Enterprise Credential Vocabulary
Abstract
This specification describes an experimental vocabulary for asserting Enterprise Credentials. Enterprises can use these credentials to prove certain claims about themselves to business partners. In addition, Enterprise Credentials can be used for authorisation purposes.
Click here to open the JSON-LD file: oid.jsonld
Use Case and Requirements
The following vocabulary is derived from the enterprise data collected and managed by the Bundesanzeiger. It provides an overview of the current presentation of existing data and maps it to credential schema definitions (JSON-LD). These can be used to create and define credentials, representing the data schema as the single source of truth for credentials based on these schemas.
Examples
The examples presented in this section are W3C-Credentials. For brevity, they are shown without proof. W3C-Credentials can be issued using any of the following proofs:
- LD-Proof
- JOSE
- JOSE + "Selective Disclosure for JWTs"
Natural Person Credential
The following example represents the credential of a Natural Person (NaturalPerson):
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://oid.spherity.com/contexts/oid/v1.jsonld"
],
"type": [
"VerifiableCredential",
"LegalEntityCertificate"
],
"id": "urn:uuid:f086cced-1153-4540-993b-b4d52ca499c2",
"validFrom": "2019-12-03T12:19:52Z",
"validUntil": "2029-12-03T12:19:52Z",
"issuer": "did:key:z6MkiY62766b1LJkExWMsM3QG4WtX7QpY823dxoYzr9qZvJ3",
"credentialSubject": {
"id": "did:key:fictive-1",
"type": "NaturalPerson",
"givenName": "JOHN",
"familyName": "DOE",
"gender": "Male",
"birthDate": "1970-01-01",
"domicile": {
"postalCode": "10119",
"addressCountry": "Germany",
"addressLocality": "Berlin"
}
}
}
This particular credential uses key binding to bind the credential to the holder. The holder of this credential is the Natural Person described in the credential subject. Therefore, a DID which is controlled by the Natural Persons is assigned to the term id of the credential subject. This enables the Natural Person to present this credential in form of a verifiable credential.
Legal Person Id Credential (aka LPID)
The following example shows a Legal Person Identification Data (LPID) Credential:
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://oid.spherity.com/contexts/oid/v1.jsonld"
],
"type": [
"VerifiableCredential",
"LegalEntityCertificate"
],
"id": "urn:uuid:f086cced-1153-4540-993b-b4d52ca499c2",
"validFrom": "2019-12-03T12:19:52Z",
"validUntil": "2029-12-03T12:19:52Z",
"issuer": "did:key:z6MkiY62766b1LJkExWMsM3QG4WtX7QpY823dxoYzr9qZvJ3",
"credentialSubject": {
"id": "did:key:fictive-1",
"type": "LegalPersonId",
"euid": "DEPLPOAG.123456789",
"companyName": "Flower Power AG"
}
}
This credential is bound to the Legal Entity. Therefore, a DID which is under control of the Legal Person is assigned to the term id of the credential subject.
Legal Person Base Data Credential
The following example shows a credential which includes two types within the credentialSubject.
The LegalPersonBaseData extends the LegalPersonId by additional base data of the enterprise.
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://oid.spherity.com/contexts/oid/v1.jsonld"
],
"type": [
"VerifiableCredential",
"LegalEntityCertificate"
],
"id": "urn:uuid:f086cced-1153-4540-993b-b4d52ca499c2",
"validFrom": "2019-12-03T12:19:52Z",
"validUntil": "2029-12-03T12:19:52Z",
"issuer": "did:key:z6MkiY62766b1LJkExWMsM3QG4WtX7QpY823dxoYzr9qZvJ3",
"credentialSubject": {
"id": "did:key:fictive-1",
"type": [
"LegalPersonId",
"LegalPersonBaseData"
],
"euid": "DEPLPOAG.123456789",
"companyName": "Flower Power AG",
"companyIdentifier": "urn:mdms:12345678",
"address": {
"type": "oid:LegalPersonAddress",
"postalCode": "10119",
"addressCountry": "Germany",
"addressLocality": "Berlin"
},
"registerIdentification": {
"registerType": "ABC123",
"registerTypeDescription": "Amtsgericht Tiergarten",
"registerLocation": "Berlin, Moabit",
"registerNumber": "123AVB",
"companyId": "ACDC",
"companyIdCountryCode": "DE"
},
"previousName": ["AL", "DI"],
"status": "active",
"liquidationStatus": "none",
"insolvencyStatus": "none",
"legalForm": "GmbH",
"isFoundation": false,
"isNfrdObligated": false,
"isTrust": false,
"businessObject": "Trading Company",
"registrationDate": "2010-01-01",
"exchange": {
"name": "Boerse Stuttgart",
"country": "Germany",
"marketIdentificationCode": "AA",
"tickerSymbol": "BB"
},
"isin": "1234567890",
"vatId": "22222ABC",
"ekrn": "3333",
"regulator": {
"name": "BaFin",
"regulatorId": "DeBa",
"description": "Int. Trade"
},
"wz2008": {
"type": "Industry",
"code": "IT",
"industryDescription": "Tech Int. Trade"
},
"nace020": {
"type": "Industry",
"code": "IT",
"industryDescription": "Tech Int. Trade"
},
"lei": "ABC988",
"leiStatus": "active",
"leiNextIssuance": "2027-01-10"
}
}
Legal Person Credential
This example shows a credential which holds the complete information about an enterprise in the credential subject including the relations to other legal entities.
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://oid.spherity.com/contexts/oid/v1.jsonld"
],
"type": [
"VerifiableCredential",
"LegalEntityCertificate"
],
"id": "urn:uuid:f086cced-1153-4540-993b-b4d52ca499c2",
"validFrom": "2019-12-03T12:19:52Z",
"validUntil": "2029-12-03T12:19:52Z",
"issuer": "did:key:z6MkiY62766b1LJkExWMsM3QG4WtX7QpY823dxoYzr9qZvJ3",
"credentialSubject": {
"id": "did:key:fictive-1",
"type": [
"LegalPersonId",
"LegalPersonBaseData",
"LegalPerson"
],
"euid": "ANY EUID",
"companyName": "Flower Power AG",
"companyIdentifier": "urn:mdms:12345678",
"address": {
"postalCode": "10119",
"addressCountry": "Germany",
"addressLocality": "Berlin"
},
"registerIdentification": {
"registerType": "ABC123",
"registerTypeDescription": "Amtsgericht Tiergarten",
"registerLocation": "Berlin, Moabit",
"registerNumber": "123AVB",
"companyId": "ACDC",
"companyIdCountryCode": "DE"
},
"previousName": ["AL", "DI"],
"status": "active",
"liquidationStatus": "none",
"insolvencyStatus": "none",
"legalForm": "GmbH",
"isFoundation": false,
"isNfrdObligated": false,
"isTrust": false,
"businessObject": "Trading Company",
"registrationDate": "2010-01-01",
"exchange": {
"name": "Boerse Stuttgart",
"country": "Germany",
"marketIdentificationCode": "AA",
"tickerSymbol": "BB"
},
"isin": "1234567890",
"vatId": "22222ABC",
"ekrn": "3333",
"regulator": {
"name": "BaFin",
"regulatorId": "DeBa",
"description": "Int. Trade"
},
"wz2008": {
"@type": "Industry",
"code": "IT",
"description": "Tech Int. Trade"
},
"nace020": {
"@type": "Industry",
"code": "IT",
"description": "Tech Int. Trade"
},
"lei": "ABC988",
"leiStatus": "active",
"leiNextIssuance": "2027-01-10",
"businessYear": {
"revenue": "2933",
"currency": "EUR",
"employeeCount": "39",
"balance": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"date": "2024-01-01"
},
"ultimateBeneficiaryOwner": {
"naturalPersonId": "did:key:fictive-2",
"capital": {
"share": {
"@type": "Share",
"relative": "20",
"absolute": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"absoluteInEur": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"isDirectShare": true
},
"votingRightsRelativeDirect": "20",
"shareRelativeDirect": "20"
},
"votingRights": {
"share": {
"@type": "Share",
"relative": "20",
"absolute": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"absoluteInEur": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"isDirectShare": true
},
"votingRightsRelativeDirect": "20",
"votingRightsRelative": "20",
"shareRelativeDirect": "20",
"otherControlReason": "20"
},
"otherControl": {
"share": {
"@type": "Share",
"relative": "20",
"absolute": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"absoluteInEur": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"isDirectShare": true
},
"votingRightsRelativeDirect": "20",
"shareRelativeDirect": "20"
},
"fictitious": {
"share": {
"@type": "Share",
"relative": "20",
"absolute": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"absoluteInEur": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"isDirectShare": true
},
"votingRightsRelativeDirect": "20",
"shareRelativeDirect": "20"
}
},
"functionary": {
"legalEntityId": "did:key:fictive-3",
"role": "CEO",
"isAuthorizedRepresentative": true,
"isExclusionOfParagraph181": false,
"authorizationExtent": "full"
},
"shareholder": {
"@type": "Shareholder",
"legalEntityId": "did:key:fictive-4",
"share": {
"@type": "Share",
"relative": "20",
"absolute": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"absoluteInEur": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"isDirectShare": true
},
"votingRightsRelative": "20"
},
"generalPartner": {
"@type": "Shareholder",
"legalEntityId": "did:key:fictive-6",
"share": {
"@type": "Share",
"relative": "20",
"absolute": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"absoluteInEur": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"isDirectShare": true
}
},
"directParentCompany": "did:key:fictive-7",
"ultimateParentCompany": "did:key:fictive-8",
"handoverFlag": false,
"handoverDescription": "no flag",
"evidence": {
"@type": "Evidence",
"source": "Transparency register",
"verifiedField": ["CEO", "CTO"],
"verificationDate": "2014-01-01"
}
}
}
Concepts
The Enterprise Credential embeds existing enterprise data into credentials. As a result, the embedded information can be used prove certain claims about the enterprise. It also enables representatives to prove their role within an enterprise to service providers and business partners.
