Blockchain-Based Academic Credential Verification for EU Erasmus+ Mobility – Self-Sovereign Identity Wallet & Issuer Platform

Core Components of a Self-Sovereign Identity (SSI) Architecture for Academic Credentials

The foundational shift from traditional, institution-controlled credential verification to a decentralized, user-centric model is built upon a specific set of cryptographic and data exchange standards. For a Blockchain-Based Academic Credential Verification platform supporting Erasmus+ mobility, the technical stack must enable portability, verifiability, and privacy. The core components are not merely software modules but represent a paradigm change in how trust is established between issuers (universities), holders (students), and verifiers (employers or other institutions).

1. Decentralized Identifiers (DIDs): The Foundation of Self-Sovereignty

DIDs replace the concept of a centralized user ID (like a university email or a national ID number) with a globally unique, persistent, and cryptographically verifiable identifier. A DID is a URI (Uniform Resource Identifier) that does not rely on any central registry.

• Structure: did:method:unique-identifier
• Example: did:ebsi:zqy5q7q6q8q9q0q1q2q3q4q5q6q7q8q9q0
• Critical Property: The DID Document, which contains the public keys and service endpoints for the DID, is stored on the blockchain (or other decentralized ledger) and is immutable and resolvable by any verifier without asking a central authority.

Engineering Considerations:

• DID Method Selection: For EU Erasmus+ applications, the did:ebsi method is the most logical choice due to its direct alignment with the European Blockchain Services Infrastructure (EBSI) framework. This ensures regulatory compliance and interoperability across member states. Other methods (e.g., did:key for simple offline scenarios, did:indy for Hyperledger Indy-based solutions) may be used for specific sub-systems but must remain resolvable against the primary EBSI ledger.
• Key Management: The private keys associated with a student's DID are stored in their SSI Wallet (a mobile or desktop application). The architecture must support hardware-backed keystores (e.g., Android KeyStore, iOS Secure Enclave) to prevent key exfiltration. The platform itself never holds these private keys.

2. Verifiable Credentials (VCs): The Immutable Digital Degree

A VC is the digital equivalent of a paper diploma. It is a tamper-evident, cryptographically signed data structure issued by the educational institution.

• Data Structure (JSON-LD): The credential consists of a set of claims (e.g., "degree type: Master of Science", "issuance date: 2025-08-15") along with a cryptographic proof (usually a Linked Data Proof or a JSON Web Signature).
• Key Distinction: The issuer signs the credential with their own private key (which is correlated to their public DID and DID Document). The student holds the signed credential without needing to ask the issuer every time it's presented.

Example VC Structure (Conceptual):

{
  "@context": ["https://www.w3.org/2018/credentials/v1", "https://w3id.org/ebsi/v1"],
  "id": "urn:uuid:550e8400-e29b-41d4-a716-446655440000",
  "type": ["VerifiableCredential", "ErasmusPlusDiploma"],
  "issuer": "did:ebsi:z123456789...",
  "issuanceDate": "2025-06-15T00:00:00Z",
  "expirationDate": "2030-06-15T00:00:00Z",
  "credentialSubject": {
    "id": "did:ebsi:zabcdef123...",
    "givenName": "Maria",
    "familyName": "Schmidt",
    "degreeType": "Master of Science in Computer Science",
    "grade": "A",
    "creditsECTS": 120,
    "institution": "Berlin University of Applied Sciences",
    "mobilityProgram": "Erasmus+",
    "hostInstitution": "Universitat Politècnica de València"
  },
  "proof": {
    "type": "Ed25519Signature2020",
    "created": "2025-06-15T12:00:00Z",
    "verificationMethod": "did:ebsi:z123456789#key-1",
    "proofPurpose": "assertionMethod",
    "jws": "eyJhbGciOiJFZERTQSIsImI2NCI6ZmFsc2UsImNyaXQiOlsiYjY0Il19....."
  }
}

