Search

US-20260128909-A1 - Cryptographically Verifiable Certificates On Blockchains

US20260128909A1US 20260128909 A1US20260128909 A1US 20260128909A1US-20260128909-A1

Abstract

A computing system may generate, manage, and verify dynamic digital credentials recorded on a distributed ledger. The system may receive credential data from an issuer, generate a cryptographic hash representing the credential content, and record the hash on a blockchain along with issuer identifiers and version references. When a credential is updated, the system may calculate and store differential data between versions to improve storage efficiency and maintain traceability. Each version may reference the previous hash, forming an immutable version chain. Recipients may store credentials in digital wallets and share verifiable credentials containing issuer signatures and refresh links for automatic updates. Verifiers may authenticate credentials by validating issuer signatures and comparing credential hashes with corresponding blockchain records, ensuring authenticity, integrity, and version transparency across decentralized systems.

Inventors

  • Saurabh S Doshi
  • Atif B Lodi
  • Kirthiga U Reddy

Assignees

  • Virtualness Corp.

Dates

Publication Date
20260507
Application Date
20251030

Claims (20)

  1. 1 . A system comprising: a blockchain comprising a distributed ledger; and a computing system in communication with the blockchain, the computing system comprising memory and one or more processors, memory storing executable instructions, wherein the executable instructions, when executed by the one or more processors, cause the one or more processors to: receive a request for generating a certificate that represents credential of a named entity; apply a private cryptographic key corresponding to a certificate issuer to generate a blockchain record based on information provided in the request, the blockchain record comprising (1) a reference to a version of a public cryptographic key and (2) a hash of the information such that the information is cryptographically verifiable; record the blockchain record on the distributed ledger of the blockchain, wherein the blockchain record is cryptographically traceable to a blockchain address associated with the certificate issuer; generate a representation of the certificate, wherein the representation is linked to the blockchain record and is updatable based on tracing linked blockchain records on the blockchain that represent changes to the credential of the named entity; and transmit the representation of the certificate to the named entity as a credential proof.
  2. 2 . The system of claim 1 , wherein the request for generating the certificate comprises an update request for a previously issued certificate.
  3. 3 . The system of claim 1 , wherein applying the private cryptographic key corresponding to the certificate issuer comprises: validating claims associated with the request; generating a cryptographic hash representing the claims, wherein the cryptographic hash is the hash of the information; and applying the private cryptographic key to digitally sign the cryptographic hash to bind an identity of the certificate issuer to the claims.
  4. 4 . The system of claim 1 , wherein recording the blockchain record on the distributed ledger comprises: retrieving a previously stored credential hash associated with the certificate; comparing the cryptographic hash representing an updated credential content with the previously stored credential hash; calculating a difference representing changes between credential versions; and generating a new issuer signature corresponding to the difference.
  5. 5 . A computer-implemented method, comprising: receiving a request for generating a certificate that represents credential of a named entity; applying a private cryptographic key corresponding to a certificate issuer to generate a blockchain record based on information provided in the request, the blockchain record comprising (1) a reference to a version of a public cryptographic key and (2) a hash of the information such that the information is cryptographically verifiable; recording the blockchain record on a distributed ledger of a blockchain, wherein the blockchain record is cryptographically traceable to a blockchain address associated with the certificate issuer; generating a representation of the certificate, wherein the representation is linked to the blockchain record and is updatable based on tracing linked blockchain records on the blockchain that represent changes to the credential of the named entity; and transmitting the representation of the certificate to the named entity as a credential proof.
  6. 6 . The computer-implemented method of claim 5 , wherein the request for generating the certificate comprises an update request for a previously issued certificate.
  7. 7 . The computer-implemented method of claim 5 , wherein applying the private cryptographic key corresponding to the certificate issuer comprises: validating claims associated with the request; generating a cryptographic hash representing the claims, wherein the cryptographic hash is the hash of the information; and applying the private cryptographic key to digitally sign the cryptographic hash to bind an identity of the certificate issuer to the claims.
  8. 8 . The computer-implemented method of claim 5 , wherein recording the blockchain record on the distributed ledger comprises: retrieving a previously stored credential hash associated with the certificate; comparing the cryptographic hash representing an updated credential content with the previously stored credential hash; calculating a difference representing changes between credential versions; and generating a new issuer signature corresponding to the difference.
