6RLzYoQAwGvHleGYjx0HIZ9EnxyeQDxLL2fpb9_OthMYVAk0QQmszVvqC_6LZdmeb7zhzNJcAKNlNYNVA_QVRT2An9ZMCYnhUCmsmWrCl_4d0iXUm9MHSippoQvcslHCE4MpE2ByqSJszAR_mxU1hijbdvz-8GTKew4YrYrG-83vG1mspJO5J6B7gTjvyI3-EWgvCxSmRN-1vjPWYzgw6uMDPQg5tix6HiQ77mFOZzfwW94gEfDest1SLbDv3Y7tbX-tRm9LVHGaISch4wFejng8dqqhlKD_HWMPp2ghkrUywXsKHWc0KUe407ZTFz3nxz0UW0OTsHyoQKebiPG62JtLGbFPhNqGbZxOG0t8G6hMiXE8BffPrWkNrHG3uDn2ta-TddYsEfylTthNU0hOyHU4kf4URtNQ_hLfCvY-zPA2IHInj5efJS3Yct1wZDOZuaTTMsLlSe7op4KuNGkJkSl0DqwAKooVLNGTz8H0ihwlfLnG5L2ZnRabpLO7XeeTgY3qX0ub8kA8wWH73q75lQwUkty3Qt5vG0Ha6KJVl_ZEjHv6Xm0iHaMUWOWubelFXMbK4jzkaj4KMDVGJ19-Z1AfVp-0hT6BXAyLD0VzPa_582LAtkVAoZcqX0tfRQ4Ck5vNOrj8HZRClT0N5AqTp1CojCNESpKShWt6YsS4ROEKBQlRmrNugN0x2pDWQbeqRk4Cdma4RVEdZ7P4O5jJywX9FZZdDINjYhpfGT9c8MlyiyGAOJKYmBaqon3p7AW8I9u9-lOSLMkDacKNLgZ0R9eVdTMDpn4Qj5IuuFqf4tV_mW8VZUs_ZAh2_Qg4xDGaKINPJ_9FlxkVY9xrc43ASCqp0ee1lqw2pS-BpR0V6IX0GAuoQ454PPJcuiyiVNtSLrV03KoxFJscxw0jchF3DK8h5ShKXk500fQiEQE3TfAZ82Sp835Arhh6XiiLLNeG6GFmlW22G273U72c-wshmLuACXzqJDcHaUsmcPMeEGAZk8tHILlThtuosXnSvL4_7nAjIIT3xpRwf-84f9nqI-C7pWJH-h2eEVqzwi3B9LnOycm6KwOdvIXcjZNp4RhMbkr39ZBGQkPO1vW9PAlypqmGj3ioxnbIGWbOKIC1kTFjTQiv-qxPbEGJxd8jMfDC0f8JJRDDN_oPrREOmQuLs7jkTwXlnJ3fS4qR8czpXhJ9cofR_yB3qECin0i1_U7i0Qh7K9L8oFZ7gUVJRKl8teEGPINSoNVrae6nxTiWQM6ogooEarY5tF5s-ql_TGSGX2mBQGSXUF9HJh7O1F9-zqfAh8QVcICW6SeuIKJyF-fBDbj-LfX2mnARKEUc4-aTeduVsqZz_LLZwNQbbQPAzaahRb5exfoBbLFYnjjs0UheabBPiy1oo5vBhTqIwRCzRqAP3ouN2Jbn0co3DXJIE_U09BF96PDP2PHM0lIxV4K6OMnEwQKugXb_YGnABwXx-bRpKpIslGzK9YyrR4SQOekvcxGXphRJANNixHTwdg45k7nD0rOWjS3Qowgucy3gwNnZV7RyCyugAjCi40xArlWfAGwzspNANsrNZLUNzPTpqBXw64hxj0t-Rh3O5JBOr6r7REeA3oyV3VDwKb1nG8d_t-o_PtXn35Pf5LChNe7ZCICQz2XufQN74k_BQpSrY6WPvRXXKQzkdDpUe-iSoS_hINvs332WImjBOQONwowfjnKhlgXRy-PcNPEUI3X_1s7aLvadkaa_-8yGcr6Ptf_EVGBCab6Uvws0NuGrePilQ5XcqXaiVwa0G96kuGAweHF_zJw4uICw2GX0G9tEIbMOIu_Zt06S_w3G4lMQlNmT01mvQq7S14Fq2WqTGRDxOQDuHjtgiiGbYbJm5BOtpPVe5mJfhTeOSPmhlTOgeCx5k9Vpf1fn8H-Ap8jSA9dA7kA5HXryhgtmrIiIM2ToX2U9rCN7lNJY6IIdrQ_N9lld25xr7zlx0UbT_0yQWPgF36opvxDW2kvvzgxNHNGCpYD5GKowwkUzLk8OQykJOUPLqvNLQZN1Wce1p2K029xKry4EZoIWRqSie0jLrCMjkj6MYTLW_3-MotGGo2XrKSjXj2g4xS0Pm7khe59IjQSwXvpLAJXhoFQAwOT0qGB5oV4pxkzPtBcthmf_HS6yWE9RhPxubiT3a0mwjve9th7n4fOG7rHO1qwpeRDzoyTZY8Vcq2PS1ueNnoksP7J8XR2mPJyCnvsz6Z7j2-SjHBeqqO2wsA4ZUvwB0TMlr0I-aBOV2BiMH4Daw0CUNh_qx7IJoR_1lVHCGuJeCnC_46sm6hyrV0LzQvw9uEKNHVCqhdekq7oIS32PVdagRKIxV20WcOxKnF63Dwf2l2HjpirbemFcuOmszlKnPOuI11Q3G7j8Bm7cBV-uWbO1O8Ed6w-o7zL-IBvUUQoBOcpbxEY6m8BxW7ZcJb5_V4jkqlfCm12HV8UraOlUrUONDiJl_hwicoG-xbgYTTVMSrl9GPzd6bBcbj_ILQTp4KS31k161Ybw7_F3b-Ep57xiNtFpLztM9ITLOG9tPpyvWpn9kalY2eRchcWkKA5QVVxRogX4Lz4cA86C71WN5DVA1PXw9U67zbq6MCtxPCkrlTkU1khmra-j9_lUk1dNJrDDfnF0iu1ho3h3As8JKzk4C2LhF6BhLcAcnQvmXH0PMm9TpUyX5tf3oK65tdFGWUWnU9TBzhtdNXwWzkfUslh2fJ13ItkvSTLXEMT8hXVknds9rU7UCWmmeqhcIxd1Cfm2QJBrMiivkEr9YKCCazR8XPIRPf2bXVWYwHHSEAaomXXfrGycVH7zxfG742fZnOX4Ze2EGZLj520ovh19iKGj69TNY0ZI4wWeEWwplPPJgiaSXIFbkD43r4W8M2FkcGv9_O0zRSZ35JH7K-QGuNODgOxnlx7jZ4fvqeTx-8mtvEZKjzd2U5lA9iYurkKs3Kxmye5ap7Yy823A7towttw9bLLCfeH8CyxEwsSlAxUjjREx7Xnb9t-KosQwINAtSMC_LuBsNz13U9mMwzVioMhp7I2NUzkUOD6myfHnK513DmdNqD-b6nXtlQWAKyc5Pao1R8ETSwWwkYdr-82x53yFSSZpgQdSfl2MptO0o5mcnQ2lbclwZ-3DBbgTqy0dZgzlVhz_81zmBTPu3-idvhlN3ySgTq3I-q-amKEgyTGFNPwA-0wGy6QomKNL1MvlL6HJuzWwdS3cCK2WTFYqUlV42dy-1DjL8HSfLldbxuUEzNtBnqYD_JOHYRcnZvFBxvDkrurT1vuhOWkr9mB4_lewcvi1mzvMJUnJiaedjpwLDUxD7otjasYHdm-HmuBflDWG10Cc_bhER3-bQ1esTqzd27vqmiOb7jc_Fggv7xoCPErehIeFO-01nYfuuUkKYsUAvqOpH5LWHkmLzMo5sa8eXhT84-piXZHsS7anJe1-e_DcKGg1VQF4x45qCqM75lAeHpiHTZ1swXf3h2D3ohA4o77zmHYqeto03RxpZ6jmECC3JsCrZ_VAXsCG-nTdDxBT14tiGFYr4ChiIhlVgWkivLRM_f0vPDwkUIF8BoFq0LweUpQFPsyQVBTNuiPXTbbrg8jllSWDVuR3eu7EsZjHeHuB1DHwI9PtT3kXFaVuMIj-2JS8iy5EFj7cxPOPDjkt8dkx-MitN6Sm95tR1D6r5SXYKBt1AqL2z0ba2HY2MRsZiycG08_WEPPIrTY83oGR_wHjBO4ybMHG7pWQ98MkHx7M9PLq11De-3aBEI5CPeakuf9ROzF7YHj-Uh84pC78HY1zkHp2QzmApXnr2luurQuVQxcCcG3ViZvskhk8V-SvvtGC3vAVdpqacYkx_uNfjx-awppo-767FtJIHVhyPMtZWerB1oB2kW560od-c0tyU_7VpOUmKbT1edCHwEU9JnEe71ng4w9-xCdeHlsTjS5G7XIGFlnJgHSx9zCrtIwLYhxk0m-wqiDdOILdHeXb37yEA2ZmpkpYtebyKhLRT9QuCiCo558SAhL7klfXpdqDq0byfRLSgxuNJcSFiSh4E5hDCTA-0XXg0hLGP4OM2mVGy8SJS1XXJjKOTN2ZMJ3vosFJpzBFTJkD1P2FGf7IYaSsAzv2mToyoq1bm3Qrux2ofAYFwAXQ4bmQEoGgLWH6GIbY0TBuYcmAP-1Q7jtiqck4jxNTEhz0c4jikmyfWamsIMZnsizIVMvcHAQd18AhFBbwprK4-lakqMaklqYSfDQ9xnpD66zzRWsXPRKjjFrb2OWg0IN8SId85G2yjF2okFBw_XnZmE2uVqzmlD0gbqfkI3TXTfAmY5VRITphrEJkZ6m1NSA5XyhYC3AyNV-GFIXc0srOee0esWP1ADwQiCijf9-z8JAPfcbpjty3DjaaHwr3hCJXPxZ77wLoY96ZcBz-J0NDwfg-FtX3bXQtlhd-2Yd-7LI6_DvOqLguZ2kbFS04cLo3lCL-6zBb4iBiLLTey839y-ZOdGSgzy8hb76wNZq9Y4WCMIcPmJwEp88KaU-S0SRuqko1wNQfggfQZNmvFPpYffAa5d1yYhAbPNPb6m2Nicui2GcMO-fgXPDdp3rGHFNs4pm4-nsNKjAkz4mrZAInnS4mhyPVV3mIz2o_kUA8t_VmPBJcKXzRojYWXtdF1VunFX2Sa6DO3Rgz02FZqZaOgCN0VL2uAB5Ndjh6ViI-LgcnOIDOrRqmR4LOo6Soy6Co3SFZeElXcF3ltBHWMXJqe0rV7YThkZiCZKVIFOTJMgFFYv6LcoV2hpy3iIYugXF9GnRdfC9-e83Y0rU7t8YZX25vD28SRGNPBI0foi6tqQG_844cG7jm1sUwtZfEzVuegH869qx2uBq3AV_mlmemJ6ha1nixcYIj3YdMZi7jsFDaY6MuFGaQKUyt7jaYTVGO3dbeRBMHDro4Nd55CM0cn6ex6GC66svM5LaI7zxGgR5b0ZXJRaDlnoo6SEaDUPOJsTZOeZ6BrGYepZ6G9XFbTeNLZKuRXVWzSKiyk6ziE56s8TuABY0DC-_dcVt5WpJLSF0uyWJj0NgE1kyrblGyLMdlWXUgNx3B6BRHFlwzYMZ1XGEsHTZQPrnHONRlXdZy9kB6YtZqCM8WFlhNbgNhIOD5jSdV3EnWCAAESIzRFVmd4iZqrvM3e7_ABEiM0RVZneImaq7zN3u_5RQjxKxhAs0_d0vr-6wrp9SI1AtMYVKYzMqWyuY9YX9KxgeUFnIGtAE-byMTzGIhjZg7VRQFRwgiCddYeTTBg6sUbnf2lB5ee4eyRRNwcAjUTWjg5I3UG56MzL6_OkVQeOPTZgZdZZQprUpLEcgofpjkI_Je4ndilDUN6KeRdf455EeChILkWdkUE1PO1mXEtc6Hk0sjMJXa9hQLnAXWRB8cLjY_cj0jvAbpVBZ2bE24SOc1uTzqGkXcQgLUOgd3aB99lsBi4U70uEuM3RQrrsU53g3II7BmD3cPzeXhFBnqbWKJ6m_DcLgrZTW3YxmUEs2preXAsGmw78iJELvXEBQATrM3kZtwA_fpnavshVsflAmERslE_lp5hiLvtZBsGBRULoX31V4SpZT13t_mnpYzg5QLKsQdijFTbLdKBmEMjWU2FAcWonm9JKeTs6y3zznyPNDlFgg3SnGH3Wv0T3goYDnZi88ITb6TLfH8mZtAC2s1X_9LDxYID8K6becNTzyo-iuqob_yKQKcusn-6dtCbTsuljRqK-wWCASOt1ZSHcYqgow9u4QUldG8kTQCZRHKZE33Xuv6UsLJVgg8PzeQ69XmhN_6RZAKOSMOkbcOrZgGHfXEOddQmKy1aZYIJkaHNKY_nr1w1Q9cyu6qIlbXr-lqZnTB-qsVWO-jtukWCDMab4SN6xd0kbAzoT7mOpMgZT6ba_nI1t9nOJod7qGhlggE0QUG7yHWz9B7LiGl53fgmBF4Is81tYKlEpXsgTtJUNYIGOXHOe6VXxsSQ_GZvRkwfuFAufrJaupzr-oJVCozd0-WCDjclFWysMLQ6tA4_mrnv_8kD9Pg_PVV0nS5GiGFdp1YFggUByho4mwUBoIrFSdF5MANngL3SfLVNdfEY-2pM6dR9xYIGwcOW2D7L7IZWhVXchUzb9mHN75wwj_YF2y4qiq9_y5WCAyAmL83NXSV5TOJylGi7x4BVsBfXws6PCjffa2KP7uplggbt5kWaFaVrqlqRn6YYVaNsBKohhW5TRpXvq-464AiMVYICt5ipF4FmMLcfZCDWMSxvXcdLZ33h2QT265xg-fpKejWCA_AGXiJVgzSvKl3JU50si_jth1vV4I8xhzS8YWnpxEr1ggFMmtqFqJmKYkSdCogenUb6cdr79VjVPlkn0UQBd_TfRYII13X4XDbO04apkdhdZCeRLY0SQwBV4AU1bM9rev3Fe5WCAuB-l8u9JE1VAZrT73fmdIOC4liX0kx6u-MkNj4F-LLVggbW_R_TEAmyARrb681RAhshNntv1nP6yiaFwNmFhOawdYIK6UInNwguOqESQtBb23-VktbTc_7FMo1kQCMiRsxDwSgWcvaXNzdWVy"
  }
}
Example 37: falcon512-sd-2024 Base 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "givenName": "JOHN",
    "additionalName": "JACOB",
    "familyName": "SMITH",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2Ng+M/wHwAEAQH/7yMK/gAAAABJRU5ErkJggg==",
    "gender": "Male",
    "residentSince": "2015-01-01",
    "birthCountry": "Bahamas",
    "birthDate": "1999-07-17",
    "employmentAuthorizationDocument": {
      "type": "EmploymentAuthorizationDocument",
      "identifier": "83627465",
      "lprCategory": "C09",
      "lprNumber": "999-999-999"
    }
  },
  "name": "Employment Authorization Document",
  "description": "Example Employment Authorization Document.",
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "falcon512-sd-2024",
    "created": "2026-04-15T23:36:38Z",
    "verificationMethod": "did:key:urCQJjNUc-k6X0bvWIxp2p3VqhYLhiZ7dAxp1O4sgNX5mEBNFZ3iYopETaw3ZUtHfZbycHmQl_Rjgj1-cUNpQeAwYl2gW9QYtQCQBT1DdocpQxApos-ZLBpqvGcvGHxnKUlrugOYXwe_4LpOkhLIMAsXeiSTVPaXVmii_cruYp98AE0WVFU6hpbnNlCOKBkxFqdW19QZ8qR51qoJqMKGeTIqmJCF50I2CsCm2eRq60JUcN7dk3cazXoMtKU_YOA8vA_2X2qNPHrhpuXtPw4Qbom0mOandM51FO47rakCoGMgXg7l_vcC38KvDkKyIJPsnpbzmiDoJZK9iWYdGCiruOZlx8VMDqpyd7shQYXw5njUi5Z0DOZU8Kk9MFiiG9PwAAMcdad9nfFEGTaD7sjfV4BIcBzWE4H4euWenzpbvnERQN2RtsnM-SZo9zWQdljcRZyBeYkD8MIDrkk1Z05njmgw_IK4jgludKBj7ihrEzlOaq8mxLEOi_P3q62F5mgRm8FnG-GexQZQDbjGqzcPSJGw9kEo3sB7g2A3s97iszIxQoSrna8Rdl3r6mdWX-TIydwqLIRGhrfJhKk8XQnrXyt1SySEEG6YM2ON2oVy1E1Nxv36rYoRc379Fp-OtYcCwWn1nTMayRq07p8wHqJ9OncHi1ytgTQN7myPxHzzqhyvue7BkzDEcUy25bfmhQicmTy3Upw1IgDrJXMKrb68t1aJ1Ypc5nAI1kfscrSbAAOCDwUSgNTbpL2mQhhaRNSnRlXCRNcptbn9d7TkCcO7yDBQdgeDrtlT5K0nDISZJsPNGCk0nNU2sgZwH2mbqfdaEGoNSYPE0eRCRpbJYloZrx7rlx7MVxteToF7iGNsjLqEGNTjiuG_AXxWXmuS1bSbLtEThADQUdjymUzDkarmbH_xY4X13f-KCUejGl8YEmFw60imKKBmpvaklKYnTNYjN5_WR8mYihBDiqbApYumnQCM7vIQDGuOFsxW5vGkeiWKYnPmw94brGf3q9E6SOSlFTGHiw_KdthKAAA3UYv6axebtIxl2KtHDzSqnSV4FrBI8JRSn2MhrP5VYnXh9nA9F3eEUx-Eme6JOZeIZGpde2dXXxg2sSoVFP1eNNkZhBf1lu414-KI41p8rDeuagkSekThSi7sdxzeF49bMiN1zJg3aNgEfQ0Fhm8Wm7TdNVeowG8k",
    "proofPurpose": "assertionMethod",
    "proofValue": "u2V0QhVkCmjk5K4XKgWBEn15mlhTAqUq819bqyH233Kqc9hGHoirkOuxXrexudHudHvRvEbiCEkDQcz67NcWH6acuGJNKQP3rKt14TKJ9epkAyArE5VrWf5gsTKdlvJ_aI3rN9mz3bQyhsoZT_FIl8JGgW7TxNiJNby8VXvkitA3UJ0KjI57au2ETYhKKwtaKs5nv5Tuq5MaVAkuSrp0O1S8ORgppFpQ1s0XvcscWvzx6297N-rif2apUxyv3uM02_cMLPOE4tHKQdQp81OkIF-0DlEbwnq06I27slT6WMdHGcWyvFBUAjZTJwtcTS22rBSGFqkSo5uWnZlit1OUgYFO9Oi5TPbiGIkkscOusfucwbAyM_mHiePBoBh_HimPtkqRR7lUf5A27dlBSSY1iutYpGrbBqY813UjINGkaPTnomE0DU2CNQtDowyLcdH7o8TZTqdRvCwa0Rd6m86n3bOZP7najNZTpG3-MUUOvuvfFi9MTNmuKHTyD_62apLuvlL7psOiNpbC1uUNqgzxQOHx1sHPdWMkLb7BpBcczsKyU9oc61LkRzmZLcoYf8g5Iaex4sPrfpCnAhRrjTZE6zMUOn6RY3TwUbnonVUat4s1m8LztCbPlEhTrn9ZHqk2rN_3YfQefwx0cLBtsdrPljkD9KxazveOCEAyyiyDXYzdkLUFHntsMfUO9KkT1vixm0EM69eNTYNa8G9WJlujT7Iu2C5bnXHx_945k8d3Mx8sIKk0jnuFn-J4KsyhAVrzzVeaMJZM5URFTHGezOc8rr7759ck7K0wfJwE5LvM80B4CAErIGiynJDkql0TfJ6ktFq82etgopADZ_FlnZhq5VGoESfUv-Ugu9WvPDQIDkmvunnliqV3JnoQAAAAAAAAAAFggABEiM0RVZneImaq7zN3u_wARIjNEVWZ3iJmqu8zd7v-UUI8SsYQLNP3dL6_usK6fUiNQLTGFSmMzKlsrmPWF_SsYHlBZyBrQBPm8jE8xiIY2YO1UUBUcIIgnXWHk0wYOrFG539pQeXnuHskUTcHAI1E1o4OSN1BuejMy-vzpFUHjj02YGXWWUKa1KSxHIKH6Y5CPyXuJ3YpQ1DeinkXX-OeRHgoSC5FnZFBNTztZlxLXOh5NLIzCV2vYUC5wF1kQfHC42P3I9I7wG6VQWdmxNuEjnNbk86hpF3EIC1DoHd2gffZbAYuFO9LhLjN0UK67FOd4NyCOwZg93D83l4RQZ6m1iiepvw3C4K2U1t2MZlBLNqa3lwLBpsO_IiRC71xAUAE6zN5GbcAP36Z2r7IVbH5QJhEbJRP5aeYYi77WQbBgUVC6F99VeEqWU9d7f5p6WM4OUCyrEHYoxU2y3SgZhDI1lNhQHFqJ5vSSnk7Ost8858jzQ5RYIN0pxh91r9E94KGA52YvPCE2-ky3x_JmbQAtrNV__Sw8WCA_Cum3nDU88qPorqqG_8ikCnLrJ_unbQm07LpY0aivsFggEjrdWUh3GKoKMPbuEFJXRvJE0AmURymRN917r-lLCyVYIPD83kOvV5oTf-kWQCjkjDpG3Dq2YBh31xDnXUJistWmWCCZGhzSmP569cNUPXMruqiJW16_pamZ0wfqrFVjvo7bpFggzGm-EjesXdJGwM6E-5jqTIGU-m2v5yNbfZziaHe6hoZYIBNEFBu8h1s_Qey4hped34JgReCLPNbWCpRKV7IE7SVDWCBjlxznulV8bEkPxmb0ZMH7hQLn6yWrqc6_qCVQqM3dPlgg43JRVsrDC0OrQOP5q57__JA_T4Pz1VdJ0uRohhXadWBYIFAcoaOJsFAaCKxUnReTADZ4C90ny1TXXxGPtqTOnUfcWCBsHDltg-y-yGVoVV3IVM2_Zhze-cMI_2BdsuKoqvf8uVggMgJi_NzV0leUzicpRou8eAVbAX18LOjwo332tij-7qZYIG7eZFmhWla6pakZ-mGFWjbASqIYVuU0aV76vuOuAIjFWCAreYqReBZjC3H2Qg1jEsb13HS2d94dkE9uucYPn6Sno1ggPwBl4iVYM0rypdyVOdLIv47Ydb1eCPMYc0vGFp6cRK9YIBTJrahaiZimJEnQqIHp1G-nHa-_VY1T5ZJ9FEAXf030WCCNd1-Fw2ztOGqZHYXWQnkS2NEkMAVeAFNWzPa3r9xXuVggLgfpfLvSRNVQGa0-935nSDguJYl9JMervjJDY-Bfiy1YIG1v0f0xAJsgEa2-vNUQIbITZ7b9Zz-somhcDZhYTmsHWCCulCJzcILjqhEkLQW9t_lZLW03P-xTKNZEAjIkbMQ8EoFnL2lzc3Vlcg"
  }
}
Note