System Inputs / Outputs / Failure Modes for VC Issuance

| System Input | Output | Failure Mode | Mitigation Strategy | | :--- | :--- | :--- | :--- | | Student’s DID from wallet | Signed Verifiable Credential | Issuer fails to resolve student DID | Implement DID resolution retries with fallback to alternative DID method | | Institutional private key | Tamper-proof digital signature | Private key compromise | Implement HSM-based signing and key rotation policy | | Student transcript data (JSON) | VC stored in student’s wallet | Network failure during wallet push | Use decentralized storage (IPFS) with content-addressed backup | | Issuer’s DID document | Valid cryptographic proof | DID Document inconsistency | Use EBSI’s on-chain registry for authoritative DID document | | Revocation registry data | Revocable credential flag | Registry not updated (e.g., expired degree) | Implement dynamic revocation checks via blockchain events |

3. Verifiable Presentations (VPs): The Zero-Knowledge Proof of Possession

While VCs are stored in the wallet, a VP is the data package the holder creates to prove a claim to a verifier. This is where the magic of selective disclosure and zero-knowledge proofs (ZKPs) becomes critical.

• The Privacy Problem: A traditional VC might contain the student's full name, birth date, national ID, and all course grades. A verifier (e.g., a new university for a Master's program) might only need to know "Did the student earn 120 ECTS credits?".
• The SSI Solution: Using ZKPs (like BBS+ signatures), the holder can mathematically prove a predicate (e.g., "my credits >= 120") without revealing the exact number or any other data in the VC. The verifier checks the proof against the issuer's public key and is mathematically convinced of the truthfulness of the claim without learning the underlying data.

Technical Architecture for VP Generation (Wallet Side):

# Pseudocode for Selective Disclosure via BBS+ in a mobile wallet
import bbs_plus

def generate_verifiable_presentation(credential, disclosure_request):
    """
    Takes a VC and a verifier's request, returns a VP with minimal data.
    """
    # 1. Parse the verifier's request (e.g., "credits >= 120 AND degree_type in ['MSc', 'MA']")
    required_predicates = parse_disclosure_request(disclosure_request)

    # 2. Extract only the disclosed attributes from the VC
    disclosed_claims = {
        "creditsECTS": 120,  # Revealed to fulfill >= 120 predicate
        "degreeType": "Master of Science in Computer Science" # Revealed to fulfill type predicate
    }

    # 3. Produce a Zero-Knowledge Proof of the undisclosed attributes
    zk_proof = bbs_plus.prove(
        credential.signature,         # The issuer's BBS+ signature
        credential.private_message,   # Unrevealed attributes (e.g., exact grade 'A')
        disclosed_claims,             # The data we choose to reveal
        nonce=nonce_from_verifier     # Prevents replay attacks
    )

    # 4. Construct the VP
    presentation = {
        "@context": ["https://www.w3.org/2018/credentials/v1", "https://w3id.org/security/suites/bbs-2020/v1"],
        "type": ["VerifiablePresentation"],
        "verifiableCredential": [credential],
        "proof": {
            "type": "BbsBlsSignatureProof2020",
            "proofPurpose": "authentication",
            "verificationMethod": "did:example:123#key-1",
            "created": "2025-07-01T10:00:00Z",
            "proofValue": zk_proof.to_base64()
        }
    }
    return presentation

System Inputs / Outputs / Failure Modes for VP Verification

| System Input | Output | Failure Mode | Mitigation Strategy | | :--- | :--- | :--- | :--- | | Verifier's disclosure request (e.g., JSON schema) | VP with ZK proof | Verifier’s request is ambiguous (e.g., no logical constraints) | Implement strict schema validation for disclosure requests | | Nonce from verifier | Unique proof resistant to replay attacks | Nonce collision or reuse | Use cryptographic nonce generation with timestamp + entropy | | Student’s private key | Proof of control over DID | Key is not available (e.g., device lost) | Implement key recovery via social recovery or backup seed phrases | | Issuer's public key from DID Document | Verification of proof | Public key revoked or expired | Check issuer's DID Document for key rotation events in real-time |

4. The Revocation Registry: Handling Expiration and Misconduct

A major challenge for credentials on immutable ledgers is how to invalidate a credential (e.g., a degree was revoked due to academic fraud or a student withdraws). The solution is an off-chain Revocation Registry that is cryptographically tied to the issuer's DID.

