Proposal: canton-vc, vendor-neutral KYC + verifiable credentials SDK

CLOSEDPull Request
by Farukest25-05-2026Declined
1.5M CC requested
needs-sig-label
References:CIP-0204
View on GitHub ↗← All Proposals

Development Fund Proposal Submission

Proposal file: https://github.com/Farukest/canton-dev-fund/blob/add-canton-vc-proposal/proposals/canton-vc.md

---

Summary

canton-vc is an open-source, vendor-neutral KYC + verifiable credentials SDK for Canton Network. It ships 7 npm packages at v0.3.0, a DAML package and DAR at v2.2.0 (Canton.VC.Credential implementing the CIP #204 Cip204.Standard.Credential interface plus the optional Cip204.Factory.CredentialFactory interface, a soulbound KycNFT companion, and Credential_PublicFetch for verifier-side disclosure verification), and three production KYC vendor adapters (Didit, Sumsub, Persona).

The Crivacy.io-specific predecessor of this pattern has been running in production on Canton mainnet since November 2025. The current mainnet DAR implements the CIP #204 standard verbatim, and this proposal open-sources the vendor-neutral surface under Apache 2.0 so other Canton firms can issue KYC credentials and perform cryptographically authenticated cross-firm credential verification without becoming contract stakeholders.

This proposal requests 1,500,000 CC across 4 milestones over 4 months: already-delivered open-source release acceptance, external security audit, Python SDK port, and adoption sub-KPIs (community adapter PRs, second issuer, verifier integration).

---

Checklist

  • [x] Proposal file added under /proposals/
  • [x] Milestones and funding amounts defined
  • [x] Acceptance criteria included
  • [x] Alignment with Canton priorities described

---

Notes for Reviewers

  • Label: regulatory-compliance
  • Champion: outreach in progress (see PR comments)
  • Standards alignment: CIP 204 — DRAFT: Canton Network Credentials Standard. Canton.VC.Credential implements Cip204.Standard.Credential verbatim; v2.2.0 also adopts the optional Cip204.Factory.CredentialFactory interface for bulk credential refresh.
  • Reference implementation in production: Crivacy.io has been running the predecessor credential pattern on Canton mainnet since November 2025. The deployment migrated to the Pure CIP 204 surface with DAR v2.1.0 (deployed 2026-04-21, package id 562bbc757d5ec55fba320bf7370588b356811b3f2556817f49098de467758ea4) and shipped the optional factory interface with DAR v2.2.0 on 2026-05-29 (package id 16fb51c2e9703cef173c76babd755afca9c7a01e34fc947aebc12205fdf0f719, vetted alongside v2.1.0 for the upgrade window).
  • Repository: https://github.com/Farukest/canton-vc (Apache 2.0). All 7 npm packages published at v0.3.0 under @canton-vc/*. CI matrix covers typecheck, biome, vitest, and DAML build across Node 20/22 on Linux, macOS, and Windows.
  • Live vendor smoke tests: all three adapters end-to-end verified against real APIs and Canton 3.4 mainnet (scripts/live-{didit,sumsub,persona}-canton-e2e-v2.ts). The 16-phase smoke per vendor exercises every DAML choice including Credential_PublicFetch, Credential_ArchiveAsHolder, RevokeCredential with NFT cascade, CredentialFactory_UpdateCredentials, createKycNft, standalone BurnNft, and the substitution-guard reject path.