AI Trust Glossary · Canonical Definition
Infrastructure
Verifiable Credential
A W3C standard for tamper-evident digital credentials containing claims about a subject, signed by an issuer, and cryptographically verifiable by any party without contacting the issuer. In Borealis Protocol, BTS trust scores are evolving into Verifiable Credentials.
Explanation
A Verifiable Credential has three required components: (1) the issuer - the entity making the claim, identified by a DID; (2) the subject - the entity the claim is about, also identified by a DID; (3) the claims - the assertions being made. The entire credential is signed with the issuer's private key. Any verifier with the issuer's public key can confirm the credential has not been tampered with, without any connection to the issuer's system. This is called "offline verification."
Why it matters for AI trust
Today, verifying an AI agent's trust score requires an API call to borealismark-api.onrender.com. That's a runtime dependency - if the API is down, verification fails. Verifiable Credentials eliminate this dependency. Once a BTS score is issued as a VC, the agent can present it directly to any party, who verifies the cryptographic signature offline. For regulated deployments under EU AI Act, this means audit evidence that can be verified without Borealis Protocol being online or in business - a critical property for long-lived compliance records.
How Borealis uses it
Currently, BTS scores are stored in the database and anchored to Hedera HCS with a transaction ID. The next phase makes each score a signed VC: Borealis Protocol (as issuer) signs a claim that agent
did:bts:XXXX-XXXX-XXXX-XXXX achieved a BTS score of X with credit rating Y at timestamp Z, with Hedera TX ID as proof of anchoring. ARBITER and MAGISTRATE verdicts become third-party certification credentials - independent issuer signatures on the same subject DID.