Signature values are generally based on non-deterministic algorithms so you can verify a signature value against its corresponding input message but you cannot compare two signature values to validate these test vectors, i.e., your generated signature value can be valid, while differing from what is presented here.

A.6.4 SD Derive Common Outputs

The first step in formulating a derived proof 3.7.5 Add Derived Proof Selective Disclosure is to 3.7.6 Derived Proof: Create Disclosure Data based on the document, base proof, and selective pointers. This process creates an object containing the following items: signature, salts, saltedHashes, labelMap, mandatoryIndexes, selectiveIndexes and revealDocument. Except for the signature field these values are common across the cryptosuite test vectors and are shown in the two examples below.

Example 38: Create Disclosure Data - Common 
{
  "salts": [
    "8f12b1840b34fddd2fafeeb0ae9f5223",
    "2d31854a63332a5b2b98f585fd2b181e",
    "59c81ad004f9bc8c4f3188863660ed54",
    "151c2088275d61e4d3060eac51b9dfda",
    "7979ee1ec9144dc1c0235135a3839237",
    "6e7a3332fafce91541e38f4d98197596",
    "a6b5292c4720a1fa63908fc97b89dd8a",
    "d437a29e45d7f8e7911e0a120b916764",
    "4d4f3b599712d73a1e4d2c8cc2576bd8",
    "2e701759107c70b8d8fdc8f48ef01ba5",
    "59d9b136e1239cd6e4f3a8691771080b",
    "e81ddda07df65b018b853bd2e12e3374",
    "aebb14e77837208ec1983ddc3f379784",
    "67a9b58a27a9bf0dc2e0ad94d6dd8c66",
    "4b36a6b79702c1a6c3bf222442ef5c40",
    "013accde466dc00fdfa676afb2156c7e",
    "26111b2513f969e6188bbed641b06051",
    "ba17df55784a9653d77b7f9a7a58ce0e",
    "2cab107628c54db2dd281984323594d8",
    "1c5a89e6f4929e4eceb2df3ce7c8f343"
  ],
  "saltedHashes": [
    "dd29c61f75afd13de0a180e7662f3c2136fa4cb7c7f2666d002dacd57ffd2c3c",
    "3f0ae9b79c353cf2a3e8aeaa86ffc8a40a72eb27fba76d09b4ecba58d1a8afb0",
    "123add59487718aa0a30f6ee10525746f244d0099447299137dd7bafe94b0b25",
    "f0fcde43af579a137fe9164028e48c3a46dc3ab6601877d710e75d4262b2d5a6",
    "991a1cd298fe7af5c3543d732bbaa8895b5ebfa5a999d307eaac5563be8edba4",
    "cc69be1237ac5dd246c0ce84fb98ea4c8194fa6dafe7235b7d9ce26877ba8686",
    "1344141bbc875b3f41ecb886979ddf826045e08b3cd6d60a944a57b204ed2543",
    "63971ce7ba557c6c490fc666f464c1fb8502e7eb25aba9cebfa82550a8cddd3e",
    "e3725156cac30b43ab40e3f9ab9efffc903f4f83f3d55749d2e4688615da7560",
    "501ca1a389b0501a08ac549d17930036780bdd27cb54d75f118fb6a4ce9d47dc",
    "6c1c396d83ecbec86568555dc854cdbf661cdef9c308ff605db2e2a8aaf7fcb9",
    "320262fcdcd5d25794ce2729468bbc78055b017d7c2ce8f0a37df6b628feeea6",
    "6ede6459a15a56baa5a919fa61855a36c04aa21856e534695efabee3ae0088c5",
    "2b798a917816630b71f6420d6312c6f5dc74b677de1d904f6eb9c60f9fa4a7a3",
    "3f0065e22558334af2a5dc9539d2c8bf8ed875bd5e08f318734bc6169e9c44af",
    "14c9ada85a8998a62449d0a881e9d46fa71dafbf558d53e5927d1440177f4df4",
    "8d775f85c36ced386a991d85d6427912d8d12430055e005356ccf6b7afdc57b9",
    "2e07e97cbbd244d55019ad3ef77e6748382e25897d24c7abbe324363e05f8b2d",
    "6d6fd1fd31009b2011adbebcd51021b21367b6fd673faca2685c0d98584e6b07",
    "ae9422737082e3aa11242d05bdb7f9592d6d373fec5328d6440232246cc43c12"
  ],
  "labelMap": {
    "dataType": "Map",
    "value": [
      ["c14n0", "u3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHg"],
      ["c14n1", "u4YIOZn1MHES1Z4Ij2hWZG3R4dEYBqg5fHTyDEvYhC38"]
    ]
  },
  "mandatoryIndexes": [0, 4, 5, 7],
  "selectiveIndexes": [0, 1, 8, 13, 14, 15]
}
Example 39: Unsigned Revealed Document 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "birthCountry": "Bahamas"
  }
}

A.6.5 SD Derive Signature Specific Outputs

The signature portion of the 3.7.6 Derived Proof: Create Disclosure Data which is recovered from the base proof is shown below, where we have aggregated the different signature values.

