SD-JWT

SD-JWT is the IETF draft specification for selective-disclosure JWTs. A credential is issued as a JWS (regular signed JWT), but with a specific claim structure: each disclosable claim is salted and hashed, and the JWT itself contains only the hashes. The actual claim values are transmitted as separate "disclosure" objects.

When a holder presents the credential, they send the JWT plus only the disclosures they want to reveal. A verifier can confirm the revealed claims match their hashes in the JWT, and that the JWT itself was signed by the issuer — without seeing the undisclosed claims at all.

SD-JWT is the format the EUDI Wallet is expected to adopt for selective-disclosure presentations. It's simpler than BBS+ signatures (no pairing-based cryptography) while still giving the privacy property. LearnCoin's OpenID4VCI work will include SD-JWT support as a credential format variant for EU wallet compatibility.