For example, when opening a bank account on behalf of a company, the applicant needs to provide proof of authorisation and company information to undergo a KYC process. Today, this KYC process is mainly a manual endeavour that requires manual labour and involves waiting times. With the presentation of corporate credentials, the process can be fully automated, reducing time, overhead and liability risks. Verifiable credentials permit sharing information based on cryptographically signed data. The enterprise requests the credentials from the Bundesanzeiger receives an Enterprise Credential based on the official registered data. The Bundesanzeiger cryptographically asserts the correctness and authenticity of the data. The enterprise can then use this for further service providers With this setup, the bank institute can validate the data by itself and can check, if the credential was issued by a well known and eligible authority (e.g. the Bundesanzeiger).
Information Model - Enterprise Credential
Verifiable Credentials
The Enterprise Credential is a list of LegalEntityCertificate credentials. There are two kinds of legal entities: human and non-human. In law, a human person is called a Natural Person and a non-human person is called a Legal Person. Therefore, there are two types of credential subjects derived from the abstract class LegalEntity:
NaturalPersonLegalPerson
Legal Person Data Model (Enterprise)
The full data model of a Legal Person is shown below. There are three types representing a Legal Person depending on the amount of disclosed data:
LegalPersonIdonly containing ID and name of the companyLegalPersonBaseDatacontaining only the base data of the Legal Person, mostly describing the Legal Person itselfLegalPersondescribing the full structure of the Legal Person, including their relationship to other legal entities (Natural Persons and Legal Personss)
Please note that an Enterprise Credential issued by the register consists of a list of credentials which contains:
- one
LegalEntitycredential of the requesting Legal Entity - zero or more
LegalPersonBaseDatacredentials of related Legal Persons - zero or more
NaturalPersoncredentials of related Natural Persons
LegalPersonId (aka LPID)
The LegalPersonId is an unique identifier of a Legal Person, i.e. a corporation, firm or organisation.
LegalPersonBaseData
The LegalPersonBaseData extends the LegalPersonId by base data about the Legal Person.
LegalPerson
Legal Persons are entities such as corporations, firms or organisations. They are treated in law as if they were persons. The LegalPerson extends the LegalPersonBaseData by comprehensive data about the Legal Person, like relations to other legal entities.
Natural Person
Natural persons acquire legal personality "naturally", simply by being born.
Credential Vocabulary
LegalEntityCertificate
The LegalEntityCertificate is the top-level type of the Enterprise Credential which describes a legal entity.
euid
EUID technical structure (source):
<country code><business register code>.<domestic registration number>_<optional validation character>
Example from Bolagsverket: SEBOLREG.5560678965s
| Key | Value |
|---|---|
| Term | euid |
| URL | https://oid.spherity.com/oid#euid |
| Expected Value | string |
otherControlReason
Reason for Other Control of the Ultimate Beneficial Owner.
| Key | Value |
|---|---|
| Term | otherControlReason |
| URL | https://oid.spherity.com/oid#otherControlReason |
| Expected Value | string |
shareRelativeDirect
Percentage of Direct Shares in the Company Held by the Person.
| Key | Value |
|---|---|
| Term | shareRelativeDirect |
| URL | https://oid.spherity.com/oid#shareRelativeDirect |
| Expected Value | string |
votingRightsRelative
Total Percentage of Voting Rights in the Company Held Directly or Indirectly by the Person.
| Key | Value |
|---|---|
| Term | votingRightsRelative |
| URL | https://oid.spherity.com/oid#votingRightsRelative |
| Expected Value | string |
votingRightsRelativeDirect
Percentage of Direct Voting Rights of the Company Held by the Person.
| Key | Value |
|---|---|
| Term | votingRightsRelativeDirect |
| URL | https://oid.spherity.com/oid#votingRightsRelativeDirect |
| Expected Value | string |
votingRightsShare
Total Percentage of Voting Rights in the Company Held Directly or Indirectly by the Person.
| Key | Value |
|---|---|
| Term | votingRightsShare |
| URL | https://oid.spherity.com/oid#votingRightsShare |
| Expected Value | string |
NaturalPerson
A natural person describes a human who may act as a legal entity.
| Field | Description |
|---|---|
| familyName | Natural person's family name |
| givenName | Natural person's given name |
| gender | Natural person's specified gender |
| birthDate | Natural person's birth date |
| birthPlace | Natural person's birth place |
| postalAddress | Natural person's postal address |
| taxDomicile | Natural person's tax domicile |
| isAlive | Indicates if natural person is alive |
| jobTitle | Natural person's job title |
| citizenship | Natural person's citizenship |
| domicile | Natural person's current domicile |
familyName
Natural person's family name.
| Key | Value |
|---|---|
| Term | familyName |
| URL | http://schema.org/familyName |
givenName
Natural person's given name.
| Key | Value |
|---|---|
| Term | givenName |
| URL | http://schema.org/givenName |
gender
Natural person's specified gender.
| Key | Value |
|---|---|
| Term | gender |
| URL | http://schema.org/gender |
birthDate
Natural person's birth date.
| Key | Value |
|---|---|
| Term | birthDate |
| URL | http://schema.org/birthDate |
jobTitle
Natural person's job title.
| Key | Value |
|---|---|
| Term | familyName |
| URL | http://schema.org/jobTitle |
birthPlace
Natural person's birth place.
| Key | Value |
|---|---|
| Term | birthPlace |
| URL | http://schema.org/birthPlace |
postalAddress
Natural person's postal address.
| Key | Value |
|---|---|
| Term | postalAddress |
| URL | http://schema.org/PostalAddress |
taxDomicile
Natural person's tax domicile.
| Key | Value |
|---|---|
| Term | taxDomicile |
| URL | https://oid.spherity.com/oid#NaturalPerson_taxDomicile |
| Expected Value | http://schema.org/addressCountry |
isAlive
Indicates whether the natural person is alive.
| Key | Value |
|---|---|
| Term | isAlive |
| URL | https://oid.spherity.com/oid#NaturalPerson_isAlive |
| Expected Value | http://schema.org/Boolean |
citizenship
Natural person's citizenship.
| Key | Value |
|---|---|
| Term | citizenship |
| URL | https://oid.spherity.com/oid#NaturalPerson_citizenship |
| Expected Value | http://schema.org/addressCountry |
domicile
Natural person's current domicile.
| Key | Value |
|---|---|
| Term | domicile |
| URL | https://oid.spherity.com/oid#NaturalPerson_domicile |
| Field | Description |
|---|---|
| postalCode | Natural person's postal code |
| addressLocality | Natural person's address |
| addressCountry | Natural person's county code |
postalCode
Natural person's domicile postal code.
| Key | Value |
|---|---|
| Term | postalCode |
| URL | https://oid.spherity.com/oid#NaturalPerson_domicile_postalCode |
| Expected Value | https://schema.org/postalCode |
addressLocality
Natural person's domicile address.
| Key | Value |
|---|---|
| Term | addressLocality |
| URL | https://oid.spherity.com/oid#NaturalPerson_domicile_addressLocality |
| Expected Value | http://schema.org/addressLocality |
addressCountry
Natural person's domicile country code.