Example 40: PQC Signatures 
{
  "mldsa44-sd-2024": {
    "signature": "fcdf75d8a489661c269d84e0c7fdc9523969f6958b6f4ee1f27b88cbe05844569d0c5c847ca66611f9e640e51fa56231ca3b342c2eb1f83436b45d86f124eb1f9533b6c197a55cd1e358ff7745717558225e6696d75f920417f691f026018517a81f9cf4afe80ddbd08800d56e480451c645f590408f3ad0552e89c91cca91c30a269720841495a22654160ffaf09f7c43235e6a5964707fe7e692212fd0e7862cabcb4a5ff6e59a21d4ccc624d421471513597675b724b150f1f93981acae728804f1c28d86331edbf5fdc47cbdd0cb28d33e719a073d8afd0cd1651b55cf4f1ae63a838adbc6d44f7f804b92fe7a55efeaaddc378e3b2cded6664e6c9e6926ba83b594fb49026d712dba7733734e6927aa66083d19f84940fd9264c9486640b02825b3b946bda8e01d40f02ae73b9e6fec849f11b0cbe94d3f29684ce7fed6d0015a7ef9ed6612bf0cb3525f6f8e54ff8d76eb6497907c85714e39d5b754ce981a8f43fb0936b9456f80ab8f5467f3117f3174a7a9623955d4fa193be91ff9ddc577a8d1c899e2cc5c239e7c32bb5bc4d230db2f5124f9eb381d52a98d5242728d9da66ed159054853c97cd2ac25f48b426b66ae1c17614cfe312ed32b4b6073337f29171189b24c37c1ec9d110bc127c6a15413f7a17033409d219e834228dc56b151fb11f592215a28fa63e2aec585fd7672291dc74e955627e5c04df06e2fc5b75c61353d5c2ffa331c31fa641c38da39ab866bad1d615625ff62d7387f3bd8bcf9a5288d1e9ee1075714db13f5271502c23b9c1b83aca8c7e78782eebc43fba08f0b3d1a8f3686dc375ed46d1efc7b9dfa371be54d6018630ea94b940e90ba6d216c2d6354b2ed6e2cfea3ad25eb02e3761ba3b4eb73e2e1e0ce466a5363c9a113e05504b67ed2ea9436cd17b3ed0dc562b69d463afeb6ff39484842cf717b6abb470ac5b98cad602320c0e0c3e53a517c761eb7ce0736fe768733679da06a8ff32c62991bfee3ff1ec877206e8d11dcb4a7bd45694a73c1cd1cf80d5aa9f813e048e3386670d385c1e3c5c375fa89c532a0a308f700b6fe33f7c92cec16549a49d64cdeab5248188180ba5415448ef4e93b61eb234233bbe91248e3104c7bb30e69bd4ad5710e23d0f5f672ba1576094ca3c25ca9603cac4652cb457fa6bb9af71437244170aa1c7de13360843a334df9234bedd9df4f48d89cee4f8f10656ef86ddf682bad0e23a7166a1c7868d9d9e1549dc2a550fbe3df157802d1ce19f46f385a566035265262c2d45e9995873155884627a1ac592ec2ef946810bee44d52ca7542c2da86ac7d5fb5724b7cafd707761ff5ac185f1cf00584000c3b4a6718ac4839e5d2326587a8025f3ef226ef793bf15a459d3a3b99be95e4545722ed7b8f3b382aa38c22229c9dce7206c53aedd402cf95cc8775add25e9166e8871baab357582685f126981fa0c4b58f9977b3d259d4b6f616c6ba3efa978e1260d8d47218d932f4ab75f15dd721b5322af36633b07ed97d5cc269b0d74ff24bdb38ff77b2119825f9b044e272d6645ed3a0144b796d13615c1379db23d5c370e9ddf70fa424b28da236ed3f438abf223bb165c18f8d93d4887cbce1fa929320fb47e6afbcb9f9ae27522a982d93df2f0515bec5055c18dd1f3033ae72d82f2c4d525e9623bb0f5564941ea2e873c38267474b3a5a27cef7e377f06aa318e80f2d563eb24a322ca43deab2e500e1b814ea14fdd86779998d26f5aa944e3bd66d350f57efd904261a019d470164d6249611c1fe392dba002af9f20f237579cebdc97a619716469e3a221f6c51a524b1b8693fa48bce2d626869f58c24228a7e34ce3f6b50fd82d17986d2d75a83ee336376ae72418ae919524bc281bdbb7b3977d87843206fd9f07eda5334fa91773d067fbdb3b396f16c2d100f38b11c22485a76ea3b4971d69a1d7ddf150a4caa85271a2cd558c98e43c6374fe6556d947e49ca5f3559bab14217e9c1728b2752bddf7985de1af62c776f069950ecb497cd79ed45906cf1ca78e2a4de9879e11a5e7133460aa301e21985fa2ca3059f02de47454a0733ff1fc619aa86c351ded23ca53a534efc2d5af4d3b25266f29bce25668cb0389dcd94f678f6138a40e90eb699b1d1d083473900eb090db04eb8631fde085bd29e828166f9ce5d455999aea39c0ee4a738c7e8f90adcc926f0a06ac167ba17f668daf305dfdb483ce591354e5972cfea2da1aead69857b63b49b475498f714c393b0c718de43ec2a0fe6a16f1941bc1cb7df8bba5a9cf87e681fce9e016950df04a2087e7a04947c8c96588c60276ea25bb1fd869a12256434cd524dce82b475e86e9628770a8d1b81affdf2f0008498ada75372f9efe48e139fcad350a570d01b53e2cf9aed5afa0607991ad7597f8bfaef05d62ae4b5fbc382989eb95a3babef4182f8c253b9f16c08846e6a02d66307bc3f3024e24c4792722e371daa66369ef70495a693e209ac295aac35de5c04e49fdde8c25bfa14048d95767bbcab6081487fc852c70ed2fb94a8e1f7259c0dcd046d91e4da80aa182dbf55daa255b145c50f866bb371b59053c449149b693c1b0322f3c8ce55ed3f4509895372d27cbbc2d70a835d70523a1ba8d56486328d504613993f1a8f181fca8f319f10e96fc517623281afe6d478c03ffbb46a30f5453b13a0fe36420e37abcaa0884979226278946d147f4010a7719f93613a72ffb9912ca08a91c25b371fb01571dc0acdcbd554b0fc17c7973b0716b84c4ed048e3452c388dddce7efa5e4f0faf65172a0af0899e7d60a6eb37857f90f916bd4ed7bd98e89bbbf971a58c60dccd609107d3a40f5bf3eb71e1225b06e6222affb7ad7afb328f6c1af1914d1603f5b3554617eaa2f2309681d9ec725aa9cbff022c127f9df7d4b0557876a3aa650d04899076cd6cc66caeadfd4b30e27132ae840b01f464c58f42be4cbb5798a032b81087557ffe592d0aa2a26c90af052ab3e6359a0b287dc033757958ca5e07ec4486d313ef3f7a5164ff8eb0d364f4a85854c26feb2da6d4d8920b482830bee1da2018e1e9b675e03133445a5e1d5a8970c5b195c6d717a95cd03e126483c8f25a7744a2d9fe29d8113821ce984e0ee4d0abc4cd11073fcb3b1907b115de2788958469e06eec1cca33e1a440d57313c58019e3aa3481b2b9d980f4177b11d2938f9c44ad30bce6198c31eb455e945394b8b7c4edbeca8cfcb8acfdaf173877d6b5e2e4b35af4665e32b81974a991c967daa1e5598fa509beee7ada4c729fcb1617384c565c606b818c9c9ea9bec0c7c9cfeef3fe090c35393d5f7f9db3bac3dee6ef092d494f6071797c888e98aeb0b3b8f9ff04070c1218202c32515a5c5d6162899cbac0c7cad0e3eeeff90000001523344d"
  },
  "slhdsa128-sd-2024": {
    "signature": "df4e69316af867953426ab105f3e4a0d182c6b429962c84b9c1cd92646b23aa20abfaba0074f41977722cba98174c17b23c6c6ce5dae6fdd3f7aadcf1ab3706f5136c43600f81a72eeb5287d7dcb294fec943297f9df09a8c5d9ffb75bab9d3e1d0c58315480e22ac716d8a9c74f0f90ea3ef65a3575cc1c0dea39a97408687f8a3194f02b3b88c1e1701383dacdaab40135cb2467a82d73ca9a0be6d37736a387a181cf1564a8926f395fc9d3b23b11d07d3d9629886fce7dd66463c10acc670518597ca0215c08d799a442a7c729804a2d0a57ef77748b72c17bcd0612dad9078c8b590b52ef2eb5de63774749b04097d06eeeb828632cf0b961fcb81a343a471bd3c1f6d64836df17f68af75a8ebdb870c3deba8f06e0db5a1d3a6ccc15b568bfdecf6aebe109438dde451cf6481675f92fcff0ae78d49289c5bed509bbd8b88314210393ab037c6dbe18e613e25070f370b31d451dedb09498a70bf0085a2d8fed24e6760d3f12ff075dd5c639306970f5d385193f7482172d646959f12d6759da6046318417260651849ef139070e87d4d319dcc9feb16bab2f18b1f99cc1d449ea8c03d94f846532e985886659cb2c686e1e5c0d05fb2c6e66ed067e48306e35c2a2829eceae50d3de35c6c51d707d47a1e47252080be5d506c1e3ee04d24d7dd6fadd45bd8b61aff3070245c25ea67f3a81b18c0527cceb55f43d11535e20c15bb413b892112a304701c56fb0c8826366d1b38f95497fd92b67eda9757c021a8867bebcbecfbbd8837e9001f0eaa55ff3198b5958ba16d09be0cfcffd18ebaef413791f80093ec0a56e11241c7c0a9b9894d15121964bcf95cb65da491e401aff55b54476e6c7cea0aff8c8f3b08126c75956c921aa61bc69cde81c16a70dbffc2d25c6eb04f2efdf7bf313efdc9326890ca8b5adf862046d06bf962d58ec8cae378793fa8fde9cc012441105b09243966107e9cb9e4f800f52b0bd1b5d995bab499da0fa965313565257553f47b4696bd6c023934d439f809af8dbb33018f0dbb31606c3a142e8f362bafec43727bf3c0f60877cf4aa2f5ab08f471cc9280c3fd12fb12354218340a843ace62e9a96f21a055cbe457209293e8cbb315c980119b65328eca711351b7eecf96661aa02a17815e2b54f6e9c4e8f59545d390cf5530d4540e3782eaed17bd8cc72c41440801d74aefbb4e4f261dcb39233ea8fa6cbd4e16834fea3dfe6fab2b971e2688ff7b992afc7b3766e9a797e75718766eb380c4bb0dcb9408ac8b8c6586b3a9ee00f9c119988c53a8badeefcebc034bb940d9d06dc5b09348d8e109af4af629acbab8eb66586e3134f34f497977e7c2a49450f0cee56a1c276f5f037c7d162c5f7474f8c688f7d1324bb495e6e7c6a57f76067c83c383c1a32dbd41081ffce0c71ff681837894b7f17fb60915398a46e28064801c8d5246a38679d46e0b1f893eac32a6093b3fb4ed76886553fdf8630218d3ba1cb24f2b4d2d32bdf49a1694fe097f34c861f92fe7a987565f010c5222a735d702e65ac41a9cf51a03aadf4dae26d6d2eca500cc47785d0eefd68b114eafda50029952e6596fe282a92aa175d17a93b2487b0c387ec2a9ffd5f2c9b62b47a51db5172500f0392c9a51b1df4ca497d2dd5cbfc8c3c25ab47af23230d6c048b01c2a1fb49f507fd684eb90de887ac7d91127410f983c108092fe7645f9a0a6e1974e76667312ea76f504f56be56a520102faa3754cd82d19b21db95758431ffe70447251becbd377107ff7894b2ddcf3b5e4dae7d7cea43eb09d03e209c12fd82177c85bea85a03f6a11fc07f00e931e2ef99b4d1eabff03fb86ee918f103738a484683d184122717291607b9afaed5fae4c84e51c4931b3a17f91e59dd1072de0db3753bb1d247c3f90932c9fff8d98c83f948932effccff6f0b5377c69a38cb62c8a0e6841a752ab3def1d8b51b25e4efa6630a3bbe560c622dc08808b91c55761fa1d1197eed0a32849198e8cd17a81dfbb5ebdc98ebc73610cd0feb348f7af28dec0c9637f77043099305673aa169affc0616dc583a11d2e989534667e51c822aee32923c0c4567ce649148ec9eca61c6fcb8b3e99806d469d9f5c7a7664416958487a697bbda588f4ee6e6e58440608a9c287bd5e4b3fe4be1c381bf529c555da982f312c3d726a14dd7cd05f745a8e6bf50b17830ff651c692f53465dce8bb17e63493d3544fcc3636b8f730cb35a42ce40479035e690c8670641ba9f1ca544bb05a1f64c5fff23ba5c337e5f25193ac3b652e9cabb04684ac6e6911ca52ddf1251ee85b81531ead061cf3a0a8f0ac58fa3cbf8561056318553ed56703c8826cb174e801cf7d5fd99c3bc06eb5fc8b8645e9efa80cf2fc0200d1be278f27cab408bdc5ca00f94f54c17c7a439f8d9634962e1389622c2de9b632ce66f5c888bc7a9aa17124f925d39d7f9f99f7a2481cfd6a192634a58414c504b78a47587dc6f066999c392e1d4881a33b2ff722cc04c1913882af7b510abfff8fe0f3ffe883041677f416874e554b812314b4a56042446cd5f26e8e6f84653753ac994ff67e018a662f01439305bbbe458729a4821359e299e8022210850e6d80a32d2f141d0009025c42849dee83c6387b84858d072bff530f9871fb81993e2a252ab12398346ae7582a76d04a504dfec19a18761d17165164d69ed4c88ce699c7b5d699b6b2f12b1a586eba9c8de7505e7abc9e72b6fb206087ac5a97d620fe6aeed2caf38ffa1264ec8291cb97857e140da79013782e1f343a6d44c224a453e70a99f65afdad905cb52906c7e5a8b299c6156c31ac06cacef5d5bad292de015f1f98014a53466ef27e028e51af5586f3bf8b1832d662a090640760ee39bd0f4b55ee0b7ea8200d12f022832eba542442fd136afeb68acaaa52ea7499dc90baa41207cc4aef168753670fd9519240a936280f115499b52f0025a2f6b5c937e87521aeb15db10abb1b7f83f883f46b61953ebd4f39b764f858d7fefbeecd8960cc8274bf667258af93905a3e2f1bdfe7b8bb40a87fe5c0757204015ae54173a63795559280742c98a056ae4b00627a732f8d609fa575c16496b323834070df909809c31a37c0b7868eecf37abc150185a72b5e0ed7b1265f72b5a7859d03881e554b9033c230364fad5b7475926dc2207aa3ab81530232ae5df42a302cb2b273492bee668f531a695bbf15322171763acfe2417da0112b359232321d8dbd8eae8b48fa8e286e9ab70453f9ef47411cbffedab45094e61ac7f82970ba575b5953590c5190d53c7171086ed26d0b1fa15352820c96829d297e3e1825f64ccf9a543043442d6bec4774d65ce1a2c2424f47c78ea32ebef25111946c86f45f3d6d346b24ea5b3ee7db4b22861bea10eb76ebc3cdf6aae63dabf59b165c5792db2bf00cc8820e205c8f282462cbe7d25d4c0d66f0ae89714a698b66bc020a362687512801d7b11574ae01004eaa847c789a32eb0769fd5e1e7fa8750794b785a12c95bcb3d0027a3275aa5b49e26de1421e60213e4c314db26ebcb08c3ff9a52bf3af2f3622b735aff2ec0ee72df356272fce38a92ec761d201ce0aa59ad5f2c269cedaf14ebc134d0015050f9891ef5dc8e1cb623e8006dff69617f43979fac7348d21f7d11dd5ed92a72092a71449f2fb5f8c9c52bb75efcf81cf16496a559d32736778ae0ce558d1609183f8370df53ede98a58b375dd2170d9fbee5d7eae7181b739a94a243b2d163af60dec0a0ec33d8496263f895a97e7645e5b7949149c1874313c12c05a2a45448c11c830b6250d165c697cea7ebe5766648d168d9042a8fd786b2bd137ea013bc56e3461e709799a56d9f41844d82f138ede5bec148daaefb3359f58ab45137a5307daf17a983c3d287fff2781cbadc039335812a9718e5c4d7e2e96978dd94ec87fc13a4513bc92ba4e65044847f6dd6cbbe5ad0824a42f0f2a4152e4aa332f52637aae2b56a34657c432ea02cd502a1843f685b00f3abb3c43892a306a7e8192f83a164947b39f5b5627bfcd84cb7e02d3b06255ca03ac6ace5e6811aa1e53e092a3683d9f764bf6913874a17e3d6169bbe1ca001ad1bcc7f9add6f3eade96818085ae5ed093db1b8708116e296637f68190372db97937c67d46831c06ecdf73c50e006c7d1115f8db55c738a348df3255d02a95504bd8f8bc3d0f40f2ab322b1f4dc8abc7ae3e1bb1fd305d288d84ef0a27e548b7b230cc38e15e550e3c6eea974bb6ca164e871e0e8224b6e33ba4bfc9bc3cd13dff59b5325f8fb82f8777cabd9d87ad732973dd743c535963e5bef74dc56f894a0bd520e6ab068cc311a700801172a705409812d17d20b3cb07bfc94a128e26ef1a8a46ed8517bcf740a95993f2015d6390a9dbe64557f5d81e65ca45eee3b0ef36e3c28dde9bb099a4eabc9970c502d5b7e22a2f52ddf46aea302d8ebc5fd1da208a63f3c9dd3fc41b63e4d3c9325323ef6d2cf3f7f284570b64af74833d2a3b5db9f95c98c4b9de174f6e50e9f46f2696167f57d7693d9db55018b921aae630544b5977c338ee4b91d2244ba34706da3e336ffd1727f10f5f0a5aabb618b2eb41482342e2d3124346cbf128a80aacfc74d23e5f6d7641bd6c5b5479746a8748413accd07fb3ccb976b45d8cfdb861478cef7224e4df7b74c3f3b86ce3bbe65b9c054ec60cbcb4b6852f6e088dd1518060b5e3d1c24aba19131fc879da9b452893fb5dfa687d911d42f15c68e63e07b5c8564b48ff5e136b670f1796737828db7a4796341d3118eef5ace25e019a81e2df783fa05da4f1fb013c2d457765ba1aaeb4bb9f3ef699f0aba24f0d7403d3d1a614e8f0c85ce5833b01366a32b16d181e915b04a4e5d9e67253f8d51bcb0c10b2b66be8ff677aea7f246fa840a841d3a5799b0e8a3c68acb29c862ff7822dae3f066fd963d30fd61b5d8c4e1f869478863f27ad49ebfb00e9779d2d749eed0c55c947b417520c7726d1fd0c61989b7792944c293a33d6e6603da5652f5c226ed419d864e4c88afa0d5d84b710f84ce6322550cd64ec69b7bd127b283f371932be0f324b8f1bec41c306952c3d0e7b6f8f4cf442bbf776cded8d915a4979a0b2d4f800e8c92bef9db6e0d324a37f5a01435f4f5a3b7aeffbf495183868bb52314a5a9cdd7c3b08521f5fd9078bfd313929e37027eb0f1f59358405fbfe16fc0fef440f94f0c0183e2ad56551540c62481cdefb9c94b5bf41451e7d62a51a464818d57787125f66f982ff58f169172ee4fc16fc3df1f8e4d7e83878afaf62f804bec1d079035362f24dcda32ff199118dc615b0c9a5d224dc7f92ab13f7346e62068d76dd6df028ebd5e972965a5d9ff2d16c26e80f42c0b7d3e08c3f76e87da2378450f9a591a51f7798cb9d999b8890c818c1747c4d1cccf81cdb6e0d842f1b915e3bad4e6e216c2261ec16f020f481db71cb8f069b1cc832a24b64f486f1b4d8697f8836ed29dbd2c8994609c147afcb939137da1d23347aab7324e62b37783fee600e6df4d087157d5c9c2bc94cace0853f425de48bcc2d61728012435ba6dce1590e0cb6b8fbf5e878d9b636aa86af75dfc75b133b793216183bb3aa0c1e08ef05d01af4886d264c6f51c2b7c69008668eafa44bcd8a100301af1e5786623c741c867d127c727900f12cbd9fa5bf7f3ad84c615024d10426b3356fa82ffa2d976679bef387334970028d94d60d540fd05514f6027f593026278540a6b265ab0a5ff8774897526f4c1d28a9a6842f72c947084e0ca44d81caa489b33011fe6c54d618a36ddbf3fbc19329ec3862b62b1bef37bc6d66b2924ee49e81ee04e3bf2237f845a0bc2c5299137ed6f8cf598ce0c3ab8c0cf420e6d8b1e87890efb985399cdfc16f788047c37acb7548b6c3bf763bb5b5feb519bd2d51c668849c878c057a39e0f1daaa865283fc758c3e9da0864ad4cb05ec28759cd0a51ee34ed94c5cf79f1cf4516d0e4ec1f2a1029e6e23c6eb626d2c66c53e136a19b671386d2df06ea13225c4f017df3eb5a436b1c6dee0e7dad6be4dd758b047f2953b61354d213b21d4e247f8511b4d43f84b7c2bd8fb33c0d881c89e3e5e7c94b761cb75c190ce66e6934ccb0b9527bba29e0ab8d1a42644a5d03ab000aa2854b3464f3f07d2287095f2e71b92f666745a6e92ceed779e4e0637a97d2e6fc900f30587ef7abbe65430524b72dd0b79bc6d076ba289565fd91231efe979b488768c516396b9b7a515731b2b88f391a8f828c0d5189d7df99d407d5a7ed214fa0570322c3d15ccf6bfe7cd8b02d91502865ca97d2d7d14380a4e6f34eae3f076510a54f437902a4e9d42a2308d112a4a4a15ade98b12e11384281425466acdba0374c76a435906dea9193809d99ae11544759ecfe0ee63272c17f4565974320d8d88697c64fd73c325ca2c8600e24a62605aaa89f7a7b016f08f6ef7e94e48b3240da70a34b819d11f5e55d4cc0e99f8423e48bae16a7f8b55fe65bc55952cfd9021dbf420e310c668a20d3c9ffd165c64558f71adce370120aaa7479ed65ab0da94be06947457a217d0602ea10e39e0f3c972e8b289536d48bad5d372a8c4526c731c348dc845dc32bc8794a1297939d347d0884404dd37c067cd92a7cdf902b861e978a22cb35e1ba1859a55b6d86dbbdd4ef673ec2c8662ee0025f3a890dc1da52c99c3cc784180664f2d1c82e54e1b6ea2c5e74af2f8ffb9c08c8213df1a51c1ffbce1ff67a88f82ee95891fe87678456acf08b707d2e73b2726e8ac0e76f21772364da7846131b92bdfd64119090f3b5bd6f4f025ca9aa61a3de2a319db20659b38a202d644c58d3422bfeab13db10627177c8cc7c30b47fc2494430cdfe83eb4443a642e2ecee3913c179672777d2e2a47c733a57849f5ca1f47fc81dea1028a7d22d7f53b8b4421ecaf4bf28159ee05152512a5f2d78418f20d4a8355ada7ba9f14e259033aa20a2811aad8e6d179b3eaa5fd3192197da60501925d417d1c987b3b517dfb3a9f021f1055c2025ba49eb88289c85f9f0436e3f8b7d7da69c044a114738f9a4de76e56ca99cff2cb6703506db40f03369a8516f97b17e805b2c56278e3b3452179a6c13e2cb5a28e6f0614ea230442cd1a803f7a2e37625b9f4728dc35c9204fd4d3d045f7a3c33f63c7334948c55e0ae8e32713040aba05dbfd81a7001c17c7e6d1a4aa48b251b32bd632ad1e1240e7a4bdcc465e985124034d8b11d3c1d838e64ee70f4ace5a34b7428c20b9ccb7830367655ed1c82cae8008c28b8d3102b9567c01b0ceca4d00db2b3592d43733d3a6a057c3ae21c63d2df918773b92413abeabed111e037a32577543c0a6f59c6f1dfedfa8fcfb579f7e4f7f92c284d7bb642202433d97b9f40def893f050a52ad8e963ef4575ca43391d0e951efa24a84bf84836fb37df65889a304e40e370a307e39ca865817472f8f70d3c4508dd7ff5b3b68bbda76469affef3219cafa3ed7ff11518109a6fa52fc2cd0db86ade3e2950e5772a5da895c1ad06f7a92e180c1e1c5ff3270e2e202c36197d06f6d1086cc388bbf66dd3a4bfc371b894c4253664f4d66bd0abb4b5e05ab65aa4c6443c4e403b878ed8228866d86c99b904eb693d57b99897e14de3923e68654ce81e0b1e64f55a5fd5f9fc1fe029f23480f5d03b900e475ebca182d9ab22220cd93a17d94f6b08dee534963a20876b43f37d965776e71afbce5c7451b4ffd324163e0177ea8a6fc435b692fbf38313473460a9603e462a8c30914ccb93c390ca424e50f2eabcd2d064dd5671ed69d8ad36f712abcb8119a08591a9289ed232eb08c8e48fa3184cb5bfdfe328b461a8d97aca4a35e3da0e314b43e6ee485ee7d223412c17be92c0257868150030393d2a181e68578a719333ed05cb6199ffc74bac9613d4613f1b9b893ddad26c23bdef6d87b9f87ce1bbac73b5ab0a5e443ce8c93658f1572ad8f4b5b9e367a24b0fec9f1747698f2720a7beccfa67b8f6f928c705eaaa3b6c2c038654bf00744cc96bd08f9a04e576062307e036b0d0250d87fab1ec826847fd65547086b897829c2ff8eac9ba872ad5d0bcd0bf0f6e10a347542aa175e92aee8212df63d575a811288c55db459c3b12a717adc3c1fda5d878e98ab6de98572e3a6b3394a9cf3ae235d50dc6ee3f019bb70157eb966ced4ef0477ac3ea3bccbf8806f51442804e7296f1118ea6f01c56ed97096f9fd5e2392a95f0a6d761d5f14ada3a552b50e34388997f87089ca06fb16e06134d5312ae5f463f377a6c171b8ff20b413a78292df5935eb561bc3bfc5ddbf84a79ef188db45a4bced33d2132ce1bdb4fa72bd6a67f646a563679172171690a039415571468817e0bcf8700f3a0bbd563790d50353d7c3d53aef36eae8c0adc4f0a4ae54e45359219ab6be8fdfe5524d5d349ac30df9c5d22bb5868de1dc0b3c24ace4e02d8b845e8184b70072742f9971f43cc9bd4e95325f9b5fde82bae6d7451965169d4f5307386d74d5f05b391f52c961d9f275dc8b64bd24cb5c4313f215d592776cf6b53b5025a699eaa1708c5dd427e6d90241acc8a2be412bf5828209acd1f173c844f7f66d75566301c748401aa265d77eb1b27151fbcf17c6ef8d9f667397e197b610664b8f9db4a2f875f622868faf53358d19238c167845b0a653cf26089a4972056e40f8debe16f0cd8591c1aff7f3b4cd1499df9247ecaf901ae34e0e03b19e5c7b8d9e1fbea793c7ef26b6f1192a3cddd94e6503d898bab90ab372b19b27b96a9ed8cbcdb703bb68c2db70f5b2cb09f787f02cb1130b12940c548e3444c7b5e76fdb7e2a8b10c08340b52302fcbb81b0dcf5dd4f66330cd58a8321a7b236354ce450e0fa9b27c79cae75dc399d36a0fe6fa9d7b6541600ac9ce4f6a8d51f044d2c16c2461dafef36c79df2152499a6041d49f976329b4ed28e6672743695b725c19fb70c16e04eacb4759833955873ffcd739814cfbb7fa276f865377c92813ab723eabe6a62848324c614d3f003ed301b2e90a2628d2f532f94be8726ecd6c1d4b77022b6593158a94955e36772fb50e32fc1d27cb95d6f1b9413336d067a980ff24e1d845c9d9bc5071bc392bbab4f5bee84e5a4afd981e3f95ec1cbe2d66cef30952726269e763a702c35310fba2d8dab181dd9be1e6b817e50d61b5d0273f6e1111dfe6d0d5eb13ab3776eefaa688e6fb8dcfc5820bfbc6808f12b7a121e14efb4d6761fbae524298b1402fa8ea47e4b5879262f3328e6c6bc797853f38fa9897647b12eda9c97b5f9efc370a1a0d55405e31e39a82a8cef9940787a621d3675b305dfde1d83de8840e28efbce61d8a9eb68d37471a59ea3984082dc9b02ad9fd5017b021be9d3743c414f5e2d886158af80a18888655605a48af2d133f7f4bcf0f0914205f01a05ab42f0794a5014fb3241505336e88f5d36dbae0f239654960d5b91ddebbb12c6631de1ee0750c7c08f4fb53de45c5695b8c223fb6252f22cb91058fb7313ce3c38e4b7c764c7e322b4de929bde6d4750faaf949760a06dd40a8bdb3d1b6b61d8d8c46c662c9c1b4f3f5843cf22b4d8f37a0647fc078c13b8c9b3071bba5643df0c907c7b33d3cbab5d437bedda04423908f79a92e7fd44ecc5ed81e3f9487ce290bbf07635ce41e9d90ce60295e7af696ebab42e550c5c09c1b756266fb24864f15f92befb460b7bc055da6a69c624c7fb8d7e3c7e6b0a69a3eefaec5b49207561c8f32d6567ab075a01da45b9eb4a1df9cd2dc94ffb56939498a6d3d5e7421f0114f499c47bbd67838c3dfb109d78796c4e34b91bb5c81859672601d2c7dcc2aed2302d88719349bec2a88374e20b7477976f7ef2100d999a992962d79bc8a84b453f50b82882a39e7c48084bee495f5e976a0ead1bc9f44b4a0c6e3497121624a1e04e610c24c0fb45d783484b18fe0e3369951b2f12252d575c98ca39337664c277be8b05269cc11532640f53f61467fb218692b00cefda64e8ca8ab56e6dd0aeec76a1f0181700174386e6404a0680b587e8621b6344c1b9872600ffb543b8ed8aa724e23c4d4c4873d1ce238a49b27d66a6b083199ec8b321532f707010775f0084505bc29acae3e95a92a31a925a9849f0d0f719e90faeb3cd15ac5cf44a8e316b6f639683420df1221df391b6ca3176a24141c3f5e7666136b95ab39a50f481ba9f908dd35d37c0998e554484e986b109919ea6d4d480e57ca1602dc0c8d57e185217734b2b39e7b47ac58fd400f04220a28dff7ecfc2403df71ba63b72dc38da687c2bde10895cfc59efbc0ba18f7a65c073f89d0d0f07e0f85b57ddb5d0b6585dfb661dfbb2c8ebf0ef3aa2e0b99da46c54b4e1c2e8de508bfbacc16f888188b2d37b2f37f72f9939d192833cbc85befac0d66af58e1608c21c3e6270129f3c29a53e4b4491baa928d703507e081f419366bc53e961f7c06b9775c988406cf34f6fa9b636272e8b619c30ef9f8173c3769deb18714db38a66e3e9ec34a8c0933e26ad90089e74b89a1c8f555de6233da8fe4500f2dfd598f04970a5f34688d8597b5d17556e9c55f649ae833b7460cf4d8566a65a3a008dd152f6b8007935d8e1e95888f8b81c9ce2033ab46a991e0b3a8e92a32e82a3748565e1255dc17796d04758c5c9a9ed2b57b61386466209929520539324c805158bfa2dca15da1a72de2218ba05c5f469d175f0bdf9ef37634ad4eedf18657db9bc3dbc49118d3c12347e88bab6a406ffce38706ee39b5b14c2d65f13356e7a01fcebdab1dae06adc057f9a599e989ea16b59e2c5c6088f761d3198bb8ec143698e8cb8519a40a532b7b8da6135463b775b79104c1c3ae8e0d779e42334727e9ec7a182ebab2f3392da23bcf11a04796f4657251683967a28e9211a0d43ce26c4d939e67a06b1987a967a1bd5c56d378d2d92ae457556cd22a2ca4eb3884e7ab3c4ee0016340c2fbf75c56de56a492d2174bb25898f4360135932adb946c8b31d9565d480dc7707a0511c5970cd8319d57184b074d940fae71ce351957759cbd901e98b59a8233c58596135b80d848383e6349d577127"
  },
  "falcon512-sd-2024": {
    "signature": "39392b85ca8160449f5e669614c0a94abcd7d6eac87db7dcaa9cf61187a22ae43aec57adec6e747b9d1ef46f11b8821240d0733ebb35c587e9a72e18934a40fdeb2add784ca27d7a9900c80ac4e55ad67f982c4ca765bc9fda237acdf66cf76d0ca1b28653fc5225f091a05bb4f136224d6f2f155ef922b40dd42742a3239edabb611362128ac2d68ab399efe53baae4c695024b92ae9d0ed52f0e460a69169435b345ef72c716bf3c7adbdecdfab89fd9aa54c72bf7b8cd36fdc30b3ce138b47290750a7cd4e90817ed039446f09ead3a236eec953e9631d1c6716caf1415008d94c9c2d7134b6dab052185aa44a8e6e5a76658add4e5206053bd3a2e533db88622492c70ebac7ee7306c0c8cfe61e278f068061fc78a63ed92a451ee551fe40dbb765052498d62bad6291ab6c1a98f35dd48c834691a3d39e8984d0353608d42d0e8c322dc747ee8f13653a9d46f0b06b445dea6f3a9f76ce64fee76a33594e91b7f8c5143afbaf7c58bd313366b8a1d3c83ffad9aa4bbaf94bee9b0e88da5b0b5b9436a833c50387c75b073dd58c90b6fb06905c733b0ac94f6873ad4b911ce664b72861ff20e4869ec78b0fadfa429c0851ae34d913accc50e9fa458dd3c146e7a275546ade2cd66f0bced09b3e51214eb9fd647aa4dab37fdd87d079fc31d1c2c1b6c76b3e58e40fd2b16b3bde382100cb28b20d76337642d41479edb0c7d43bd2a44f5be2c66d0433af5e35360d6bc1bd58996e8d3ec8bb60b96e75c7c7ff78e64f1ddccc7cb082a4d239ee167f89e0ab3284056bcf355e68c2593395111531c67b339cf2bafbef9f5c93b2b4c1f2701392ef33cd01e02004ac81a2ca724392a9744df27a92d16af367ad828a400d9fc5967661ab9546a0449f52ff9482ef56bcf0d0203926bee9e7962a95dc99e840000000000000000"
  }
}

