Home

Credential Bundling and VC Composability

Modular Authorization, Delegation, and Trust Composition in Complex Governance Environments

5.5.1 Why Credential Composability Matters

In NSF, governance actions often require:

  • Multi-role coordination (e.g., simulation operator + legal delegate)

  • Jurisdictional delegation (e.g., national to municipal disaster operator)

  • Nested responsibilities (e.g., a health credential dependent on environmental thresholds)

  • Time- or clause-bounded cross-domain validation

To manage these conditions without excessive overhead or rigid permissioning, NSF supports Credential Bundling and Verifiable Credential (VC) Composability.

This transforms isolated credentials into structured, modular trust bundles that encode dependencies, override paths, and inheritance logic—creating a programmable governance substrate.

5.5.2 Credential Bundle Definition

A Credential Bundle is:

  • A signed object referencing multiple VCs

  • Verified as a unit

  • Containing internal dependency logic

  • Anchored to a governing clause, jurisdiction, or DAO scope

  • Validated by VC integrity, bundle signature, and execution-time constraints

Bundle structure:

{
  "bundle_id": "vcbundle-0x9a7c...",
  "issuer": "UNDRR-DAO",
  "includes": [
    "DisasterReliefOperatorVC#0x91a2...",
    "SimulationModelVC#0x4ff9...",
    "DAOKeySignerVC#0x18f2..."
  ],
  "dependency_graph": {
    "DAOKeySignerVC": ["DisasterReliefOperatorVC"],
    "SimulationModelVC": []
  },
  "binding_clause": "UNDRR::[email protected]",
  "jurisdiction": "EGY",
  "valid_until": "2025-12-31"
}

5.5.3 Use Cases for VC Bundling

Use Case
Bundle Logic

Multi-role task execution

Clause requires environmental, legal, and operational VCs together

Jurisdictional delegation

Regional bundle delegates to sub-agency for specified actions

Redundant credential fallback

Clause accepts any VC in bundle as sufficient proof

Aggregate simulation authority

Multiple model VCs form required quorum for risk forecast

Disaster response capsule

Package of time-limited credentials enabling field agent autonomy

5.5.4 Dependency Graphs in Bundled Credentials

NSF bundles declare VC dependency graphs, allowing:

  • Clear path of authority

  • Nested trust chains

  • Execution-time evaluation of which credentials satisfy clause conditions

  • Visualization of trust flows in audit tooling

Example:

{
  "dependencies": {
    "ForecastModelVC": [],
    "ReliefOperatorVC": ["ForecastModelVC"],
    "DAOOverrideVC": ["ReliefOperatorVC"]
  }
}

This is parsed during clause execution to determine if action is fully authorized.

5.5.5 Composable Credential Types

Credential Type
Composable?
Notes

Operational

Can be nested for multi-role delegation

Legal

Must preserve clause scope integrity

Simulation

Composed using model quorum or proof aggregation

Credentialal

⚠️

Only composable if governance policy permits reissuance authority

Composable credentials may include:

  • Execution constraints

  • Clause or policy bindings

  • Role inheritance scope

  • Revocation propagation paths

5.5.6 Bundle Signature and Validation

Each credential bundle is:

  • Signed by a DAO, treaty org, or authorized issuer

  • Optionally counter-signed by component VC holders (e.g., multi-party agreement)

  • Verified by:

    • Credential integrity

    • Dependency resolution

    • DAO governance filter

    • Execution environment scope

Partial validation is possible for disclosed subsets (see 5.7 on selective disclosure).

5.5.7 Inheritance and Delegation Rules

VC bundles support:

  • Role delegation: Delegate specific actions from primary VC to field credential

  • Time-bounded inheritance: Temporary access granted based on superior VC

  • Geographic scoping: Jurisdictional filters applied to bundled VCs

  • Override logic: DAO or treaty-level revocation of entire bundle via parent clause

Delegation VCs must include a revocation path and trusted anchor signature.

5.5.8 Nested Credential Evaluation During Clause Execution

When a clause references a bundle:

require bundle("EmergencyReliefOperatorBundle")

The execution engine:

  • Loads all bundled VCs

  • Verifies inclusion, signature, and expiry

  • Resolves dependencies and jurisdictional filters

  • Checks CAC bindings to ensure clauses match trust logic

  • Rejects or accepts execution atomically

5.5.9 Integration with Audit and Registry Layers

Credential bundles are:

  • Registered with unique bundle_id

  • Indexed in the Credential Registry

  • Linked to component VCs

  • Displayed as graphs in the Audit Layer UI

  • Available for queries like:

show all bundles that include ForecastModelVC#0x44a1...

Or:

list bundles expiring before 2025-09-01 in jurisdiction = "KEN"

5.5.10 VC Composability as a Governance Primitive

Credential bundling and composability make NSF:

  • Modular: Separate credentials per role or layer

  • Scalable: Avoid duplication across agents and clauses

  • Auditable: Every trust link is declarative and verifiable

  • Programmatic: Execution logic respects nested governance scopes

  • Interoperable: Cross-jurisdiction bundles enable seamless execution across DAOs, treaties, and UN entities

NSF turns credentials from static tokens into dynamic trust assemblies, enabling compositional authorization, traceability, and digital institution-building at scale.

PreviousRevocation Infrastructure (Sparse Merkle, CRLs)NextTime-Limited and Conditional Credentials

Last updated

Was this helpful?