  9. 9 . The computer-implemented method of claim 5 , wherein recording the blockchain record on the distributed ledger further comprises: storing a new credential hash together with a previous credential hash and a corresponding issuer signature; creating a new ledger record on the distributed ledger containing an issuer identifier, the new credential hash, and a reference to the previous credential hash; and storing a ledger reference corresponding to the new ledger record.
  10. 10 . The computer-implemented method of claim 5 , wherein the representation of the certificate transmitted to the named entity as the credential proof comprises a document, and wherein verifying authenticity of the certificate comprises: including, in the document, an issuer digital signature, credential metadata, and a blockchain ledger reference; retrieving a public cryptographic key of the issuer; and authenticating the document by validating the issuer digital signature using the public cryptographic key.
  11. 11 . The computer-implemented method of claim 5 , further comprising verifying authenticity of the certificate, wherein verifying the authenticity comprises: computing a new hash of based on information in the representation of the certificate; retrieving, from the distributed ledger, a stored credential hash corresponding to the certificate; and determining authenticity of the certificate responsive to the new hash matching the stored credential hash recorded on the distributed ledger.
  12. 12 . The computer-implemented method of claim 5 , wherein generating the representation of the certificate comprises: detecting an external verified event associated with the named entity; automatically initiating, responsive to the external verified event, a credential update workflow to modify credential content; and recording, on the distributed ledger, an updated credential version and a corresponding ledger entry without manual intervention from the certificate issuer.
  13. 13 . The computer-implemented method of claim 5 , wherein generating the representation of the certificate comprises: communicating with an external system; retrieving, from the external system, verified achievement data associated with the named entity; and updating credential content based on the achievement data.
  14. 14 . The computer-implemented method of claim 5 , wherein representation of the certificate is human-readable, and wherein generate the representation of the certificate comprises: linking the human-readable representation to blockchain records corresponding to real-life events of the named entity; updating the human-readable representation to reflect verified new event associated with the named entity; and dynamically modifying a privilege associated with the certificate based on a verified state recorded on the distributed ledger.
  15. 15 . The computer-implemented method of claim 5 , wherein recording the blockchain record on the distributed ledger further comprises: executing a smart contract governing credential issuance; validating compliance of credential data with predefined credentialing rules; and generating an immutable transaction record confirming the credential issuance or update in accordance with the smart contract.
  16. 16 . The computer-implemented method of claim 5 , wherein the certificate issuer comprises an entity having a decentralized identifier recorded on a decentralized identity framework, and wherein generating the blockchain record further comprises: associating the decentralized identifier with a cryptographic key pair; linking the cryptographic key pair to a blockchain address of the certificate issuer; and recording a reference to the blockchain address in the distributed ledger for verifiable identification of the certificate issuer.
  17. 17 . The computer-implemented method of claim 5 , wherein generating the representation of the certificate comprises: using a generative artificial intelligence model to create a credential template; automatically generating certificate imagery and metadata based on information provided in the request; and minting the generated certificate as a verifiable digital asset recorded on the distributed ledger.
  18. 18 . The computer-implemented method of claim 5 , wherein generating the representation of the certificate comprises: assigning a dynamic privilege associated with the credential; storing a benefit parameter and condition in a smart contract recorded on the distributed ledger; and automatically updating the dynamic privilege when the benefit parameter and condition is met as determined by the smart contract.
  19. 19 . The computer-implemented method of claim 5 , wherein transmitting the representation of the certificate to the named entity comprises: enabling the named entity to access a community environment based on verified credentials; tracking engagement of the named entity through a credential-linked event; and recording, on the distributed ledger, credential usage history to provide verifiable engagement information.
  20. 20 . A non-transitory computer-readable medium configured to store code comprising executable instructions, wherein the executable instructions, when executed by one or more processors, cause the one or more processors to perform steps comprising: receiving a request for generating a certificate that represents credential of a named entity; applying a private cryptographic key corresponding to a certificate issuer to generate a blockchain record based on information provided in the request, the blockchain record comprising (1) a reference to a version of a public cryptographic key and (2) a hash of the information such that the information is cryptographically verifiable; recording the blockchain record on a distributed ledger of a blockchain, wherein the blockchain record is cryptographically traceable to a blockchain address associated with the certificate issuer; generating a representation of the certificate, wherein the representation is linked to the blockchain record and is updatable based on tracing linked blockchain records on the blockchain that represent changes to the credential of the named entity; and transmitting the representation of the certificate to the named entity as a credential proof.