The final ouput, i,e, the signed derived document, from 3.7.5 Add Derived Proof Selective Disclosure for each of our example cryptosuites is shown below.

Example 41: mldsa44-sd-2024 Derived 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "birthCountry": "Bahamas"
  },
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "mldsa44-sd-2024",
    "created": "2026-04-15T23:36:38Z",
    "verificationMethod": "did:key:ukCRKDtY8Do_dXzYGyuX7BY-1dDYM4FuSiw0gFdO-eJXFH0eqlt4_CP4sEISGAzNlKDzLpUJWoInRywXOpd7FCp_QAJAlL7iRo4cepKhzhlq8xt6qd5jkhYF9tNH8z3RGDl9aunNy_06fWLYNScWd5RmGg46Po8T-kIjMMkJftaqqZcGDxktpu9Et2bnaZMx4K98YyG1urUpM9lgvldgg2qv-6XCrm2uXlJ9U-HN4xtQKn4Ug-5xPwbhPGR2pbcBScTFotkhBqLc2eQLL6zPutWF83sSZbOhD_11BjMkeiLyJbMeHCIhz5GDIbPksEFIaSho3MdFo5fpQ8QZoqCit3Jn4ddfuShfIoLU1Hw5EZ0xBiqOU7e-TINd7-7HsgHLmYMGnpqljm1ot3c3cfalYsg87WQuSscO7XNH3Ewa-cgU6Bnj1SGn0plTy6Yq-GxU8XUBPwsK_IoIJbXWC0UD97c9UYpNiZi0-ECnbB-Y5_SM8auMfoIeap_buAOdXlJZmcp8xNCXI59AN9-96Sdhks5L-JmsELzyjAgjqNx8Zt3KPFc2jSwNjDVC1fEa8FdDdDT3WNkF6KTt65lb5_aIkFh20nOvT7kIJcKTgmhRGNJZgGSPYVbMypaQoaac8dtEoQjvYgnO-rM_RcsiWMHNc29br3o5wdiLXdr63MoX1lEWu_THBfeP1JuxrSbUmHOByepWbubbSM4iVQITCxBHZT0Mj2bWwIxd3nZUajzebyEnsfitV01kpzlO7bzY2uxSzyplTkRfppc_7YH0y0PHaggw0cIXNSh73wVqNZmzmJx5W0_akrvy5oSz9ZB1Io2p_fTxzibefwO700bUqbElV_yuCjD7EJ_Hfqbog80y_g9TK6koX7wYwqFNQxBVavKC-HbcT7yPdvzs9hlC2MNWCT3W7gVgeYr4AFgbV9EgMcH0GtJDKYw8vkpB_vTsaSTGZAj3TNKalAwiGO50VAmF5tknF96kOrWmNL0MdkXhnm1vXgDpP68bMt4r2Qr-hNdJ4s3_nqmSDYTnZRA4qjXjrgKQfO19txt0tX7LifE1GZ1bQyS7NqHWXyMEhw6_F8pc_tS16VhvJO_FM7CX51mLLkLCGl7DsmbnEIsVUW9qlCxb6bj53UyijTYdu6uLZW9JISE2B4EevxzwDu9UGcJPHmJYi1rRQAP__jH97GiQC8FvkdAEfKqcwV9jAbBPQPG6lUkBLcoijgR3Bcwd-ta92oeZmcpoJ97PzzBbCL-NrppJ2HHQ1SMsYWoPveZTmZc66YBA0P9YfT4hZ0RQiP2gxB4snTvMFI0Ot6Q2nQ0p5DMxmWqIaCKW53rqn16AVXQeqC2TJjlbjA9sC6pr8GEGY2OQUgEmWu5GmnOSz1lNY7fNHJypChnieI_hyYiy06qouUpoHA5z_IUtfzZoMIG0yJiGUUpF9BJvYChDECCqaUM1kWnO5tKcohSKq5Hqwu_EWDRYF2tj7igSimZkS4Pts41tu8nIaVk5EkzAX9gCR2EX3Lk869mIxSyBS3MyG_NotPcbm6uXDn_YkV5Z0HkxUxYRA9hIG-UhKhK3VOaHZP8GcQN8noOMa2CnPd208X6HOzlIlxs7SRbzppUs_fHN1eROglNy-2oJWGmo-xOy0Qd44TtY0S_bYhu6iH6inrx3-yncSrWFxEiYosvYJD4ZBSyrV4d6UsfeNSHYS0ODTsdPqz4SYTeloZbIx8XWz7fxLXlNyLr3s9tp-Q25f1vTIrmQL",
    "proofPurpose": "assertionMethod",
    "proofValue": "u2V0RhlkJdPzfddikiWYcJp2E4Mf9yVI5afaVi29O4fJ7iMvgWERWnQxchHymZhH55kDlH6ViMco7NCwusfg0NrRdhvEk6x-VM7bBl6Vc0eNY_3dFcXVYIl5mltdfkgQX9pHwJgGFF6gfnPSv6A3b0IgA1W5IBFHGRfWQQI860FUuickcypHDCiaXIIQUlaImVBYP-vCffEMjXmpZZHB_5-aSIS_Q54Ysq8tKX_blmiHUzMYk1CFHFRNZdnW3JLFQ8fk5gayucogE8cKNhjMe2_X9xHy90Mso0z5xmgc9iv0M0WUbVc9PGuY6g4rbxtRPf4BLkv56Ve_qrdw3jjss3tZmTmyeaSa6g7WU-0kCbXEtunczc05pJ6pmCD0Z-ElA_ZJkyUhmQLAoJbO5Rr2o4B1A8CrnO55v7ISfEbDL6U0_KWhM5_7W0AFafvntZhK_DLNSX2-OVP-Ndutkl5B8hXFOOdW3VM6YGo9D-wk2uUVvgKuPVGfzEX8xdKepYjlV1PoZO-kf-d3Fd6jRyJnizFwjnnwyu1vE0jDbL1Ek-es4HVKpjVJCco2dpm7RWQVIU8l80qwl9ItCa2auHBdhTP4xLtMrS2BzM38pFxGJskw3weydEQvBJ8ahVBP3oXAzQJ0hnoNCKNxWsVH7EfWSIVoo-mPirsWF_XZyKR3HTpVWJ-XATfBuL8W3XGE1PVwv-jMcMfpkHDjaOauGa60dYVYl_2LXOH872Lz5pSiNHp7hB1cU2xP1JxUCwjucG4OsqMfnh4LuvEP7oI8LPRqPNobcN17UbR78e536NxvlTWAYYw6pS5QOkLptIWwtY1Sy7W4s_qOtJesC43Ybo7Trc-Lh4M5GalNjyaET4FUEtn7S6pQ2zRez7Q3FYradRjr-tv85SEhCz3F7artHCsW5jK1gIyDA4MPlOlF8dh63zgc2_naHM2edoGqP8yximRv-4_8eyHcgbo0R3LSnvUVpSnPBzRz4DVqp-BPgSOM4ZnDThcHjxcN1-onFMqCjCPcAtv4z98ks7BZUmknWTN6rUkgYgYC6VBVEjvTpO2HrI0Izu-kSSOMQTHuzDmm9StVxDiPQ9fZyuhV2CUyjwlypYDysRlLLRX-mu5r3FDckQXCqHH3hM2CEOjNN-SNL7dnfT0jYnO5PjxBlbvht32grrQ4jpxZqHHho2dnhVJ3CpVD7498VeALRzhn0bzhaVmA1JlJiwtRemZWHMVWIRiehrFkuwu-UaBC-5E1SynVCwtqGrH1ftXJLfK_XB3Yf9awYXxzwBYQADDtKZxisSDnl0jJlh6gCXz7yJu95O_FaRZ06O5m-leRUVyLte487OCqjjCIinJ3OcgbFOu3UAs-VzId1rdJekWbohxuqs1dYJoXxJpgfoMS1j5l3s9JZ1Lb2Fsa6PvqXjhJg2NRyGNky9Kt18V3XIbUyKvNmM7B-2X1cwmmw10_yS9s4_3eyEZgl-bBE4nLWZF7ToBRLeW0TYVwTedsj1cNw6d33D6Qkso2iNu0_Q4q_IjuxZcGPjZPUiHy84fqSkyD7R-avvLn5ridSKpgtk98vBRW-xQVcGN0fMDOuctgvLE1SXpYjuw9VZJQeouhzw4JnR0s6WifO9-N38GqjGOgPLVY-skoyLKQ96rLlAOG4FOoU_dhneZmNJvWqlE471m01D1fv2QQmGgGdRwFk1iSWEcH-OS26ACr58g8jdXnOvcl6YZcWRp46Ih9sUaUksbhpP6SLzi1iaGn1jCQiin40zj9rUP2C0XmG0tdag-4zY3auckGK6RlSS8KBvbt7OXfYeEMgb9nwftpTNPqRdz0Gf72zs5bxbC0QDzixHCJIWnbqO0lx1podfd8VCkyqhScaLNVYyY5DxjdP5lVtlH5Jyl81WbqxQhfpwXKLJ1K933mF3hr2LHdvBplQ7LSXzXntRZBs8cp44qTemHnhGl5xM0YKowHiGYX6LKMFnwLeR0VKBzP_H8YZqobDUd7SPKU6U078LVr007JSZvKbziVmjLA4nc2U9nj2E4pA6Q62mbHR0INHOQDrCQ2wTrhjH94IW9KegoFm-c5dRVmZrqOcDuSnOMfo-QrcySbwoGrBZ7oX9mja8wXf20g85ZE1Tllyz-otoa6taYV7Y7SbR1SY9xTDk7DHGN5D7CoP5qFvGUG8HLffi7panPh-aB_OngFpUN8Eogh-egSUfIyWWIxgJ26iW7H9hpoSJWQ0zVJNzoK0dehulih3Co0bga_98vAAhJitp1Ny-e_kjhOfytNQpXDQG1Piz5rtWvoGB5ka11l_i_rvBdYq5LX7w4KYnrlaO6vvQYL4wlO58WwIhG5qAtZjB7w_MCTiTEeSci43HapmNp73BJWmk-IJrClarDXeXATkn93owlv6FASNlXZ7vKtggUh_yFLHDtL7lKjh9yWcDc0EbZHk2oCqGC2_VdqiVbFFxQ-Ga7NxtZBTxEkUm2k8GwMi88jOVe0_RQmJU3LSfLvC1wqDXXBSOhuo1WSGMo1QRhOZPxqPGB_KjzGfEOlvxRdiMoGv5tR4wD_7tGow9UU7E6D-NkION6vKoIhJeSJieJRtFH9AEKdxn5NhOnL_uZEsoIqRwls3H7AVcdwKzcvVVLD8F8eXOwcWuExO0EjjRSw4jd3OfvpeTw-vZRcqCvCJnn1gpus3hX-Q-Ra9Tte9mOibu_lxpYxg3M1gkQfTpA9b8-tx4SJbBuYiKv-3rXr7Mo9sGvGRTRYD9bNVRhfqovIwloHZ7HJaqcv_AiwSf5331LBVeHajqmUNBImQds1sxmyurf1LMOJxMq6ECwH0ZMWPQr5Mu1eYoDK4EIdVf_5ZLQqiomyQrwUqs-Y1mgsofcAzdXlYyl4H7ESG0xPvP3pRZP-OsNNk9KhYVMJv6y2m1NiSC0goML7h2iAY4em2deAxM0RaXh1aiXDFsZXG1xepXNA-EmSDyPJad0Si2f4p2BE4Ic6YTg7k0KvEzREHP8s7GQexFd4niJWEaeBu7BzKM-GkQNVzE8WAGeOqNIGyudmA9Bd7EdKTj5xErTC85hmMMetFXpRTlLi3xO2-yoz8uKz9rxc4d9a14uSzWvRmXjK4GXSpkcln2qHlWY-lCb7uetpMcp_LFhc4TFZcYGuBjJyeqb7Ax8nP7vP-CQw1OT1ff52zusPe5u8JLUlPYHF5fIiOmK6ws7j5_wQHDBIYICwyUVpcXWFiiZy6wMfK0OPu7_kAAAAVIzRNlFCPErGECzT93S-v7rCun1IjUC0xhUpjMypbK5j1hf0rGB5QWcga0AT5vIxPMYiGNmDtVFAVHCCIJ11h5NMGDqxRud_aUHl57h7JFE3BwCNRNaODkjdQbnozMvr86RVB449NmBl1llCmtSksRyCh-mOQj8l7id2KUNQ3op5F1_jnkR4KEguRZ2RQTU87WZcS1zoeTSyMwldr2FAucBdZEHxwuNj9yPSO8BulUFnZsTbhI5zW5POoaRdxCAtQ6B3doH32WwGLhTvS4S4zdFCuuxTneDcgjsGYPdw_N5eEUGeptYonqb8NwuCtlNbdjGZQSzamt5cCwabDvyIkQu9cQFABOszeRm3AD9-mdq-yFWx-UCYRGyUT-WnmGIu-1kGwYFFQuhffVXhKllPXe3-aeljODlAsqxB2KMVNst0oGYQyNZTYUBxaieb0kp5OzrLfPOfI80OUWCDdKcYfda_RPeChgOdmLzwhNvpMt8fyZm0ALazVf_0sPFggPwrpt5w1PPKj6K6qhv_IpApy6yf7p20JtOy6WNGor7BYIBI63VlIdxiqCjD27hBSV0byRNAJlEcpkTfde6_pSwslWCDw_N5Dr1eaE3_pFkAo5Iw6Rtw6tmAYd9cQ511CYrLVplggmRoc0pj-evXDVD1zK7qoiVtev6WpmdMH6qxVY76O26RYIMxpvhI3rF3SRsDOhPuY6kyBlPptr-cjW32c4mh3uoaGWCATRBQbvIdbP0HsuIaXnd-CYEXgizzW1gqUSleyBO0lQ1ggY5cc57pVfGxJD8Zm9GTB-4UC5-slq6nOv6glUKjN3T5YIONyUVbKwwtDq0Dj-aue__yQP0-D89VXSdLkaIYV2nVgWCBQHKGjibBQGgisVJ0XkwA2eAvdJ8tU118Rj7akzp1H3FggbBw5bYPsvshlaFVdyFTNv2Yc3vnDCP9gXbLiqKr3_LlYIDICYvzc1dJXlM4nKUaLvHgFWwF9fCzo8KN99rYo_u6mWCBu3mRZoVpWuqWpGfphhVo2wEqiGFblNGle-r7jrgCIxVggK3mKkXgWYwtx9kINYxLG9dx0tnfeHZBPbrnGD5-kp6NYID8AZeIlWDNK8qXclTnSyL-O2HW9XgjzGHNLxhaenESvWCAUya2oWomYpiRJ0KiB6dRvpx2vv1WNU-WSfRRAF39N9FggjXdfhcNs7ThqmR2F1kJ5EtjRJDAFXgBTVsz2t6_cV7lYIC4H6Xy70kTVUBmtPvd-Z0g4LiWJfSTHq74yQ2PgX4stWCBtb9H9MQCbIBGtvrzVECGyE2e2_Wc_rKJoXA2YWE5rB1ggrpQic3CC46oRJC0Fvbf5WS1tNz_sUyjWRAIyJGzEPBKiAFgg3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHgBWCDhgg5mfUwcRLVngiPaFZkbdHh0RgGqDl8dPIMS9iELf4QABAUHhgABCA0ODw"
  }
}
Example 42: slhdsa128-sd-2024 Derived 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "birthCountry": "Bahamas"
  },
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "slhdsa128-sd-2024",
    "created": "2026-04-15T23:36:38Z",
    "verificationMethod": "did:key:uoCRINKVf8moX85R6JlvEIQk6Yp0uhjOB-Pn21k9wfPLpWw",
    "proofPurpose": "assertionMethod",