• Bitstring Status List (BSL): This is the standard approach (W3C VC 2.0 Data Model). The issuer publishes a list of hashed credential IDs and their status (0 = valid, 1 = revoked) on the blockchain or a distributed file system (IPFS). The verifier checks this list during the verification process.
• Implementation Detail: The issuer creates a credential status object within the VC. When verifying, the verifier fetches the BSL from the registry (e.g., https://revocation.uni-berlin.de/status-list-2025.json), checks the index, and sees if the credential is flagged.

Revocation List JSON (Conceptual):

{
  "@context": ["https://www.w3.org/ns/credentials/v2"],
  "id": "https://revocation.uni-berlin.de/status-list-2025.json",
  "type": ["CreditCardStatusList2021"],
  "issuer": "did:ebsi:z123456789",
  "encodedList": "H4sIAAAAAAAA/...",  // base64url-encoded bitstring
  "validFrom": "2025-01-01T00:00:00Z",
  "validUntil": "2026-01-01T00:00:00Z"
}

System Inputs / Outputs / Failure Modes for Revocation

| System Input | Output | Failure Mode | Mitigation Strategy | | :--- | :--- | :--- | :--- | | Credential's status index (e.g., index 42) | Boolean: valid or revoked | BSL URL is down or unresponsive | Use IPFS hosting for BSL with multiple gateway fallbacks | | Issuer's private key to update list | Updated bitstring with new revocation status | Unauthorized modification of BSL | Sign the BSL with issuer's key; verify signature during fetch | | Timestamp from verifier’s query | Credential’s status at time of check | Time zone or clock drift issues | Use UNIX timestamps in UTC for all BSL updates and checks | | Revocation event (e.g., fraud, expiration) | Updated BSL on chain + event log | Credential revoked after VP already generated | Implement WebSocket-based notifications for near-instant revocation propagation |

5. The Wallet and Issuer Platform Integration

The architecture is not complete without the two primary software components: the Holder Wallet (student-facing) and the Issuer Platform (university/admin-facing). Intelligent-Ps SaaS Solutions (https://www.intelligent-ps.store/) can provide a robust orchestration layer that connects these two systems, managing key exchange, credential issuance workflows, and revocation lifecycle without exposing sensitive institutional infrastructure.

Holder Wallet (Mobile App) Requirements:

• Secure Enclave: Hardware-backed key generation for DID.
• QR Code Scan: For establishing a secure channel with a verifier or issuer.
• Credential Storage: Local encrypted database (e.g., SQLCipher) for storing VCs.
• Selective Disclosure UI: User interface to see which data a verifier is requesting and approve/deny specific attributes.

Issuer Platform (Web Backend) Requirements:

• DID Key Generation: Using HSM or cloud KMS (e.g., AWS CloudHSM, Azure HSM) for the institution's master key.
• Credential Signing Service: A REST API (likely gRPC for low latency) that takes a student's DID and the credential data, signs it, and returns a VC.
• Revocation Management Dashboard: Allows an administrator to revoke a specific credential by its ID, which updates the BSL.
• Audit Trail: Immutable log of all issuance and revocation events on the blockchain (using EBSI's integration with Hyperledger Fabric or similar).

Comparative Engineering Stack for SSI Platforms

| Component | Layer 1 Blockchain (e.g., Ethereum, Polygon) | Layer 2 (e.g., EBSI, Hyperledger Indy) | Description | | :--- | :--- | :--- | :--- | | DID Method | did:ethr (Ethereum) | did:ebsi, did:indy | Cost per DID registration vs. free but permissioned | | Ledger Type | Public, permissionless | Private, permissioned (EU Member State nodes) | Data privacy (GDPR) vs. transparency | | Scalability | ~15 TPS (L1); 1000+ TPS with rollups (L2) | ~500-1000 TPS in controlled environments | Fraport throughput requirements for mass issuance | | Revocation | Off-chain via BSL on IPFS/Arweave | On-chain via status list immutability | Latency vs. immutability guarantee | | ZK Proof Support | Limited native support (requires precompiled contracts) | Native BBS+ support (EBSI) | Complexity of ZK implementation | | Regulatory Compliance | GDPR challenges (right to erasure) | Designed for GDPR compliance (off-chain data) | Institutional preference |