| Key | Value |
|---|---|
| Term | addressCountry |
| URL | https://oid.spherity.com/oid#NaturalPerson_domicile_addressCountry |
| Expected Value | http://schema.org/addressCountry |
LegalPersonId
The Legal Person Identification Data uniquely identifies a legal person, as defined by the EWC.
| Field | Description |
|---|---|
| euid | Unique id for legal persons |
| companyName | Name of the company |
companyName
The name of the company as defined in the official company registers.
| Key | Value |
|---|---|
| Term | companyName |
| URL | https://oid.spherity.com/oid#LegalPersonId_companyName |
| Expected Value | https://schema.org/name |
LegalPersonBaseData
Description of a Legal Entity according to registry.
| Field |
|---|
| companyIdentifier |
| address |
| registerIdentification |
| previousName |
| status |
| liquidationStatus |
| insolvencyStatus |
| legalForm |
| isFoundation |
| isNfrdObligated |
| isTrust |
| businessObject |
| registrationDate |
| exchange |
| isin |
| vatId |
| ekrn |
| regulator |
| wz2008 |
| nace020 |
| lei |
| isOnOrganizedMarket |
| leiStatus |
| leiNextIssuance |
companyIdentifier
The unique identification number provided by Bundesanzeiger Verlag, which identifies the company to be checked (focus Legal Entity) or entity (as part of the MDMS service).
| Key | Value |
|---|---|
| Term | companyIdentifier |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_companyIdentifier |
| Expected Value | string |
address
Address of the Legal Person according to the address in the official register.
| Key | Value |
|---|---|
| Term | address |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_address |
| Field | Description |
|---|---|
| postalCode | Legal Person's postal code |
| addressLocality | Legal Person's address |
| addressCountry | Country the Legal Person is registered in |
registerIdentification
Information about the official register in which the focus company is registered.
| Key | Value |
|---|---|
| Term | registerIdentification |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_registerIdentification |
| Field | Description |
|---|---|
| registerType | Register code |
| registerTypeDescription | Registration authority |
| registerLocation | Name of the district court |
| registerNumber | Official identification number |
| companyId | Identification number of the company |
| companyIdCountryCode | Country code for the identification number |
registerType
Register code in which the focus company is registered according to the official register.
| Key | Value |
|---|---|
| Term | registerType |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_registerIdentification_registerType |
| Expected Value | string |
registerTypeDescription
Registration authority where the focus company is registered according to the official register.
| Key | Value |
|---|---|
| Term | registerTypeDescription |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_registerIdentification_registerType |
| Expected Value | string |
registerLocation
Name of the district court where the focus company is registered according to the official register.
| Key | Value |
|---|---|
| Term | registerLocation |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_registerIdentification_registerLocation |
| Expected Value | string |
registerNumber
Official identification number of the district court where the focus company is registered according to the official register.
| Key | Value |
|---|---|
| Term | registerNumber |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_registerIdentification_registerNumber |
| Expected Value | string |
companyId
Identification number of the company in the register (international) according to the official national register.
| Key | Value |
|---|---|
| Term | companyId |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_registerIdentification_companyId |
| Expected Value | string |
companyIdCountryCode
Country code for the identification number of the company in the register (international) according to the official national register.
| Key | Value |
|---|---|
| Term | companyIdCountryCode |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_registerIdentification_companyIdCountryCode |
| Expected Value | string |
previousName
Previous registered names of the focus company according to the official register
| Key | Value |
|---|---|
| Term | previousName |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_previousName |
| Expected Value | string |
status
Activity status of the focus company according to the official register.
| Key | Value |
|---|---|
| Term | status |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_status |
| Expected Value | string |
liquidationStatus
Liquidation status of the focus company.
| Key | Value |
|---|---|
| Term | liquidationStatus |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_liquidationStatus |
| Expected Value | string |
insolvencyStatus
Insolvency status of the focus company.
| Key | Value |
|---|---|
| Term | insolvencyStatus |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_insolvencyStatus |
| Expected Value | string |
legalForm
Legal form of the focus company according to the official register.
| Key | Value |
|---|---|
| Term | legalForm |
| URL | https://oid.spherity.com/oid#legalForm |
| Expected Value | string |
isFoundation
Indicates whether the focus company is a foundation.
| Key | Value |
|---|---|
| Term | isFoundation |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_isFoundation |
| Expected Value | https://schema.org/Boolean |
isNfrdObligated
Indicates whether the focus company is required to report under the Nfrd (Non financial reporting directive) with regard to the new CSRD - Corprate Sustainability Reporting Directive.
| Key | Value |
|---|---|
| Term | isNfrdObligated |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_isNfrdObligated |
| Expected Value | https://schema.org/Boolean |
isTrust
Indicates whether the focus company is a trust.
| Key | Value |
|---|---|
| Term | isTrust |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_isTrust |
| Expected Value | https://schema.org/Boolean |
businessObject
Description of the type of business activities of the company, including the type and purpose according to the official register.
| Key | Value |
|---|---|
| Term | businessObject |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_businessObject |
| Expected Value | string |
registrationDate
Date the company was registered.
| Key | Value |
|---|---|
| Term | registrationDate |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_registrationDate |
| Expected Value | https://schema.org/date |
exchange
Stock exchange of the focus Legal Entity.
| Key | Value |
|---|---|
| Term | exchange |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_exchange |
| Field | Description |
|---|---|
| name | Name of the stock exchange |
| country | Country of the stock exchange |
| marketIdentificationCode | Stock exchange identification code |
| ticketSymbol | Stock ticker symbol |
marketIdentificationCode
Stock exchange identification code of the focus Legal Entity.
| Key | Value |
|---|---|
| Term | country |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_exchange_marketIdentificationCode |
| Expected Value | string |
tickerSymbol
Stock ticker symbol of the focus Legal Entity.
| Key | Value |
|---|---|
| Term | ticketSymbol |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_exchange_tickerSymbol |
| Expected Value | string |
isin
ISIN - international securities identification number for the uniquely identified security of the focus Legal Entity.
| Key | Value |
|---|---|
| Term | isin |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_isin |
| Expected Value | string |
ekrn
EKRN (Uniform and Continuous Legal Entity Number) is the identification number assigned to the focus company by the transparency register upon initial registration.
| Key | Value |
|---|---|
| Term | ekrn |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_ekrn |
| Expected Value | string |
regulator
Descriptions of the responsible regulator.
| Key | Value |
|---|---|
| Term | regulator |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_regulator |
| Field | Description |
|---|---|
| name | Regulator name |
| regulatorId | Assigned ID |
| description | Classification of the type of entity |
regulatorId
Identification of whether the company is registered with BaFin (Federal Financial Supervisory Authority in Germany).
| Key | Value |
|---|---|
| Term | regulatorId |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_regulator_regulatorId |
| Expected Value | string |
description
Classification of the type of entity according to BaFin (Federal Financial Supervisory Authority in Germany) definition.
| Key | Value |
|---|---|
| Term | description |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_regulator_description |
| Expected Value | string |
wz2008
wz2008 industry description.
| Key | Value |
|---|---|
| Term | wz2008 |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_wz2008 |
| Expected Value | https://oid.spherity.com/oid#Industry |
nace020
nace020 industry description.
| Key | Value |
|---|---|
| Term | nace020 |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_nace020 |
| Expected Value | https://oid.spherity.com/oid#Industry |
lei
Company ID according to LEI (Legal Entity Identifier).
| Key | Value |
|---|---|
| Term | lei |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_lei |
| Expected Value | string |
isOnOrganizedMarket
Company ID according to LEI (Legal Entity Identifier).
| Key | Value |
|---|---|
| Term | isOnOrganizedMarket |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_isOnOrganizedMarket |
| Expected Value | https://schema.org/Boolean |
leiStatus
Status of the LEI (Legal Entity Identifier).
| Key | Value |
|---|---|
| Term | leiStatus |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_leiStatus |
| Expected Value | string |
leiNextIssuance
Next date for a new LEI (Legal Entity Identifier) issuance.
| Key | Value |
|---|---|
| Term | leiNextIssuance |
| URL | https://oid.spherity.com/oid#LegalPersonBaseData_leiNextIssuance |
| Expected Value | https://schema.org/date |
Industry
Description of Industries according defined by different authorities.
| Key | Value |
|---|---|
| Term | Industry |
| URL | https://oid.spherity.com/oid#Industry |
code
Standardized industry code.
| Key | Value |
|---|---|
| Term | code |
| URL | https://oid.spherity.com/oid#Industry_code |
| Expected Value | string |
industryDescription
Standardized industry description.