    "proofValue": "u2V0RhlkesN9OaTFq-GeVNCarEF8-Sg0YLGtCmWLIS5wc2SZGsjqiCr-roAdPQZd3IsupgXTBeyPGxs5drm_dP3qtzxqzcG9RNsQ2APgacu61KH19yylP7JQyl_nfCajF2f-3W6udPh0MWDFUgOIqxxbYqcdPD5DqPvZaNXXMHA3qOal0CGh_ijGU8Cs7iMHhcBOD2s2qtAE1yyRnqC1zypoL5tN3NqOHoYHPFWSokm85X8nTsjsR0H09limIb8591mRjwQrMZwUYWXygIVwI15mkQqfHKYBKLQpX73d0i3LBe80GEtrZB4yLWQtS7y613mN3R0mwQJfQbu64KGMs8Llh_LgaNDpHG9PB9tZINt8X9or3Wo69uHDD3rqPBuDbWh06bMwVtWi_3s9q6-EJQ43eRRz2SBZ1-S_P8K541JKJxb7VCbvYuIMUIQOTqwN8bb4Y5hPiUHDzcLMdRR3tsJSYpwvwCFotj-0k5nYNPxL_B13VxjkwaXD104UZP3SCFy1kaVnxLWdZ2mBGMYQXJgZRhJ7xOQcOh9TTGdzJ_rFrqy8YsfmcwdRJ6owD2U-EZTLphYhmWcssaG4eXA0F-yxuZu0GfkgwbjXCooKezq5Q0941xsUdcH1HoeRyUggL5dUGwePuBNJNfdb63UW9i2Gv8wcCRcJepn86gbGMBSfM61X0PRFTXiDBW7QTuJIRKjBHAcVvsMiCY2bRs4-VSX_ZK2ftqXV8AhqIZ768vs-72IN-kAHw6qVf8xmLWVi6FtCb4M_P_RjrrvQTeR-ACT7ApW4RJBx8CpuYlNFRIZZLz5XLZdpJHkAa_1W1RHbmx86gr_jI87CBJsdZVskhqmG8ac3oHBanDb_8LSXG6wTy79978xPv3JMmiQyota34YgRtBr-WLVjsjK43h5P6j96cwBJEEQWwkkOWYQfpy55PgA9SsL0bXZlbq0mdoPqWUxNWUldVP0e0aWvWwCOTTUOfgJr427MwGPDbsxYGw6FC6PNiuv7ENye_PA9gh3z0qi9asI9HHMkoDD_RL7EjVCGDQKhDrOYumpbyGgVcvkVyCSk-jLsxXJgBGbZTKOynETUbfuz5ZmGqAqF4FeK1T26cTo9ZVF05DPVTDUVA43gurtF72MxyxBRAgB10rvu05PJh3LOSM-qPpsvU4Wg0_qPf5vqyuXHiaI_3uZKvx7N2bpp5fnVxh2brOAxLsNy5QIrIuMZYazqe4A-cEZmIxTqLre7868A0u5QNnQbcWwk0jY4QmvSvYprLq462ZYbjE0809JeXfnwqSUUPDO5WocJ29fA3x9FixfdHT4xoj30TJLtJXm58alf3YGfIPDg8GjLb1BCB_84Mcf9oGDeJS38X-2CRU5ikbigGSAHI1SRqOGedRuCx-JPqwypgk7P7TtdohlU_34YwIY07ocsk8rTS0yvfSaFpT-CX80yGH5L-eph1ZfAQxSIqc11wLmWsQanPUaA6rfTa4m1tLspQDMR3hdDu_WixFOr9pQAplS5llv4oKpKqF10XqTskh7DDh-wqn_1fLJtitHpR21FyUA8DksmlGx30ykl9LdXL_Iw8JatHryMjDWwEiwHCoftJ9Qf9aE65DeiHrH2REnQQ-YPBCAkv52RfmgpuGXTnZmcxLqdvUE9WvlalIBAvqjdUzYLRmyHblXWEMf_nBEclG-y9N3EH_3iUst3PO15Nrn186kPrCdA-IJwS_YIXfIW-qFoD9qEfwH8A6THi75m00eq_8D-4bukY8QNzikhGg9GEEicXKRYHua-u1frkyE5RxJMbOhf5HlndEHLeDbN1O7HSR8P5CTLJ__jZjIP5SJMu_8z_bwtTd8aaOMtiyKDmhBp1KrPe8di1GyXk76ZjCju-VgxiLcCICLkcVXYfodEZfu0KMoSRmOjNF6gd-7Xr3JjrxzYQzQ_rNI968o3sDJY393BDCZMFZzqhaa_8BhbcWDoR0umJU0Zn5RyCKu4ykjwMRWfOZJFI7J7KYcb8uLPpmAbUadn1x6dmRBaVhIeml7vaWI9O5ublhEBgipwoe9Xks_5L4cOBv1KcVV2pgvMSw9cmoU3XzQX3Rajmv1CxeDD_ZRxpL1NGXc6LsX5jST01RPzDY2uPcwyzWkLOQEeQNeaQyGcGQbqfHKVEuwWh9kxf_yO6XDN-XyUZOsO2UunKuwRoSsbmkRylLd8SUe6FuBUx6tBhzzoKjwrFj6PL-FYQVjGFU-1WcDyIJssXToAc99X9mcO8ButfyLhkXp76gM8vwCANG-J48nyrQIvcXKAPlPVMF8ekOfjZY0li4TiWIsLem2Ms5m9ciIvHqaoXEk-SXTnX-fmfeiSBz9ahkmNKWEFMUEt4pHWH3G8GaZnDkuHUiBozsv9yLMBMGROIKve1EKv_-P4PP_6IMEFnf0FodOVUuBIxS0pWBCRGzV8m6Ob4RlN1OsmU_2fgGKZi8BQ5MFu75FhymkghNZ4pnoAiIQhQ5tgKMtLxQdAAkCXEKEne6Dxjh7hIWNByv_Uw-YcfuBmT4qJSqxI5g0audYKnbQSlBN_sGaGHYdFxZRZNae1MiM5pnHtdaZtrLxKxpYbrqcjedQXnq8nnK2-yBgh6xal9Yg_mru0srzj_oSZOyCkcuXhX4UDaeQE3guHzQ6bUTCJKRT5wqZ9lr9rZBctSkGx-WospnGFWwxrAbKzvXVutKS3gFfH5gBSlNGbvJ-Ao5Rr1WG87-LGDLWYqCQZAdg7jm9D0tV7gt-qCANEvAigy66VCRC_RNq_raKyqpS6nSZ3JC6pBIHzErvFodTZw_ZUZJAqTYoDxFUmbUvACWi9rXJN-h1Ia6xXbEKuxt_g_iD9GthlT69Tzm3ZPhY1_777s2JYMyCdL9mclivk5BaPi8b3-e4u0Cof-XAdXIEAVrlQXOmN5VVkoB0LJigVq5LAGJ6cy-NYJ-ldcFklrMjg0Bw35CYCcMaN8C3ho7s83q8FQGFpyteDtexJl9ytaeFnQOIHlVLkDPCMDZPrVt0dZJtwiB6o6uBUwIyrl30KjAssrJzSSvuZo9TGmlbvxUyIXF2Os_iQX2gESs1kjIyHY29jq6LSPqOKG6atwRT-e9HQRy__tq0UJTmGsf4KXC6V1tZU1kMUZDVPHFxCG7SbQsfoVNSggyWgp0pfj4YJfZMz5pUMENELWvsR3TWXOGiwkJPR8eOoy6-8lERlGyG9F89bTRrJOpbPufbSyKGG-oQ63brw832quY9q_WbFlxXktsr8AzIgg4gXI8oJGLL59JdTA1m8K6JcUppi2a8Ago2JodRKAHXsRV0rgEATqqEfHiaMusHaf1eHn-odQeUt4WhLJW8s9ACejJ1qltJ4m3hQh5gIT5MMU2ybrywjD_5pSvzry82Irc1r_LsDuct81YnL844qS7HYdIBzgqlmtXywmnO2vFOvBNNABUFD5iR713I4ctiPoAG3_aWF_Q5efrHNI0h99Ed1e2SpyCSpxRJ8vtfjJxSu3Xvz4HPFklqVZ0yc2d4rgzlWNFgkYP4Nw31Pt6YpYs3XdIXDZ--5dfq5xgbc5qUokOy0WOvYN7AoOwz2EliY_iVqX52ReW3lJFJwYdDE8EsBaKkVEjBHIMLYlDRZcaXzqfr5XZmSNFo2QQqj9eGsr0TfqATvFbjRh5wl5mlbZ9BhE2C8Tjt5b7BSNqu-zNZ9Yq0UTelMH2vF6mDw9KH__J4HLrcA5M1gSqXGOXE1-LpaXjdlOyH_BOkUTvJK6TmUESEf23Wy75a0IJKQvDypBUuSqMy9SY3quK1ajRlfEMuoCzVAqGEP2hbAPOrs8Q4kqMGp-gZL4OhZJR7OfW1Ynv82Ey34C07BiVcoDrGrOXmgRqh5T4JKjaD2fdkv2kTh0oX49YWm74coAGtG8x_mt1vPq3paBgIWuXtCT2xuHCBFuKWY39oGQNy25eTfGfUaDHAbs33PFDgBsfREV-NtVxzijSN8yVdAqlVBL2Pi8PQ9A8qsyKx9NyKvHrj4bsf0wXSiNhO8KJ-VIt7IwzDjhXlUOPG7ql0u2yhZOhx4OgiS24zukv8m8PNE9_1m1Ml-PuC-Hd8q9nYetcylz3XQ8U1lj5b73TcVviUoL1SDmqwaMwxGnAIARcqcFQJgS0X0gs8sHv8lKEo4m7xqKRu2FF7z3QKlZk_IBXWOQqdvmRVf12B5lykXu47DvNuPCjd6bsJmk6ryZcMUC1bfiKi9S3fRq6jAtjrxf0dogimPzyd0_xBtj5NPJMlMj720s8_fyhFcLZK90gz0qO125-VyYxLneF09uUOn0byaWFn9X12k9nbVQGLkhquYwVEtZd8M47kuR0iRLo0cG2j4zb_0XJ_EPXwpaq7YYsutBSCNC4tMSQ0bL8SioCqz8dNI-X212Qb1sW1R5dGqHSEE6zNB_s8y5drRdjP24YUeM73Ik5N97dMPzuGzju-ZbnAVOxgy8tLaFL24IjdFRgGC149HCSroZEx_IedqbRSiT-136aH2RHULxXGjmPge1yFZLSP9eE2tnDxeWc3go23pHljQdMRju9aziXgGageLfeD-gXaTx-wE8LUV3ZboarrS7nz72mfCrok8NdAPT0aYU6PDIXOWDOwE2ajKxbRgekVsEpOXZ5nJT-NUbywwQsrZr6P9neup_JG-oQKhB06V5mw6KPGisspyGL_eCLa4_Bm_ZY9MP1htdjE4fhpR4hj8nrUnr-wDpd50tdJ7tDFXJR7QXUgx3JtH9DGGYm3eSlEwpOjPW5mA9pWUvXCJu1BnYZOTIivoNXYS3EPhM5jIlUM1k7Gm3vRJ7KD83GTK-DzJLjxvsQcMGlSw9Dntvj0z0Qrv3ds3tjZFaSXmgstT4AOjJK--dtuDTJKN_WgFDX09aO3rv-_SVGDhou1IxSlqc3Xw7CFIfX9kHi_0xOSnjcCfrDx9ZNYQF-_4W_A_vRA-U8MAYPirVZVFUDGJIHN77nJS1v0FFHn1ipRpGSBjVd4cSX2b5gv9Y8WkXLuT8Fvw98fjk1-g4eK-vYvgEvsHQeQNTYvJNzaMv8ZkRjcYVsMml0iTcf5KrE_c0bmIGjXbdbfAo69XpcpZaXZ_y0Wwm6A9CwLfT4Iw_duh9ojeEUPmlkaUfd5jLnZmbiJDIGMF0fE0czPgc224NhC8bkV47rU5uIWwiYewW8CD0gdtxy48GmxzIMqJLZPSG8bTYaX-INu0p29LImUYJwUevy5ORN9odIzR6q3Mk5is3eD_uYA5t9NCHFX1cnCvJTKzghT9CXeSLzC1hcoASQ1um3OFZDgy2uPv16HjZtjaqhq9138dbEzt5MhYYO7OqDB4I7wXQGvSIbSZMb1HCt8aQCGaOr6RLzYoQAwGvHleGYjx0HIZ9EnxyeQDxLL2fpb9_OthMYVAk0QQmszVvqC_6LZdmeb7zhzNJcAKNlNYNVA_QVRT2An9ZMCYnhUCmsmWrCl_4d0iXUm9MHSippoQvcslHCE4MpE2ByqSJszAR_mxU1hijbdvz-8GTKew4YrYrG-83vG1mspJO5J6B7gTjvyI3-EWgvCxSmRN-1vjPWYzgw6uMDPQg5tix6HiQ77mFOZzfwW94gEfDest1SLbDv3Y7tbX-tRm9LVHGaISch4wFejng8dqqhlKD_HWMPp2ghkrUywXsKHWc0KUe407ZTFz3nxz0UW0OTsHyoQKebiPG62JtLGbFPhNqGbZxOG0t8G6hMiXE8BffPrWkNrHG3uDn2ta-TddYsEfylTthNU0hOyHU4kf4URtNQ_hLfCvY-zPA2IHInj5efJS3Yct1wZDOZuaTTMsLlSe7op4KuNGkJkSl0DqwAKooVLNGTz8H0ihwlfLnG5L2ZnRabpLO7XeeTgY3qX0ub8kA8wWH73q75lQwUkty3Qt5vG0Ha6KJVl_ZEjHv6Xm0iHaMUWOWubelFXMbK4jzkaj4KMDVGJ19-Z1AfVp-0hT6BXAyLD0VzPa_582LAtkVAoZcqX0tfRQ4Ck5vNOrj8HZRClT0N5AqTp1CojCNESpKShWt6YsS4ROEKBQlRmrNugN0x2pDWQbeqRk4Cdma4RVEdZ7P4O5jJywX9FZZdDINjYhpfGT9c8MlyiyGAOJKYmBaqon3p7AW8I9u9-lOSLMkDacKNLgZ0R9eVdTMDpn4Qj5IuuFqf4tV_mW8VZUs_ZAh2_Qg4xDGaKINPJ_9FlxkVY9xrc43ASCqp0ee1lqw2pS-BpR0V6IX0GAuoQ454PPJcuiyiVNtSLrV03KoxFJscxw0jchF3DK8h5ShKXk500fQiEQE3TfAZ82Sp835Arhh6XiiLLNeG6GFmlW22G273U72c-wshmLuACXzqJDcHaUsmcPMeEGAZk8tHILlThtuosXnSvL4_7nAjIIT3xpRwf-84f9nqI-C7pWJH-h2eEVqzwi3B9LnOycm6KwOdvIXcjZNp4RhMbkr39ZBGQkPO1vW9PAlypqmGj3ioxnbIGWbOKIC1kTFjTQiv-qxPbEGJxd8jMfDC0f8JJRDDN_oPrREOmQuLs7jkTwXlnJ3fS4qR8czpXhJ9cofR_yB3qECin0i1_U7i0Qh7K9L8oFZ7gUVJRKl8teEGPINSoNVrae6nxTiWQM6ogooEarY5tF5s-ql_TGSGX2mBQGSXUF9HJh7O1F9-zqfAh8QVcICW6SeuIKJyF-fBDbj-LfX2mnARKEUc4-aTeduVsqZz_LLZwNQbbQPAzaahRb5exfoBbLFYnjjs0UheabBPiy1oo5vBhTqIwRCzRqAP3ouN2Jbn0co3DXJIE_U09BF96PDP2PHM0lIxV4K6OMnEwQKugXb_YGnABwXx-bRpKpIslGzK9YyrR4SQOekvcxGXphRJANNixHTwdg45k7nD0rOWjS3Qowgucy3gwNnZV7RyCyugAjCi40xArlWfAGwzspNANsrNZLUNzPTpqBXw64hxj0t-Rh3O5JBOr6r7REeA3oyV3VDwKb1nG8d_t-o_PtXn35Pf5LChNe7ZCICQz2XufQN74k_BQpSrY6WPvRXXKQzkdDpUe-iSoS_hINvs332WImjBOQONwowfjnKhlgXRy-PcNPEUI3X_1s7aLvadkaa_-8yGcr6Ptf_EVGBCab6Uvws0NuGrePilQ5XcqXaiVwa0G96kuGAweHF_zJw4uICw2GX0G9tEIbMOIu_Zt06S_w3G4lMQlNmT01mvQq7S14Fq2WqTGRDxOQDuHjtgiiGbYbJm5BOtpPVe5mJfhTeOSPmhlTOgeCx5k9Vpf1fn8H-Ap8jSA9dA7kA5HXryhgtmrIiIM2ToX2U9rCN7lNJY6IIdrQ_N9lld25xr7zlx0UbT_0yQWPgF36opvxDW2kvvzgxNHNGCpYD5GKowwkUzLk8OQykJOUPLqvNLQZN1Wce1p2K029xKry4EZoIWRqSie0jLrCMjkj6MYTLW_3-MotGGo2XrKSjXj2g4xS0Pm7khe59IjQSwXvpLAJXhoFQAwOT0qGB5oV4pxkzPtBcthmf_HS6yWE9RhPxubiT3a0mwjve9th7n4fOG7rHO1qwpeRDzoyTZY8Vcq2PS1ueNnoksP7J8XR2mPJyCnvsz6Z7j2-SjHBeqqO2wsA4ZUvwB0TMlr0I-aBOV2BiMH4Daw0CUNh_qx7IJoR_1lVHCGuJeCnC_46sm6hyrV0LzQvw9uEKNHVCqhdekq7oIS32PVdagRKIxV20WcOxKnF63Dwf2l2HjpirbemFcuOmszlKnPOuI11Q3G7j8Bm7cBV-uWbO1O8Ed6w-o7zL-IBvUUQoBOcpbxEY6m8BxW7ZcJb5_V4jkqlfCm12HV8UraOlUrUONDiJl_hwicoG-xbgYTTVMSrl9GPzd6bBcbj_ILQTp4KS31k161Ybw7_F3b-Ep57xiNtFpLztM9ITLOG9tPpyvWpn9kalY2eRchcWkKA5QVVxRogX4Lz4cA86C71WN5DVA1PXw9U67zbq6MCtxPCkrlTkU1khmra-j9_lUk1dNJrDDfnF0iu1ho3h3As8JKzk4C2LhF6BhLcAcnQvmXH0PMm9TpUyX5tf3oK65tdFGWUWnU9TBzhtdNXwWzkfUslh2fJ13ItkvSTLXEMT8hXVknds9rU7UCWmmeqhcIxd1Cfm2QJBrMiivkEr9YKCCazR8XPIRPf2bXVWYwHHSEAaomXXfrGycVH7zxfG742fZnOX4Ze2EGZLj520ovh19iKGj69TNY0ZI4wWeEWwplPPJgiaSXIFbkD43r4W8M2FkcGv9_O0zRSZ35JH7K-QGuNODgOxnlx7jZ4fvqeTx-8mtvEZKjzd2U5lA9iYurkKs3Kxmye5ap7Yy823A7towttw9bLLCfeH8CyxEwsSlAxUjjREx7Xnb9t-KosQwINAtSMC_LuBsNz13U9mMwzVioMhp7I2NUzkUOD6myfHnK513DmdNqD-b6nXtlQWAKyc5Pao1R8ETSwWwkYdr-82x53yFSSZpgQdSfl2MptO0o5mcnQ2lbclwZ-3DBbgTqy0dZgzlVhz_81zmBTPu3-idvhlN3ySgTq3I-q-amKEgyTGFNPwA-0wGy6QomKNL1MvlL6HJuzWwdS3cCK2WTFYqUlV42dy-1DjL8HSfLldbxuUEzNtBnqYD_JOHYRcnZvFBxvDkrurT1vuhOWkr9mB4_lewcvi1mzvMJUnJiaedjpwLDUxD7otjasYHdm-HmuBflDWG10Cc_bhER3-bQ1esTqzd27vqmiOb7jc_Fggv7xoCPErehIeFO-01nYfuuUkKYsUAvqOpH5LWHkmLzMo5sa8eXhT84-piXZHsS7anJe1-e_DcKGg1VQF4x45qCqM75lAeHpiHTZ1swXf3h2D3ohA4o77zmHYqeto03RxpZ6jmECC3JsCrZ_VAXsCG-nTdDxBT14tiGFYr4ChiIhlVgWkivLRM_f0vPDwkUIF8BoFq0LweUpQFPsyQVBTNuiPXTbbrg8jllSWDVuR3eu7EsZjHeHuB1DHwI9PtT3kXFaVuMIj-2JS8iy5EFj7cxPOPDjkt8dkx-MitN6Sm95tR1D6r5SXYKBt1AqL2z0ba2HY2MRsZiycG08_WEPPIrTY83oGR_wHjBO4ybMHG7pWQ98MkHx7M9PLq11De-3aBEI5CPeakuf9ROzF7YHj-Uh84pC78HY1zkHp2QzmApXnr2luurQuVQxcCcG3ViZvskhk8V-SvvtGC3vAVdpqacYkx_uNfjx-awppo-767FtJIHVhyPMtZWerB1oB2kW560od-c0tyU_7VpOUmKbT1edCHwEU9JnEe71ng4w9-xCdeHlsTjS5G7XIGFlnJgHSx9zCrtIwLYhxk0m-wqiDdOILdHeXb37yEA2ZmpkpYtebyKhLRT9QuCiCo558SAhL7klfXpdqDq0byfRLSgxuNJcSFiSh4E5hDCTA-0XXg0hLGP4OM2mVGy8SJS1XXJjKOTN2ZMJ3vosFJpzBFTJkD1P2FGf7IYaSsAzv2mToyoq1bm3Qrux2ofAYFwAXQ4bmQEoGgLWH6GIbY0TBuYcmAP-1Q7jtiqck4jxNTEhz0c4jikmyfWamsIMZnsizIVMvcHAQd18AhFBbwprK4-lakqMaklqYSfDQ9xnpD66zzRWsXPRKjjFrb2OWg0IN8SId85G2yjF2okFBw_XnZmE2uVqzmlD0gbqfkI3TXTfAmY5VRITphrEJkZ6m1NSA5XyhYC3AyNV-GFIXc0srOee0esWP1ADwQiCijf9-z8JAPfcbpjty3DjaaHwr3hCJXPxZ77wLoY96ZcBz-J0NDwfg-FtX3bXQtlhd-2Yd-7LI6_DvOqLguZ2kbFS04cLo3lCL-6zBb4iBiLLTey839y-ZOdGSgzy8hb76wNZq9Y4WCMIcPmJwEp88KaU-S0SRuqko1wNQfggfQZNmvFPpYffAa5d1yYhAbPNPb6m2Nicui2GcMO-fgXPDdp3rGHFNs4pm4-nsNKjAkz4mrZAInnS4mhyPVV3mIz2o_kUA8t_VmPBJcKXzRojYWXtdF1VunFX2Sa6DO3Rgz02FZqZaOgCN0VL2uAB5Ndjh6ViI-LgcnOIDOrRqmR4LOo6Soy6Co3SFZeElXcF3ltBHWMXJqe0rV7YThkZiCZKVIFOTJMgFFYv6LcoV2hpy3iIYugXF9GnRdfC9-e83Y0rU7t8YZX25vD28SRGNPBI0foi6tqQG_844cG7jm1sUwtZfEzVuegH869qx2uBq3AV_mlmemJ6ha1nixcYIj3YdMZi7jsFDaY6MuFGaQKUyt7jaYTVGO3dbeRBMHDro4Nd55CM0cn6ex6GC66svM5LaI7zxGgR5b0ZXJRaDlnoo6SEaDUPOJsTZOeZ6BrGYepZ6G9XFbTeNLZKuRXVWzSKiyk6ziE56s8TuABY0DC-_dcVt5WpJLSF0uyWJj0NgE1kyrblGyLMdlWXUgNx3B6BRHFlwzYMZ1XGEsHTZQPrnHONRlXdZy9kB6YtZqCM8WFlhNbgNhIOD5jSdV3EnlFCPErGECzT93S-v7rCun1IjUC0xhUpjMypbK5j1hf0rGB5QWcga0AT5vIxPMYiGNmDtVFAVHCCIJ11h5NMGDqxRud_aUHl57h7JFE3BwCNRNaODkjdQbnozMvr86RVB449NmBl1llCmtSksRyCh-mOQj8l7id2KUNQ3op5F1_jnkR4KEguRZ2RQTU87WZcS1zoeTSyMwldr2FAucBdZEHxwuNj9yPSO8BulUFnZsTbhI5zW5POoaRdxCAtQ6B3doH32WwGLhTvS4S4zdFCuuxTneDcgjsGYPdw_N5eEUGeptYonqb8NwuCtlNbdjGZQSzamt5cCwabDvyIkQu9cQFABOszeRm3AD9-mdq-yFWx-UCYRGyUT-WnmGIu-1kGwYFFQuhffVXhKllPXe3-aeljODlAsqxB2KMVNst0oGYQyNZTYUBxaieb0kp5OzrLfPOfI80OUWCDdKcYfda_RPeChgOdmLzwhNvpMt8fyZm0ALazVf_0sPFggPwrpt5w1PPKj6K6qhv_IpApy6yf7p20JtOy6WNGor7BYIBI63VlIdxiqCjD27hBSV0byRNAJlEcpkTfde6_pSwslWCDw_N5Dr1eaE3_pFkAo5Iw6Rtw6tmAYd9cQ511CYrLVplggmRoc0pj-evXDVD1zK7qoiVtev6WpmdMH6qxVY76O26RYIMxpvhI3rF3SRsDOhPuY6kyBlPptr-cjW32c4mh3uoaGWCATRBQbvIdbP0HsuIaXnd-CYEXgizzW1gqUSleyBO0lQ1ggY5cc57pVfGxJD8Zm9GTB-4UC5-slq6nOv6glUKjN3T5YIONyUVbKwwtDq0Dj-aue__yQP0-D89VXSdLkaIYV2nVgWCBQHKGjibBQGgisVJ0XkwA2eAvdJ8tU118Rj7akzp1H3FggbBw5bYPsvshlaFVdyFTNv2Yc3vnDCP9gXbLiqKr3_LlYIDICYvzc1dJXlM4nKUaLvHgFWwF9fCzo8KN99rYo_u6mWCBu3mRZoVpWuqWpGfphhVo2wEqiGFblNGle-r7jrgCIxVggK3mKkXgWYwtx9kINYxLG9dx0tnfeHZBPbrnGD5-kp6NYID8AZeIlWDNK8qXclTnSyL-O2HW9XgjzGHNLxhaenESvWCAUya2oWomYpiRJ0KiB6dRvpx2vv1WNU-WSfRRAF39N9FggjXdfhcNs7ThqmR2F1kJ5EtjRJDAFXgBTVsz2t6_cV7lYIC4H6Xy70kTVUBmtPvd-Z0g4LiWJfSTHq74yQ2PgX4stWCBtb9H9MQCbIBGtvrzVECGyE2e2_Wc_rKJoXA2YWE5rB1ggrpQic3CC46oRJC0Fvbf5WS1tNz_sUyjWRAIyJGzEPBKiAFgg3Lv2QpFgo-YAegc1cQQKWJFW2sEjQF6FfuZ0VEoMKHgBWCDhgg5mfUwcRLVngiPaFZkbdHh0RgGqDl8dPIMS9iELf4QABAUHhgABCA0ODw"
  }
}
Example 43: falcon512-sd-2024 Derived 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://w3id.org/citizenship/v4rc1"
  ],
  "type": [
    "VerifiableCredential",
    "EmploymentAuthorizationDocumentCredential"
  ],
  "issuer": {
    "id": "did:key:zDnaegE6RR3atJtHKwTRTWHsJ3kNHqFwv7n9YjTgmU7TyfU76",
    "image": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAADUlEQVQIW2NgUPr/HwADaAIhG61j/AAAAABJRU5ErkJggg=="
  },
  "validFrom": "2019-12-03T00:00:00Z",
  "validUntil": "2029-12-03T00:00:00Z",
  "credentialSubject": {
    "type": [
      "Person",
      "EmployablePerson"
    ],
    "birthCountry": "Bahamas"
  },
  "proof": {
    "type": "DataIntegrityProof",
    "cryptosuite": "falcon512-sd-2024",
    "created": "2026-04-15T23:36:38Z",
    "verificationMethod": "did:key:urCQJjNUc-k6X0bvWIxp2p3VqhYLhiZ7dAxp1O4sgNX5mEBNFZ3iYopETaw3ZUtHfZbycHmQl_Rjgj1-cUNpQeAwYl2gW9QYtQCQBT1DdocpQxApos-ZLBpqvGcvGHxnKUlrugOYXwe_4LpOkhLIMAsXeiSTVPaXVmii_cruYp98AE0WVFU6hpbnNlCOKBkxFqdW19QZ8qR51qoJqMKGeTIqmJCF50I2CsCm2eRq60JUcN7dk3cazXoMtKU_YOA8vA_2X2qNPHrhpuXtPw4Qbom0mOandM51FO47rakCoGMgXg7l_vcC38KvDkKyIJPsnpbzmiDoJZK9iWYdGCiruOZlx8VMDqpyd7shQYXw5njUi5Z0DOZU8Kk9MFiiG9PwAAMcdad9nfFEGTaD7sjfV4BIcBzWE4H4euWenzpbvnERQN2RtsnM-SZo9zWQdljcRZyBeYkD8MIDrkk1Z05njmgw_IK4jgludKBj7ihrEzlOaq8mxLEOi_P3q62F5mgRm8FnG-GexQZQDbjGqzcPSJGw9kEo3sB7g2A3s97iszIxQoSrna8Rdl3r6mdWX-TIydwqLIRGhrfJhKk8XQnrXyt1SySEEG6YM2ON2oVy1E1Nxv36rYoRc379Fp-OtYcCwWn1nTMayRq07p8wHqJ9OncHi1ytgTQN7myPxHzzqhyvue7BkzDEcUy25bfmhQicmTy3Upw1IgDrJXMKrb68t1aJ1Ypc5nAI1kfscrSbAAOCDwUSgNTbpL2mQhhaRNSnRlXCRNcptbn9d7TkCcO7yDBQdgeDrtlT5K0nDISZJsPNGCk0nNU2sgZwH2mbqfdaEGoNSYPE0eRCRpbJYloZrx7rlx7MVxteToF7iGNsjLqEGNTjiuG_AXxWXmuS1bSbLtEThADQUdjymUzDkarmbH_xY4X13f-KCUejGl8YEmFw60imKKBmpvaklKYnTNYjN5_WR8mYihBDiqbApYumnQCM7vIQDGuOFsxW5vGkeiWKYnPmw94brGf3q9E6SOSlFTGHiw_KdthKAAA3UYv6axebtIxl2KtHDzSqnSV4FrBI8JRSn2MhrP5VYnXh9nA9F3eEUx-Eme6JOZeIZGpde2dXXxg2sSoVFP1eNNkZhBf1lu414-KI41p8rDeuagkSekThSi7sdxzeF49bMiN1zJg3aNgEfQ0Fhm8Wm7TdNVeowG8k",
    "proofPurpose": "assertionMethod",
    "proofValue": "u2V0RhlkCmjk5K4XKgWBEn15mlhTAqUq819bqyH233Kqc9hGHoirkOuxXrexudHudHvRvEbiCEkDQcz67NcWH6acuGJNKQP3rKt14TKJ9epkAyArE5VrWf5gsTKdlvJ_aI3rN9mz3bQyhsoZT_FIl8JGgW7TxNiJNby8VXvkitA3UJ0KjI57au2ETYhKKwtaKs5nv5Tuq5MaVAkuSrp0O1S8ORgppFpQ1s0XvcscWvzx6297N-rif2apUxyv3uM02_cMLPOE4tHKQdQp81OkIF-0DlEbwnq06I27slT6WMdHGcWyvFBUAjZTJwtcTS22rBSGFqkSo5uWnZlit1OUgYFO9Oi5TPbiGIkkscOusfucwbAyM_mHiePBoBh_HimPtkqRR7lUf5A27dlBSSY1iutYpGrbBqY813UjINGkaPTnomE0DU2CNQtDowyLcdH7o8TZTqdRvCwa0Rd6m86n3bOZP7najNZTpG3-MUUOvuvfFi9MTNmuKHTyD_62apLuvlL7psOiNpbC1uUNqgzxQOHx1sHPdWMkLb7BpBcczsKyU9oc61LkRzmZLcoYf8g5Iaex4sPrfpCnAhRrjTZE6zMUOn6RY3TwUbnonVUat4s1m8LztCbPlEhTrn9ZHqk2rN_3YfQefwx0cLBtsdrPljkD9KxazveOCEAyyiyDXYzdkLUFHntsMfUO9KkT1vixm0EM69eNTYNa8G9WJlujT7Iu2C5bnXHx_945k8d3Mx8sIKk0jnuFn-J4KsyhAVrzzVeaMJZM5URFTHGezOc8rr7759ck7K0wfJwE5LvM80B4CAErIGiynJDkql0TfJ6ktFq82etgopADZ_FlnZhq5VGoESfUv-Ugu9WvPDQIDkmvunnliqV3JnoQAAAAAAAAAAJRQjxKxhAs0_d0vr-6wrp9SI1AtMYVKYzMqWyuY9YX9KxgeUFnIGtAE-byMTzGIhjZg7VRQFRwgiCddYeTTBg6sUbnf2lB5ee4eyRRNwcAjUTWjg5I3UG56MzL6_OkVQeOPTZgZdZZQprUpLEcgofpjkI_Je4ndilDUN6KeRdf455EeChILkWdkUE1PO1mXEtc6Hk0sjMJXa9hQLnAXWRB8cLjY_cj0jvAbpVBZ2bE24SOc1uTzqGkXcQgLUOgd3aB99lsBi4U70uEuM3RQrrsU53g3II7BmD3cPzeXhFBnqbWKJ6m_DcLgrZTW3YxmUEs2preXAsGmw78iJELvXEBQATrM3kZtwA_fpnavshVsflAmERslE_lp5hiLvtZBsGBRULoX31V4SpZT13t_mnpYzg5QLKsQdijFTbLdKBmEMjWU2FAcWonm9JKeTs6y3zznyPNDlFgg3SnGH3Wv0T3goYDnZi88ITb6TLfH8mZtAC2s1X_9LDxYID8K6becNTzyo-iuqob_yKQKcusn-6dtCbTsuljRqK-wWCASOt1ZSHcYqgow9u4QUldG8kTQCZRHKZE33Xuv6UsLJVgg8PzeQ69XmhN_6RZAKOSMOkbcOrZgGHfXEOddQmKy1aZYIJkaHNKY_nr1w1Q9cyu6qIlbXr-lqZnTB-qsVWO-jtukWCDMab4SN6xd0kbAzoT7mOpMgZT6ba_nI1t9nOJod7qGhlggE0QUG7yHWz9B7LiGl53fgmBF4Is81tYKlEpXsgTtJUNYIGOXHOe6VXxsSQ_GZvRkwfuFAufrJaupzr-oJVCozd0-WCDjclFWysMLQ6tA4_mrnv_8kD9Pg_PVV0nS5GiGFdp1YFggUByho4mwUBoIrFSdF5MANngL3SfLVNdfEY-2pM6dR9xYIGwcOW2D7L7IZWhVXchUzb9mHN75wwj_YF2y4qiq9_y5WCAyAmL83NXSV5TOJylGi7x4BVsBfXws6PCjffa2KP7uplggbt5kWaFaVrqlqRn6YYVaNsBKohhW5TRpXvq-464AiMVYICt5ipF4FmMLcfZCDWMSxvXcdLZ33h2QT265xg-fpKejWCA_AGXiJVgzSvKl3JU50si_jth1vV4I8xhzS8YWnpxEr1ggFMmtqFqJmKYkSdCogenUb6cdr79VjVPlkn0UQBd_TfRYII13X4XDbO04apkdhdZCeRLY0SQwBV4AU1bM9rev3Fe5WCAuB-l8u9JE1VAZrT73fmdIOC4liX0kx6u-MkNj4F-LLVggbW_R_TEAmyARrb681RAhshNntv1nP6yiaFwNmFhOawdYIK6UInNwguOqESQtBb23-VktbTc_7FMo1kQCMiRsxDwSogBYINy79kKRYKPmAHoHNXEECliRVtrBI0BehX7mdFRKDCh4AVgg4YIOZn1MHES1Z4Ij2hWZG3R4dEYBqg5fHTyDEvYhC3-EAAQFB4YAAQgNDg8"
  }
}