Description

CROSS REFERENCE TO RELATED APPLICATION(S) This application claims benefit to U.S. Provisional Application No. 63/715,196, filed on Nov. 1, 2024, which is incorporated by reference herein for all purposes. BACKGROUND In traditional systems, digital credentials, certificates, and awards face several limitations, particularly in environments requiring credential information to remain current and reflective of ongoing changes. One primary issue is the static nature of conventional credentials. Once issued, these credentials generally remain unchangeable; any need for corrections, updates, or additions, such as reflecting new achievements, necessitates the issuance of a completely new credential. This reissuance process can be inefficient and burdensome for both issuers and recipients. Another limitation is the lack of version control. Current systems lack a formalized, secure method to track and document the progression of a credential. When updates occur, there is no standardized approach to preserve an audit trail of previous versions, which can lead to confusion and uncertainty regarding the legitimacy and relevance of specific credential versions. Additionally, traditional credentials struggle with maintaining longevity and relevance. Dynamic credentials, by contrast, are able to adapt to real-world changes, preserving their relevance over time and enhancing their value to the issuer as they respond to evolving external conditions. Traditional certificates lack programmability for real-life moments or outcomes, reducing their applicability in scenarios where responsiveness is critical. Furthermore, static credentials lack interactivity and evolutionary potential. Dynamic credentials, however, can be designed to change over time, incorporating user interactions or other pre-set criteria, which introduces new levels of engagement. For instance, a dynamic credential could automatically unlock a reward, video, or additional content when the recipient achieves a specific status or milestone. While current solutions may suffice for one-time issuance, they fall short in cases where credentials must evolve over time, such as when new skills, qualifications, or accomplishments need to be integrated. Moreover, challenges remain in ensuring that updates are stored and tracked transparently and securely, without risk of tampering. SUMMARY In some embodiments, the disclosure described herein relate to a system including: a blockchain including a distributed ledger; and a computing system in communication with the blockchain, the computing system including memory and one or more processors, memory storing executable instructions, wherein the executable instructions, when executed by the one or more processors, cause the one or more processors to: receive a request for generating a certificate that represents credential of a named entity; apply a private cryptographic key corresponding to a certificate issuer to generate a blockchain record based on information provided in the request, the blockchain record including (1) a reference to a version of a public cryptographic key and (2) a hash of the information such that the information is cryptographically verifiable; record the blockchain record on the distributed ledger of the blockchain, wherein the blockchain record is cryptographically traceable to a blockchain address associated with the certificate issuer; generate a representation of the certificate, wherein the representation is linked to the blockchain record and is updatable based on tracing linked blockchain records on the blockchain that represent changes to the credential of the named entity; and transmit the representation of the certificate to the named entity as a credential proof. In some embodiments, the request for generating the certificate includes an update request for a previously issued certificate. In some embodiments, applying the private cryptographic key corresponding to the certificate issuer includes: validating claims associated with the request; generating a cryptographic hash representing the claims, wherein the cryptographic hash is the hash. In some embodiments, recording the blockchain record on the distributed ledger includes: retrieving a previously stored credential hash associated with the certificate; comparing the cryptographic hash representing an updated credential content with the previously stored credential hash; calculating a difference representing changes between credential versions; and generating a new issuer signature corresponding to the difference. In some embodiments, the disclosure described herein relate to a computer-implemented method, including: receiving a request for generating a certificate that represents credential of a named entity; applying a private cryptographic key corresponding to a certificate issuer to generate a blockchain record based on information provided in the request, the blockchain record including (1) a reference to a version of a public cr