| Key | Value |
|---|---|
| Term | industryDescription |
| URL | https://oid.spherity.com/oid#Industry_description |
| Expected Value | string |
LegalPerson
Description of a Legal Person, including its business details and ownership information.
| Field | Description |
|---|---|
| businessYear | Information about the business year, including revenue, currency, employee count, balance, and date |
| ultimateBeneficiaryOwner | Details of the ultimate beneficiary owner, including person, capital, voting rights, other control, and fictitious entries |
| functionary | Information about the functionary associated with the Legal Person |
| shareholder | Information about shareholders |
| generalPartner | Information about general partners |
| directParentCompany | Information about the direct parent company |
| ultimateParentCompany | Information about the ultimate parent company |
| handoverFlag | Indicator whether there is a handover |
| handoverDescription | Description of the handover |
| evidence | Evidence related to the Legal Person |
businessYear
Details about the business year of the Legal Person.
| Key | Value |
|---|---|
| Term | businessYear |
| URL | https://oid.spherity.com/oid#LegalPerson_businessYear |
| Field | Description |
|---|---|
| revenue | Revenue of the Legal Entity during the business year |
| currency | Currency of the revenue |
| employeeCount | Number of employees during the business year |
| balance | Balance information for the business year |
| date | Date of the financial statements |
revenue
Revenue of the Legal Entity during the business year.
| Key | Value |
|---|---|
| Term | revenue |
| URL | https://oid.spherity.com/oid#LegalPerson_businessYear_revenue |
| Expected Value | string |
employeeCount
Number of employees during the business year.
| Key | Value |
|---|---|
| Term | employeeCount |
| URL | https://oid.spherity.com/oid#LegalPerson_businessYear_employeeCount |
| Expected Value | string |
balance
Balance information for the business year.
| Key | Value |
|---|---|
| Term | balance |
| URL | https://oid.spherity.com/oid#LegalPerson_businessYear_balance |
| Expected Value | https://oid.spherity.com/oid#Balance |
ultimateBeneficiaryOwner
Details of the ultimate beneficiary owner.
| Key | Value |
|---|---|
| Term | ultimateBeneficiaryOwner |
| URL | https://oid.spherity.com/oid#LegalPerson_ultimateBeneficiaryOwner |
| Field | Description |
|---|---|
| naturalPersonId | Natural person Id of the ultimate ultimate beneficiary owner |
| natureOfInterest | Element used to provide information about nature of interest |
| description | Textual description of the entity |
| ownershipType | Direct or indirect ownership |
| registrableDate | Date of UBO registration |
| inactiveDate | Specifies when the entity became inactive |
| lastChangeDate | Last date the UBO information was changed |
| capital | Details about the capital held by the ultimate beneficiary owner |
| votingRights | Information about the voting rights held by the ultimate beneficiary owner |
| otherControl | Other control details of the ultimate beneficiary owner |
| fictitious | Fictitious details of the ultimate beneficiary owner |
natureOfInterest
The element is used to provide information about nature of interest.
| Key | Value |
|---|---|
| Term | natureOfInterest |
| URL | https://oid.spherity.com/oid#LegalPerson_ultimateBeneficiaryOwner_natureOfInterest |
| Expected Value | string |
description
Optional textual description of the entity.
| Key | Value |
|---|---|
| Term | description |
| URL | https://oid.spherity.com/oid#LegalPerson_ultimateBeneficiaryOwner_description |
| Expected Value | string |
ownershipType
Specifies if the ownership is direct or indirect.
| Key | Value |
|---|---|
| Term | ownershipType |
| URL | https://oid.spherity.com/oid#LegalPerson_ultimateBeneficiaryOwner_ownershipType |
| Expected Value | string |
registrableDate
Specifies the date the UBO was first registered.
| Key | Value |
|---|---|
| Term | registrableDate |
| URL | https://oid.spherity.com/oid#LegalPerson_ultimateBeneficiaryOwner_registrableDate |
| Expected Value | http://schema.org/Date |
inactiveDate
Specifies the date the UBO became inactive.
| Key | Value |
|---|---|
| Term | inactiveDate |
| URL | https://oid.spherity.com/oid#LegalPerson_ultimateBeneficiaryOwner_inactiveDate |
| Expected Value | http://schema.org/Date |
lastChangeDate
Specifies the date the UBO was last modified.
| Key | Value |
|---|---|
| Term | lastChangeDate |
| URL | https://oid.spherity.com/oid#LegalPerson_ultimateBeneficiaryOwner_lastChangeDate |
| Expected Value | http://schema.org/Date |
naturalPersonId
Unique Id of the person who is the ultimate beneficiary owner. This Id is the Id of the credentials subject information of the natural person certificate providing all natural person information.
| Key | Value |
|---|---|
| Term | naturalPersonId |
| URL | https://oid.spherity.com/oid#LegalPerson_ultimateBeneficiaryOwner_naturalPersonId |
| Expected Value | DID |
capital
Details about the capital held by the ultimate beneficiary owner.
| Key | Value |
|---|---|
| Term | capital |
| URL | https://oid.spherity.com/oid#LegalPerson_ultimateBeneficiaryOwner_capital |
| Field | Description |
|---|---|
| share | Information about the share held |
| votingRightsRelativeDirect | Relative direct voting rights |
| shareRelativeDirect | Relative direct share |
share
This term appears multiple times in the document. Needs to be reviewed.
Information about the share held by the ultimate beneficiary owner.
| Key | Value |
|---|---|
| Term | share |
| URL | https://oid.spherity.com/oid#LegalPerson_ultimateBeneficiaryOwner_capital_share |
| Expected Value | https://oid.spherity.com/oid#Share |
votingRights
Information about the voting rights held by the ultimate beneficiary owner.
| Key | Value |
|---|---|
| Term | votingRights |
| URL | https://oid.spherity.com/oid#LegalPerson_ultimateBeneficiaryOwner_votingRights |
| Field | Description |
|---|---|
| share | Information about the share of voting rights |
| votingRightsRelativeDirect | Relative direct voting rights |
| votingRightsRelative | Relative voting rights |
| shareRelativeDirect | Relative direct share |
| otherControlReason | Reason for other control |
share
This term appears multiple times in the document. Needs to be reviewed.
Information about the share of voting rights held by the ultimate beneficiary owner.
| Key | Value |
|---|---|
| Term | share |
| URL | https://oid.spherity.com/oidLegalPerson_ultimateBeneficiaryOwner_votingRights_share |
| Expected Value | https://oid.spherity.com/oid#Share |
otherControl
Other control details of the ultimate beneficiary owner.
| Key | Value |
|---|---|
| Term | otherControl |
| URL | https://oid.spherity.com/oid#LegalPerson_ultimateBeneficiaryOwner_otherControl |
| Field | Description |
|---|---|
| share | Information about the share |
| votingRightsRelativeDirect | Relative direct voting rights |
| shareRelativeDirect | Relative direct share |
fictitious
Fictitious details of the ultimate beneficiary owner.
| Key | Value |
|---|---|
| Term | fictitious |
| URL | https://oid.spherity.com/oidLegalPerson_ultimateBeneficiaryOwner_fictitious |
| Field | Description |
|---|---|
| share | Information about the share |
| votingRightsRelativeDirect | Relative direct voting rights |
| shareRelativeDirect | Relative direct share |
share
This term appears multiple times in the document. Needs to be reviewed.