B. Revision History

This section is non-normative.

This section contains the substantive changes that have been made to this specification over time.

Added cryptosuite algorithms for Stateless Hash-Based Signatures, Falcon, and SQISign.

C. References

C.1 Normative references

[CID]
Controlled Identifiers v1.0. Michael Jones; Manu Sporny. W3C. 15 May 2025. W3C Recommendation. URL: https://www.w3.org/TR/cid-1.0/
[FALCON]
Fast-Fourier Lattice-based Compact Signatures over NTRU. URL: https://falcon-sign.info/
[FIPS-204]
Module-Lattice-Based Digital Signature Standard. Federal Information Processing Standards. August 2024. URL: https://csrc.nist.gov/pubs/fips/204/final
[FIPS-205]
Stateless Hash-Based Digital Signature Standard. Federal Information Processing Standards. August 2024. URL: https://csrc.nist.gov/pubs/fips/205/final
[INFRA]
Infra Standard. Anne van Kesteren; Domenic Denicola. WHATWG. Living Standard. URL: https://infra.spec.whatwg.org/
[NIST-SP-800-57-Part-1R6]
Recommendation for Key Management: Part 1r6 ipd -- General. Elaine Barker. National Institute of Standards and Technology. December 2025. URL: https://doi.org/10.6028/NIST.SP.800-57pt1r6.ipd
[RDF-CANON]
RDF Dataset Canonicalization. Gregg Kellogg; Dave Longley; Dan Yamamoto. W3C. 21 May 2024. W3C Recommendation. URL: https://www.w3.org/TR/rdf-canon/
[RFC2104]
HMAC: Keyed-Hashing for Message Authentication. H. Krawczyk; M. Bellare; R. Canetti. IETF. February 1997. Informational. URL: https://www.rfc-editor.org/rfc/rfc2104
[RFC2119]
Key words for use in RFCs to Indicate Requirement Levels. S. Bradner. IETF. March 1997. Best Current Practice. URL: https://www.rfc-editor.org/rfc/rfc2119
[RFC6234]
US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF). D. Eastlake 3rd; T. Hansen. IETF. May 2011. Informational. URL: https://www.rfc-editor.org/rfc/rfc6234
[RFC8174]
Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words. B. Leiba. IETF. May 2017. Best Current Practice. URL: https://www.rfc-editor.org/rfc/rfc8174
[RFC8785]
JSON Canonicalization Scheme (JCS). A. Rundgren; B. Jordan; S. Erdtman. IETF. June 2020. Informational. URL: https://www.rfc-editor.org/rfc/rfc8785
[RFC8949]
Concise Binary Object Representation (CBOR). C. Bormann; P. Hoffman. IETF. December 2020. Internet Standard. URL: https://www.rfc-editor.org/rfc/rfc8949
[VC-DATA-INTEGRITY]
Verifiable Credential Data Integrity 1.0. Ivan Herman; Manu Sporny; Ted Thibodeau Jr; Dave Longley; Greg Bernstein. W3C. 15 May 2025. W3C Recommendation. URL: https://www.w3.org/TR/vc-data-integrity/
[vc-data-model-2.0]
Verifiable Credentials Data Model v2.0. Ivan Herman; Michael Jones; Manu Sporny; Ted Thibodeau Jr; Gabe Cohen. W3C. 15 May 2025. W3C Recommendation. URL: https://www.w3.org/TR/vc-data-model-2.0/
[VC-DI-ECDSA]
Data Integrity ECDSA Cryptosuites v1.0. Manu Sporny; Dave Longley; Greg Bernstein. W3C. 15 May 2025. W3C Recommendation. URL: https://www.w3.org/TR/vc-di-ecdsa/
[XMLSCHEMA11-2]
W3C XML Schema Definition Language (XSD) 1.1 Part 2: Datatypes. David Peterson; Sandy Gao; Ashok Malhotra; Michael Sperberg-McQueen; Henry Thompson; Paul V. Biron et al. W3C. 5 April 2012. W3C Recommendation. URL: https://www.w3.org/TR/xmlschema11-2/

C.2 Informative references

[BUFF]
BUFFing signature schemes beyond unforgeability and the case of post-quantum signatures. C. Cremers; S. Düzlü; R. Fiedler; M. Fischlin; C. Janson. 2020. URL: https://eprint.iacr.org/2020/1525
[Provable_Ed25519]
The Provable Security of Ed25519: Theory and Practice. Jacqueline Brendel; Cas Cremers; Dennis Jackson; Mang Zhao. Cryptology ePrint Archive, Paper 2020/823. 2020. URL: https://eprint.iacr.org/2020/823
[VC-DI-BBS]
Data Integrity BBS Cryptosuites v1.0. Greg Bernstein; Manu Sporny. W3C. 7 April 2026. CRD. URL: https://www.w3.org/TR/vc-di-bbs/