Security Model and Threat Vectors

The SSI architecture's strength lies in its cryptographic foundations, but it is not invulnerable. The following table outlines critical threat vectors and their mitigation within the Erasmus+ context.

| Threat Vector | Attack Surface | Impact | Mitigation Strategy | | :--- | :--- | :--- | :--- | | Private Key Compromise | Student's mobile device | Attacker can issue VPs on behalf of student | Biometric authentication for wallet operations; key rotation with revocation |

| Issuer Key Compromise | University's HSM/Cloud KMS | Attacker can forge valid credentials for any student | Multi-party signing (MPC) for issuer keys; key rotation every 6 months |

| Replay Attacks | Network layer (unauthorized capture of VP) | Verifier accepts old VP as fresh proof | Mandatory nonce generation per verification session; timestamp within 5-minute window |

| Sybil Attacks | DID registration | Attacker creates many DIDs to game reputation systems | Proof of Personhood (e.g., eIDAS integration for EU citizens) |

| Data Leakage via BSL | Revocation registry | Revoked credential's index leaks metadata about student | Use blind signatures or privacy-preserving status lists (e.g., StatusList2021 with salt) |

| DID Resolution Attacks | DID method resolver | Attacker returns false DID Document to impersonate issuer | Use EBSI's on-chain registry with attestation of DID documents |

Data Flow: End-to-End Credential Transfer (Erasmus+ Scenario)

1. Issuance: The University of Valencia (issuer) creates a DID (did:ebsi:zvalencia123). The student, Maria, generates a DID via her wallet (did:ebsi:zmaria456).
2. Credential Request: Maria's wallet sends her DID to the university's issuance portal. The portal queries EBSI to verify Maria's DID exists and is active.
3. Signing: The university's backend retrieves Maria's transcript (from its internal SIS system). It formats this into a VC JSON-LD. It signs the VC with its private key (stored in its HSM). The signed VC is sent back to Maria's wallet via a secure channel (TLS + DID-based authentication).
4. Storage: Maria's wallet stores the VC locally. The university also publishes the credential's index to its BSL on EBSI (status: valid).
5. Verification (Years Later): Maria applies to a Master's program at the University of Helsinki. Helsinki's system sends a verifiable disclosure request: "I need to know your degree type and issue date, and that your ECTS >= 120."
6. Proof Generation: Maria's wallet generates a BBS+ proof over her VC, revealing only the degree type, issue date, and the ZK proof that her credits >= 120. She generates a nonce from Helsinki's request. She signs the VP with her private key.
7. Verification: Helsinki's system receives the VP. It:
   • Resolves Maria's DID to obtain her public key (from EBSI).
   • Resolves the University of Valencia's DID to obtain their public key (from EBSI).
   • Checks the BSL to ensure the credential is not revoked.
   • Validates the BBS+ signature proof against both Maria's signature and the university's signature.
   • Checks the nonce to prevent replay.
8. Result: If all checks pass, Helsinki's system accepts the proof. It never sees the exact number of credits (120) or any other personal data (birth date, address, etc.). It only knows the predicates are satisfied.

Conclusion: The Technical Pillar of a Borderless Credential Ecosystem

This static analysis reveals that the success of a Blockchain-Based Academic Credential Verification platform hinges not on the blockchain itself, but on the correct implementation of SSI standards (DIDs, VCs, VPs, ZKPs) and the robustness of the key management lifecycle. The architecture is not a monolithic database but a distributed trust fabric where cryptographic proof replaces institutional authority as the basis for verification.

For the Erasmus+ mobility program, this means a student from Berlin can prove their academic standing to a university in Helsinki without either party needing to call the original institution's registrar. The system is resistant to forgery (due to public-key cryptography), private (due to zero-knowledge proofs), and portable (due to DIDs). Intelligent-Ps SaaS Solutions (https://www.intelligent-ps.store/) can operationalize this complex engineering stack, providing the necessary middleware, cloud infrastructure, and security compliance to ensure that the credential ecosystem remains resilient, scalable, and compliant with EU data protection regulations, thereby turning a technical possibility into a practical, cross-border reality.