Information about the share in fictitious control.
| Key | Value |
|---|---|
| Term | share |
| URL | https://oid.spherity.com/oid#fictitiousShareLegalPerson_ultimateBeneficiaryOwner_fictitious_share) |
| Expected Value | https://oid.spherity.com/oid#Share |
functionary
Information about the functionary associated with the Legal Person
| Key | Value |
|---|---|
| Term | functionary |
| URL | https://oid.spherity.com/oid#LegalPerson_functionary |
| Field | Description |
|---|---|
| legalEntityId | Legal entity id of the functionary |
| role | Role of the functionary |
| isAuthorizedRepresentative | Indicator if the functionary is an authorized representative |
| isExclusionOfParagraph181 | Indicator if the functionary is excluded from Paragraph 181 |
| authorizationExtent | Extent of the functionary's authorization |
legalEntityId
Legal entity of the functionary.
| Key | Value |
|---|---|
| Term | legalEntityId |
| URL | https://oid.spherity.com/oid#LegalPerson_functionary_legalEntityId |
| Expected Value | DID |
role
Role of the functionary.
| Key | Value |
|---|---|
| Term | role |
| URL | https://oid.spherity.com/oid#LegalPerson_functionary_role |
| Expected Value | string |
isAuthorizedRepresentative
Indicator if the functionary is an authorized representative.
| Key | Value |
|---|---|
| Term | isAuthorizedRepresentative |
| URL | https://oid.spherity.com/oid#LegalPerson_functionary_isAuthorizedRepresentative |
| Expected Value | https://schema.org/Boolean |
isExclusionOfParagraph181
Indicator if the functionary is excluded from Paragraph 181.
| Key | Value |
|---|---|
| Term | isExclusionOfParagraph181 |
| URL | https://oid.spherity.com/oid#LegalPerson_functionary_isExclusionOfParagraph181 |
| Expected Value | https://schema.org/Boolean |
authorizationExtent
Extent of the functionary's authorization.
| Key | Value |
|---|---|
| Term | authorizationExtent |
| URL | https://oid.spherity.com/oid#LegalPerson_functionary_authorizationExtent |
| Expected Value | string |
shareholder
Information about shareholders.
| Key | Value |
|---|---|
| Term | shareholder |
| URL | https://oid.spherity.com/oid#LegalPerson_shareholder |
| Expected Value | https://oid.spherity.com/oid#Shareholder |
generalPartner
Information about general partners.
| Key | Value |
|---|---|
| Term | generalPartner |
| URL | https://oid.spherity.com/oid#LegalPerson_generalPartner |
| Expected Value | [https://oid.spherity.com/oid#Shareholder |
directParentCompany
Unique Id of the direct parent company. This Id is the Id of the credential subject of the legal entity certificate.
| Key | Value |
|---|---|
| Term | directParentCompany |
| URL | https://oid.spherity.com/oid#LegalPerson_directParentCompany |
| Expected Value | DID |
ultimateParentCompany
Unique Id of the ultimate parent company. This Id is the Id of the credential subject of the legal entity certificate.
| Key | Value |
|---|---|
| Term | ultimateParentCompany |
| URL | https://oid.spherity.com/oid#LegalPerson_ultimateParentCompany |
| Expected Value | DID |
handoverFlag
Indicator whether there is a handover.
| Key | Value |
|---|---|
| Term | handoverFlag |
| URL | https://oid.spherity.com/oid#LegalPerson_handoverFlag |
| Expected Value | https://schema.org/Boolean |
handoverDescription
Description of the handover.
| Key | Value |
|---|---|
| Term | handoverDescription |
| URL | https://oid.spherity.com/oid#LegalPerson_handoverDescription |
| Expected Value | string |
evidence
Evidence related to the Legal Entity.
| Key | Value |
|---|---|
| Term | evidence |
| URL | https://oid.spherity.com/oid#LegalPerson_evidence |
| Expected Value | https://oid.spherity.com/oid#Evidence |
Balance
Balance information for the Legal Entity.
| Key | Value |
|---|---|
| Term | Balance |
| URL | https://oid.spherity.com/oid#Balance |
| Field | Description |
|---|---|
| amount | Amount of the balance |
| currency | Currency of the balance |
amount
Amount of the balance.
| Key | Value |
|---|---|
| Term | amount |
| URL | https://oid.spherity.com/oid#Balance_amount |
| Expected Value | string |
Share
Information about shares.
| Key | Value |
|---|---|
| Term | Share |
| URL | https://oid.spherity.com/oid#Share |
| Field | Description |
|---|---|
| relative | Relative share value |
| absolute | Absolute share value |
| absoluteInEur | Absolute share value in EUR |
| isDirectShare | Indicator if it is a direct share |
relative
Relative share value.
| Key | Value |
|---|---|
| Term | relative |
| URL | https://oid.spherity.com/oid#Share_relative |
| Expected Value | string |
absolute
Absolute share value.
| Key | Value |
|---|---|
| Term | absolute |
| URL | https://oid.spherity.com/oid#Share_absolute |
| Expected Value | https://oid.spherity.com/oid#Balance |
absoluteInEur
Absolute share value in EUR.
| Key | Value |
|---|---|
| Term | absoluteInEur |
| URL | https://oid.spherity.com/oid#Share_absoluteInEur |
| Expected Value | https://oid.spherity.com/oid#Balance |
isDirectShare
Indicator if it is a direct share.
| Key | Value |
|---|---|
| Term | isDirectShare |
| URL | https://oid.spherity.com/oid#Share_isDirectShare |
| Expected Value | https://schema.org/Boolean |
Shareholder
Information about shareholders.
| Key | Value |
|---|---|
| Term | Shareholder |
| URL | https://oid.spherity.com/oid#Shareholder |
| Field | Description |
|---|---|
| legalEntityId | Legal entity Id of the shareholder |
| share | Share information |
| votingRightsRelative | Relative voting rights |
legalEntityId
This term should be checked
Legal Entity Id of the shareholder. This Id is the Id of the credential subject of the legal entity certificate.
| Key | Value |
|---|---|
| Term | legalEntityId |
| URL | https://oid.spherity.com/oid#Shareholder_legalEntityId |
| Expected Value | DID |
share
This term appears multiple times in the document. Needs to be reviewed
Share information of the shareholder.
| Key | Value |
|---|---|
| Term | share |
| URL | https://oid.spherity.com/oid#Shareholder_share |
| Expected Value | https://oid.spherity.com/oid#Share |
ShareholderLegalPerson
Information about Legal Persons who are shareholders.
| Key | Value |
|---|---|
| Term | ShareholderLegalPerson |
| URL | https://oid.spherity.com/oid#ShareholderLegalPerson |
| Field | Description |
|---|---|
| handover | Handover information |
| handoverDescription | Description of the handover |
| shareholder | Information about the shareholder |
| generalPartner | Information about the general partner |
handover
Handover information for the Legal Person.
| Key | Value |
|---|---|
| Term | handover |
| URL | https://oid.spherity.com/oid#ShareholderLegalPerson_handover |
| Expected Value | https://schema.org/Boolean |
handoverDescription
Description of the handover.
| Key | Value |
|---|---|
| Term | handoverDescription |
| URL | https://oid.spherity.com/oid#ShareholderLegalPerson_handoverDescription |
| Expected Value | string |
shareholder
Information about the shareholder.
| Key | Value |
|---|---|
| Term | shareholder |
| URL | https://oid.spherity.com/oid#ShareholderLegalPerson_shareholder |
| Expected Value | https://oid.spherity.com/oid#Shareholder |
generalPartner
Information about the general partner.
| Key | Value |
|---|---|
| Term | generalPartner |
| URL | https://oid.spherity.com/oid#ShareholderLegalPerson_generalPartner |
| Expected Value | https://oid.spherity.com/oid#Shareholder |
Evidence
Evidence related to the Legal Entity.
| Key | Value |
|---|---|
| Term | Evidence |
| URL | https://oid.spherity.com/oid#Evidence |
| Field | Description |
|---|---|
| source | Source of the evidence |
| verifiedField | Verified field |
| verificationDate | Date of verification |
source
Source of the evidence.
| Key | Value |
|---|---|
| Term | source |
| URL | https://oid.spherity.com/oid#Evidence_source |
| Expected Value | string |
verifiedField
Verified field in the evidence.
| Key | Value |
|---|---|
| Term | verifiedField |
| URL | https://oid.spherity.com/oid#Evidence_verifiedField |
| Expected Value | string |
verificationDate
Date of verification.
| Key | Value |
|---|---|
| Term | verificationDate |
| URL | https://oid.spherity.com/oid#Evidence_verificationDate |
| Expected Value | https://schema.org/date |
References
- Verifiable Credentials Data Model v2.0. Manu Sporny, Ted Thibodeau Jr, Ivan Herman, Michael B. Jones, Gabe Cohen. 2024
Annex A - Proof comparison with LPID credential
Annex A.1 - EcdsaSecp256r1Signature2019
Example of a LPID W3C credential protected by a LD-Proof using a EcdsaSecp256r1Signature2019 signature.
