Stagnant ERC defining a framework for off-chain verifiable claims signed with EIP-712 typed data. Issuers sign structured claims about a subject (KYC, accreditation, age, credit) that can be verified on-chain by smart contracts or off-chain by libraries — without recording PII on a public blockchain.
- 01KYC / accredited investor attestations
- 02off-chain credentials with on-chain verification
- 03regulatory compliance flows
- 04delegated claim issuance
- 05privacy-preserving identity
- pnpm add eip-712
- pnpm add @openzeppelin/contracts
- pnpm add viem
Define each claim as an EIP-712 typed struct that MUST include `address subject`, `uint256 validFrom`, and `uint256 validTo`, plus optional `address issuer` (for delegated signing) and `value` fields. Issuers sign the typed-data digest off-chain; verifiers reconstruct the digest, call `ecrecover` (or use OpenZeppelin's `ECDSA.recover`) and compare to the expected issuer. Implement `verifyIssuer(Claim memory claim, uint8 v, bytes32 r, bytes32 s) returns (address)` on-chain and pair it with a revocation registry exposing `revoke(bytes32 digest)` and `revoked(address party, bytes32 digest) view returns (bool)`. Always check `block.timestamp >= validFrom && block.timestamp <= validTo` before honoring a claim. Pair with EIP-712 (signing), EIP-1271 (smart-contract issuers), and EAS for a production-grade attestation stack.
- ⚑ERC-1812 is Stagnant — no recent reference implementations are maintained, so most teams adopt EAS (Ethereum Attestation Service) or ERC-3643 instead; only pick 1812 if you need the exact off-chain-claim + on-chain-verify split.
- ⚑Claims are off-chain by design: losing the signed payload means losing the credential — plan storage (IPFS, Ceramic, the issuer's DB) and a re-issuance flow before launch.
- ⚑Revocation is not automatic — verifiers MUST query the revocation registry every time; cached `verifyIssuer` results without a `revoked()` check will accept revoked claims.
- ⚑Smart-contract issuers cannot use ECDSA — wrap verification with EIP-1271 `isValidSignature` to support Safe / 4337 wallet issuers.
- ⚑`validFrom`/`validTo` are unix seconds, not block numbers — using `block.number` for time bounds breaks across L2s with non-1s blocks.
- ⚑EIP-712 domain separator collisions: reuse a single `EIP712Domain` per verifier contract and version it (`version: '1'`) so a redeploy doesn't silently invalidate every outstanding claim.