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://oid.spherity.com/contexts/oid/v1.jsonld"
],
"type": [
"VerifiableCredential",
"LegalEntityCertificate"
],
"credentialSubject": {
"id": "did:key:zDnaeyXvqvYVJhVBe2ysSQ2Z4LwW8L8ZWrkqzsczLTf8PjDGA",
"type": "LegalPersonId",
"euid": "HUOCCSZ12345678",
"companyName": "Flower Power AG"
},
"issuer": "did:key:zDnaepBuvsQ8cpsWrVKw8fbpGpvPeNSjVPTWoq6cRqaYzBKVP",
"validFrom": "2023-08-24T13:06:21Z",
"proof": {
"@context": "https://www.w3.org/ns/credentials/v2",
"type": "EcdsaSecp256r1Signature2019",
"created": "2023-08-24T13:06:21Z",
"proofPurpose": "assertionMethod",
"verificationMethod": "did:key:zDnaepBuvsQ8cpsWrVKw8fbpGpvPeNSjVPTWoq6cRqaYzBKVP#zDnaepBuvsQ8cpsWrVKw8fbpGpvPeNSjVPTWoq6cRqaYzBKVP",
"proofValue": "8upuIPtJVkTkunL9/tKH/cgnVZweG1f8mdMaAdu7KG3zWqfQhKuHuwnjmUttBhdzDhfdVB1qSh/2pcXWgYdQ/w=="
}
}
The holder controls the private key belonging to the credential subject id did:key:zDnaeyXvqvYVJhVBe2ysSQ2Z4LwW8L8ZWrkqzsczLTf8PjDGA. He signs the presentation using this key in order to authenticates as holder against the verifier.
Annex A.2 - Ecdsa 2023 with selective disclosure
Example of a LPID W3C credential including a LD-Proof using a ecdsa-sd-2023 signature. The example uses ecdsa multikeys and uses did:key method for issuer and holder binding.
Specifications:
- https://www.w3.org/TR/vc-data-model/#dfn-verifiable-credentials
- https://www.w3.org/TR/vc-di-ecdsa/
- https://w3c.github.io/vc-data-integrity/
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://oid.spherity.com/contexts/oid/v1.jsonld",
"https://w3id.org/security/data-integrity/v2"
],
"credentialSubject": {
"id": "did:key:zDnaeedsxPevxCm5LG4jQHG2DNgHyny9Duis8aGReRoKNaRtL",
"type": "LegalPersonId",
"euid": "DEPLPOAG.123456789",
"companyName": "Flower Power AG"
},
"validUntil": "2029-12-03T12:19:52Z",
"validFrom": "2019-12-03T12:19:52Z",
"issuer": "did:key:zDnaekozcqN7AkYygVYGAzdsWGjx4vwAAdaDWWvskYZtU2Lbr",
"type": [
"VerifiableCredential",
"LegalEntityCertificate"
],
"proof": {
"type": "DataIntegrityProof",
"created": "2024-07-02T09:44:09Z",
"verificationMethod": "did:key:zDnaekozcqN7AkYygVYGAzdsWGjx4vwAAdaDWWvskYZtU2Lbr#zDnaekozcqN7AkYygVYGAzdsWGjx4vwAAdaDWWvskYZtU2Lbr",
"cryptosuite": "ecdsa-sd-2023",
"proofPurpose": "assertionMethod",
"proofValue": "u2V0AhVhAcFCTqNxuCDdpt-a3UmSLNklG8Hhtcv0hMTY86vu50BhJWSYcFnXPdGAmv080QVojJW_ZCnSmlKqDQGpgEJUwMFgjgCQDvqVEqlWWu0a8r7af4MCUk1BxtGw5u8ODk0g2cseynBVYIPVGUvZXxhBA1RIVjeDLAJzBJqUj20522DKDvB06_sHmiVhA1smUhQcRrv33Io7_nlEh4MI-gSa72DsrgAAy1sSWsj8sGlbBuPHdf3R0cPUNCmSHot2gnCdz_JQp8GhtLgH5iFhAsFmKHHMRvqxTTcvgumLzsWK6gFm6Jynuab7B3jVVCObxXE9GR1xWkNXe8ghruO4YtNrJHg-JIF1yegMIYoYUIVhAqNGuV0vdHFzRb901HIG7FZkvNKpl85lmm3AroKEukrG5EPeZqCnwjzX0z5OoAdxzzCazogelzBBQ7Muiy9167lhAQPkFnVPzvrg6b2doh1hAy21FuD_a5VnCSui4-QGYfl3OXcWxZepBccb6RMf8VFP3gz8AiSZO7KM0ui-PGF1zP1hAUvsgfxK1o-CKeB7_uVSv34sao5rJFqZMJlw6PzJ1pXR4raTIDxeoJuhSN12vJ09LFbC8nofCE9bMf07R7PDLdlhAz41-iAJcwDR0zZAQ4wUQ2nP1un75wI2mHVn6ur8tDHv40rbvAOUUxHTUXaJfJKEaU1S40TXqiY5ALmkBn1dBrFhA2YYD2TQsziVOaIEB4M5_Bw1qW9yeAqjLjR8eAS2MvmhBLFld95WJuv-SaAjPpGFV0d-RfkPJX-5w3JpfwsKaSlhAIoKxsi3vaDyu2tblaw4SBkJINFvd81dtsJMMHqBucww4nQRzQho03V1okSsqjF4coL4AIqOFHMMQfkgeMiloQFhADpQtf26t-dzariHI0j7oZD6mWQRIvzUYRy53GOywgdRNKQ-D1EkE_kQED9_INUkl99W2pphgDMPrf95d-xA7Q4A"
}
}
Each value under the credential subject can be selective disclosed, by deriving the proof. When leaving out the company name, the derived credential would look like this:
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://oid.spherity.com/contexts/oid/v1.jsonld",
"https://w3id.org/security/data-integrity/v2"
],
"type": [
"VerifiableCredential",
"LegalEntityCertificate"
],
"credentialSubject": {
"id": "did:key:zDnaeqfpRavGNV3EiDTZBJ2CTt8nKZDAfAUcaN1bmBEcGsuAN",
"type": "LegalPersonId",
"euid": "DEPLPOAG.123456789"
},
"proof": {
"type": "DataIntegrityProof",
"created": "2024-07-02T09:49:49Z",
"verificationMethod": "did:key:zDnaeR4heVyHbhLPyzrzEd8xqupG1VAHj7BHXHu2Sb1FaZWSy#zDnaeR4heVyHbhLPyzrzEd8xqupG1VAHj7BHXHu2Sb1FaZWSy",
"cryptosuite": "ecdsa-sd-2023",
"proofPurpose": "assertionMethod",
"proofValue": "u2V0BhVhACd9JgGb9ITlwa8njCT62JEEeBd8vqM59cg9mRcxkc93mAFB-RRVnxXnxP_OgPo_FYfDzz3tKHLId-r10dKnsT1gjgCQDxX2U4HRo5dnWfzlV7P3YM8kb4KsazrcVRPiAGfkJ1yiFWEBfjd2DuF0NDWJ9B1kskLxmGPERiy1swxygG1St4RNo1rIRK1Q9WMOUJa37YcTkW0LZOD-oxq00ZDNqTUYh4dQgWEDsc6ZgyauIOxq7HbT3RiCMiw88-DpwLtET1E5X2en9AIGD6xe-7CF5w8MHW_fPhNt1kLSk9DLBsFZHNqONhukGWEDM3ABMureZc6aSAUBZKJ0e1ViNWvPnsKwNPcjTllKiHSYShRjIAeo4xWDIc2PtHRpjkbwjOjBz0IVYOwZJGEBIWEDvx8Y8i7HiluG5OPWdaK-qCpzo4UUBOka7AhDeCPrvbEjOzfTDlCuyhQ11LmFh6LP3ZVHygFr-JcBtSIkzfNR8WEDMCCX7vydvzCZm_LV_g1cuviBvfYZp4LmYF2GwwAN1_3nPMifPWnkSzv-AjrU9xqNX7R1Br7zgG-ARllaYhjsGoQBYIOA12z6Y1mILTSgzCbX6prmoaKI7zRZhtmjVxpyZT20mgA"
}
}
Annex A.3 - SD-JWT LPID credential
Example of a SD-JWT credential using ES256. Every disclosure value is hashed with a salt value (minimum 128 bits of cryptographically secure random) using the algorithm defined in _sd_alg. This digest, together with dummy decoy digests, is stored with random order in the token (under _sd) and the nonce is kept secret until disclosure. Keep in mind, the following JSON does not contain any proof nor the disclosure definitions it self. Only the string representation of the JWT token is signed by the issuer and contains the disclosures.
{
"vct": "https://oid.spherity.com/oid#LegalPersonId",
"iss": "did:key:zNGbSC9VYff6tTGyp7jPbK5D9BpWMdSMtGdkHd3MDi7QWDPQ2RaaCCXWtaXxo7RGctWKGyGrDr8fmHCa6HX4dsxhw",
"cnf": {
"jwk": {
"key_ops": [
"verify"
],
"ext": true,
"kty": "EC",
"x": "mtXN2SIoPBOl6Ul9sUwZNR3WBYQ8xSMYgARbgp35aco",
"y": "QwXQzHD62zbCQK5Srz8oYoIrrQDlF6nQrD3NvJyih8s",
"crv": "P-256"
}
},
"_sd": [
"09G5wxf4enAsiyQJygcP1BM-AlhVeSYyvWkAlqbtN2E",
"O9x7UwuQHPpX-uQtufKqt_eUg6SiyVuZvzHOJhedN3E",
"SEaUwUR6Z1md0kg2E3u8PxGCP6eld1lvrKpYL0fhTpo",
"TCbyH6UROQc3k_SUVfhMijN_RzoXUS7TXcgPJqyPrnU",
"sgXVCySO78f11XEvBBACI3WTbresOeY3qgeklhyyI_0"
],
"_sd_alg": "SHA-256"
}
This is packed into a JWT token and signed by the issuer. All disclosures are attached to the token as well, separated by ~ character.
eyJ0eXAiOiJzZCtqd3QiLCJhbGciOiJFUzI1NiJ9.eyJ2Y3QiOiJodHRwczovL3NwaGVyaXR5LmdpdGh1Yi5pby9vaWQjTGVnYWxQZXJzb25JZCIsImlzcyI6ImRpZDprZXk6ek5HYlNDOVZZZmY2dFRHeXA3alBiSzVEOUJwV01kU010R2RrSGQzTURpN1FXRFBRMlJhYUNDWFd0YVh4bzdSR2N0V0tHeUdyRHI4Zm1IQ2E2SFg0ZHN4aHciLCJjbmYiOnsiandrIjp7ImtleV9vcHMiOlsidmVyaWZ5Il0sImV4dCI6dHJ1ZSwia3R5IjoiRUMiLCJ4IjoibXRYTjJTSW9QQk9sNlVsOXNVd1pOUjNXQllROHhTTVlnQVJiZ3AzNWFjbyIsInkiOiJRd1hRekhENjJ6YkNRSzVTcno4b1lvSXJyUURsRjZuUXJEM052SnlpaDhzIiwiY3J2IjoiUC0yNTYifX0sIl9zZCI6WyIwOUc1d3hmNGVuQXNpeVFKeWdjUDFCTS1BbGhWZVNZeXZXa0FscWJ0TjJFIiwiTzl4N1V3dVFIUHBYLXVRdHVmS3F0X2VVZzZTaXlWdVp2ekhPSmhlZE4zRSIsIlNFYVV3VVI2WjFtZDBrZzJFM3U4UHhHQ1A2ZWxkMWx2cktwWUwwZmhUcG8iLCJUQ2J5SDZVUk9RYzNrX1NVVmZoTWlqTl9Sem9YVVM3VFhjZ1BKcXlQcm5VIiwic2dYVkN5U083OGYxMVhFdkJCQUNJM1dUYnJlc09lWTNxZ2VrbGh5eUlfMCJdLCJfc2RfYWxnIjoiU0hBLTI1NiJ9.qrnJB0HRL2q03BJ0YLJBH1bco80hr_tfonEdtGBi-q2qaegzqbCNpWc8tHDQpiGah2Gm3Za7uQamHKSO7JukJA~WyI3NDM3ZjQ2ZWZjYzg3M2VkIiwiaWQiLCJkaWQ6a2V5OnpRWno1UWtYYmpRYkhUWU02YzQ1VTg3V3J6RW5SS3NmZzM3U0phdXdrQnJoMmZUTjN3V283UDhLUDhqd1JUTWJGbzZUWU1tQmZCelhyQ1V3RUJtcEMxMVdpIl0~WyIyOGFjZTk5NDAxMzdjOGU3IiwiZXVpZCIsIkRFUExQT0FHLjEyMzQ1Njc4OSJd~WyIyNjRjMDEyMGMzZmZiMzZmIiwiY29tcGFueU5hbWUiLCJGbG93ZXIgUG93ZXIgQUciXQ~WyI2ODY4ZmVmYjIwYmZkNWUwIiwib3B0aW9uYWxGaWVsZCIsIm9wdGlvbmFsIHZhbHVlIl0~
The serialized format for an SD-JWT+KB extends the SD-JWT format by concatenating a Key Binding JWT.
<Issuer-signed JWT>~<Disclosure 1>~<Disclosure 2>~...~<Disclosure N>~<KB-JWT>
So we can split the SD-JWT into the following:
eyJ0eXAiOiJzZCtqd3QiLCJhbGciOiJFUzI1NiJ9.eyJ2Y3QiOiJodHRwczovL3NwaGVyaXR5LmdpdGh1Yi5pby9vaWQjTGVnYWxQZXJzb25JZCIsImlzcyI6ImRpZDprZXk6ek5HYlNDOVZZZmY2dFRHeXA3alBiSzVEOUJwV01kU010R2RrSGQzTURpN1FXRFBRMlJhYUNDWFd0YVh4bzdSR2N0V0tHeUdyRHI4Zm1IQ2E2SFg0ZHN4aHciLCJjbmYiOnsiandrIjp7ImtleV9vcHMiOlsidmVyaWZ5Il0sImV4dCI6dHJ1ZSwia3R5IjoiRUMiLCJ4IjoibXRYTjJTSW9QQk9sNlVsOXNVd1pOUjNXQllROHhTTVlnQVJiZ3AzNWFjbyIsInkiOiJRd1hRekhENjJ6YkNRSzVTcno4b1lvSXJyUURsRjZuUXJEM052SnlpaDhzIiwiY3J2IjoiUC0yNTYifX0sIl9zZCI6WyIwOUc1d3hmNGVuQXNpeVFKeWdjUDFCTS1BbGhWZVNZeXZXa0FscWJ0TjJFIiwiTzl4N1V3dVFIUHBYLXVRdHVmS3F0X2VVZzZTaXlWdVp2ekhPSmhlZE4zRSIsIlNFYVV3VVI2WjFtZDBrZzJFM3U4UHhHQ1A2ZWxkMWx2cktwWUwwZmhUcG8iLCJUQ2J5SDZVUk9RYzNrX1NVVmZoTWlqTl9Sem9YVVM3VFhjZ1BKcXlQcm5VIiwic2dYVkN5U083OGYxMVhFdkJCQUNJM1dUYnJlc09lWTNxZ2VrbGh5eUlfMCJdLCJfc2RfYWxnIjoiU0hBLTI1NiJ9.qrnJB0HRL2q03BJ0YLJBH1bco80hr_tfonEdtGBi-q2qaegzqbCNpWc8tHDQpiGah2Gm3Za7uQamHKSO7JukJA~WyI3NDM3ZjQ2ZWZjYzg3M2VkIiwiaWQiLCJkaWQ6a2V5OnpRWno1UWtYYmpRYkhUWU02YzQ1VTg3V3J6RW5SS3NmZzM3U0phdXdrQnJoMmZUTjN3V283UDhLUDhqd1JUTWJGbzZUWU1tQmZCelhyQ1V3RUJtcEMxMVdpIl0~WyIyOGFjZTk5NDAxMzdjOGU3IiwiZXVpZCIsIkRFUExQT0FHLjEyMzQ1Njc4OSJd~WyIyNjRjMDEyMGMzZmZiMzZmIiwiY29tcGFueU5hbWUiLCJGbG93ZXIgUG93ZXIgQUciXQ~WyI2ODY4ZmVmYjIwYmZkNWUwIiwib3B0aW9uYWxGaWVsZCIsIm9wdGlvbmFsIHZhbHVlIl0
Each disclosure is a base64 encoded value, built out of an array with the following format;
- A salt value
- claim name
- claim value
Example:
["28ace9940137c8e7","euid","DEPLPOAG.123456789"]
A presentation, with key binding for holder enabled, will look like this (decoded JWT content). When using key binding for holder, its important to add the cnf containing the holder jwk, otherwise it will not be valid. Not disclosed fields will be simply left out in the string representation of the JWT presentation:
{
"payload": {
"vct": "https://oid.spherity.com/oid#LegalPersonId",
"iss": "did:key:zNGbSC9VYff6tTGyp7jPbK5D9BpWMdSMtGdkHd3MDi7QWDPQ2RaaCCXWtaXxo7RGctWKGyGrDr8fmHCa6HX4dsxhw",
"cnf": {
"jwk": {
"key_ops": [
"verify"
],
"ext": true,
"kty": "EC",
"x": "mtXN2SIoPBOl6Ul9sUwZNR3WBYQ8xSMYgARbgp35aco",
"y": "QwXQzHD62zbCQK5Srz8oYoIrrQDlF6nQrD3NvJyih8s",
"crv": "P-256"
}
},
"id": "did:key:zQZz5QkXbjQbHTYM6c45U87WrzEnRKsfg37SJauwkBrh2fTN3wWo7P8KP8jwRTMbFo6TYMmBfBzXrCUwEBmpC11Wi",
"companyName": "Flower Power AG",
"euid": "DEPLPOAG.123456789"
},
"header": {
"typ": "sd+jwt",
"alg": "ES256"
},
"kb": {
"payload": {
"nonce": "3652191003",
"aud": "https://example.com/verifier",
"iat": 1709576037,
"sd_hash": "r5EFZOtPljnor5IslvxhB-ZkVCp0CWQPrqOowkh3Kuk"
},
"header": {
"typ": "kb+jwt",
"alg": "ES256"
}
}
}
Annex B - EU Company Certificate
Below we show the EU Core Vocabulary for the EU Company Certificate and how it maps to the OID Vocabulary presented.
| EU Core Vocabularies | OID Vocabulary |
|---|---|
| LegalEntity.legalName | companyName |
| LegalEntity.legalFormType | legalForm |
| LegalEntity.legalIdentifier.Identifier.notation; Identifier.schemaAgency | registerNumber |
| LegalEntity.identifier.Identifier.notation | euid |
| LegalEntity.registeredAddress.Address | address |
| LegalEntity.registeredAddress.Address OR LegalEntity.contactPoint.ContactPoint.hasEmail | ? |
| LegalEntity.registrationDate | registrationDate |
| LegalEntity.legalEntityStatus | status |
| LegalEntity.legalRepresentative | ? |
| LegalEntity.legalEntityActivity | nace020 |
| LegalEntity.contactPoint.ContactPoint.contactPage | ? |
The presented semantic model enables the efficient issuance of an EU Company Certificate, as presented in the following example:
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://oid.spherity.com/contexts/oid/v1.jsonld"
],
"type": [
"VerifiableCredential",
"LegalEntityCertificate"
],
"id": "urn:uuid:f086cced-1153-4540-993b-b4d52ca499c2",
"validFrom": "2019-12-03T12:19:52Z",
"validUntil": "2029-12-03T12:19:52Z",
"issuer": "did:key:z6MkiY62766b1LJkExWMsM3QG4WtX7QpY823dxoYzr9qZvJ3",
"credentialSubject": {
"id": "did:key:fictive-1",
"type": [
"LegalPersonId",
"LegalPersonBaseData"
],
"companyName": "Flower Power AG",
"euid": "HUOCCSZ12345678",
"legalForm": "GmbH",
"registerIdentification": {
"registerNumber": "123AVB"
},
"address": {
"postalCode": "10119",
"addressCountry": "Germany",
"addressLocality": "Berlin"
},
"registrationDate": "2010-01-01",
"status": "active",
"nace020": {
"type": "Industry",
"code": "IT",
"industryDescription": "Tech Int. Trade"
}
}
}
Annex C - Ultimate Beneficial Owner Certificate
The Ultimate Beneficial Owners (UBOs) can be declared as a subset of the Legal Entity Certificate. In the following we show how to create an UBO credential by presenting the required subset of propterties from our schema. We provide all the required company information such as name and euid and include the list of UBOs. A unique credential is issued for each natural person. As a result, data duplication is prevented and a natural person can be referenced in multiple ways. For example, a natural person can be a UBO and a functionary at the same time.
The following fields are required to an UBO credential:
| Vocabulary | Required |
|---|---|
| companyName | mandatory |
| euid | mandatory |
| legalForm | mandatory |
| address | mandatory |
| [ultimateBeneficiaryOwner] | mandatory |
| ultimateBeneficiaryOwner_naturalPersonId | mandatory |
| ultimateBeneficiaryOwner_natureOfInterest | mandatory |
| ultimateBeneficiaryOwner_description | optional |
| ultimateBeneficiaryOwner_ownershipType | optional |
| ultimateBeneficiaryOwner_registrableDate | optional |
| ultimateBeneficiaryOwner_inactiveDate | optional |
| ultimateBeneficiaryOwner_lastChangeDate | optional |
For every UBO, a natural person is referenced using the naturalPersonId:
| Field | Required |
|---|---|
| familyName | mandatory |
| givenName | mandatory |
| birthDate | mandatory |
| birthPlace | optional |
| postalAddress | optional |
| taxDomicile | optional |
| isAlive | optional |
| citizenship | mandatory |
| domicile | mandatory |
The following example shows a credential with two UBOs. The second UBO contains additional optional data. To comply with the defined standard, the mandatory fields must be present. Since the natural person credentials are issued separately, they are referenced and are part of the credential array:
[
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://oid.spherity.com/contexts/oid/v1.jsonld"
],
"type": [
"VerifiableCredential",
"LegalEntityCertificate"
],
"id": "urn:uuid:f086cced-1153-4540-993b-b4d52ca499c2",
"validFrom": "2019-12-03T12:19:52Z",
"validUntil": "2029-12-03T12:19:52Z",
"issuer": "did:key:z6MkiY62766b1LJkExWMsM3QG4WtX7QpY823dxoYzr9qZvJ3",
"credentialSubject": {
"id": "did:key:fictive-1",
"type": [
"LegalPersonId",
"LegalPersonBaseData",
"LegalPerson"
],
"companyName": "Flower Power AG",
"euid": "HUOCCSZ12345678",
"legalForm": "GmbH",
"address": {
"postalCode": "10119",
"addressCountry": "Germany",
"addressLocality": "Berlin"
},
"ultimateBeneficiaryOwner": [
{
"naturalPersonId": "did:key:fictive-2",
"natureOfInterest": "control through ownership",
"ownershipType": "direct",
"registrableDate": "2024-07-08"
},
{
"naturalPersonId": "did:key:fictive-3",
"natureOfInterest": "voting rights",
"votingRights": {
"share": {
"@type": "Share",
"relative": "20",
"absolute": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"absoluteInEur": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"isDirectShare": true
},
"votingRightsRelativeDirect": "20",
"votingRightsRelative": "20",
"shareRelativeDirect": "20"
},
"capital": {
"share": {
"@type": "Share",
"relative": "20",
"absolute": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"absoluteInEur": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"isDirectShare": true
},
"votingRightsRelativeDirect": "20",
"shareRelativeDirect": "20"
},
"otherControl": {
"share": {
"@type": "Share",
"relative": "20",
"absolute": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"absoluteInEur": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"isDirectShare": true
},
"votingRightsRelativeDirect": "20",
"shareRelativeDirect": "20"
},
"fictitious": {
"share": {
"@type": "Share",
"relative": "20",
"absolute": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"absoluteInEur": {
"@type": "Balance",
"amount": "399399",
"currency": "EUR"
},
"isDirectShare": true
},
"votingRightsRelativeDirect": "20",
"shareRelativeDirect": "20"
}
}
]
}
},
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://oid.spherity.com/contexts/oid/v1.jsonld"
],
"type": [
"VerifiableCredential",
"LegalEntityCertificate"
],
"id": "urn:uuid:f086cced-1153-4540-993b-b4d52ca4993",
"validFrom": "2019-12-03T12:19:52Z",
"validUntil": "2029-12-03T12:19:52Z",
"issuer": "did:key:z6MkiY62766b1LJkExWMsM3QG4WtX7QpY823dxoYzr9qZvJ3",
"credentialSubject": {
"id": "did:key:fictive-2",
"type": "NaturalPerson",
"givenName": "John",
"familyName": "Doe",
"gender": "Male",
"taxDomicile": "DE",
"birthDate": "1970-01-01",
"citizenship": "DE",
"domicile": {
"postalCode": "10119",
"addressCountry": "DE",
"addressLocality": "Berlin"
}
}
},
{
"@context": [
"https://www.w3.org/ns/credentials/v2",
"https://oid.spherity.com/contexts/oid/v1.jsonld"
],
"type": [
"VerifiableCredential",
"LegalEntityCertificate"
],
"id": "urn:uuid:f086cced-1153-4540-993b-b4d52ca4994",
"validFrom": "2019-12-03T12:20:52Z",
"validUntil": "2029-12-03T12:20:52Z",
"issuer": "did:key:z6MkiY62766b1LJkExWMsM3QG4WtX7QpY823dxoYzr9qZvJ3",
"credentialSubject": {
"id": "did:key:fictive-3",
"type": "NaturalPerson",
"givenName": "Jane",
"familyName": "Doe",
"gender": "Female",
"birthDate": "1972-01-01",
"isAlive": true,
"citizenship": "FR",
"domicile": {
"postalCode": "10777",
"addressCountry": "DE",
"addressLocality": "Berlin"
}
}
}
]