Verifiable Credential Rendering Methods v0.9

W3C First Public Working Draft

More details about this document
This version:
https://www.w3.org/TR/2025/WD-vc-render-method-20251020/
Latest published version:
https://www.w3.org/TR/vc-render-method/
Latest editor's draft:
https://w3c.github.io/vc-render-method/
History:
https://www.w3.org/standards/history/vc-render-method/
Commit history
Editors:
Dmitri Zagidulin ( MIT Digital Credentials Consortium )
Manu Sporny ( Digital Bazaar )
Patrick St. Louis ( Open Security and Identity )
Authors:
Manu Sporny ( Digital Bazaar )
Dmitri Zagidulin ( MIT Digital Credentials Consortium )
Calvin Cheng ( Government Technology Agency of Singapore )
Kyle Huang Junyuan ( Government Technology Agency of Singapore )
Patrick St. Louis ( Open Security and Identity )
Feedback:
GitHub w3c/vc-render-method ( pull requests , new issue , open issues )

Copyright © 2025 World Wide Web Consortium . W3C ® liability , trademark and permissive document license rules apply.

Abstract

This specification describes mechanisms that can be used to represent a Verifiable Credential through a visual, auditory, or haptic medium. It covers rendering a Verifiable Credential to a physical document, digital image, screen reader, or braille output.

Status of This Document

This is a preview

Do not attempt to implement this version of the specification. Do not reference this version as authoritative in any way. Instead, see https://w3c.github.io/vc-render-method/ for the Editor's draft.

This section describes the status of this document at the time of its publication. A list of current W3C publications and the latest revision of this technical report can be found in the W3C standards and drafts index .

This is an experimental specification and is undergoing regular revisions. It is not fit for production deployment.

This document was published by the Verifiable Credentials Working Group as a First Public Working Draft using the Recommendation track .

Publication as a First Public Working Draft does not imply endorsement by W3C and its Members.

This is a draft document and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to cite this document as other than a work in progress.

This document was produced by a group operating under the W3C Patent Policy . W3C maintains a public list of any patent disclosures made in connection with the deliverables of the group; that page also includes instructions for disclosing a patent. An individual who has actual knowledge of a patent that the individual believes contains Essential Claim(s) must disclose the information in accordance with section 6 of the W3C Patent Policy .

This document is governed by the 18 August 2025 W3C Process Document .

1. Introduction

Rendering methods can be used when the issuer has a specific way that they want to express a verifiable credential to an observer through a visual, auditory, or haptic mechanism. For example, an issuer of an employee badge credential might want to include rich imagery of their corporate logo and specific placement of employee information in specific areas of the badge. They might also want to provide an audio read out of the important aspects of the badge for individuals that have accessibility needs related to their eyesight.

1.1 Terminology

The following terms are used to describe concepts in this specification.

claim
An assertion made about a subject .
credential
A set of one or more claims made by an issuer . The claims in a credential can be about different subjects .

Our definition of credential differs from, NIST's definitions of credential .

data minimization
The act of limiting the amount of shared data strictly to the minimum necessary to successfully accomplish a task or goal.
decentralized identifier
A portable URL-based identifier, also known as a DID , associated with an entity . These identifiers are most often used in a verifiable credential and are associated with subjects such that a verifiable credential itself can be easily ported from one credential repository to another without the need to reissue the credential . An example of a DID is did:example:123456abcdef .
decentralized identifier document
Also referred to as a DID document , this is a document that is accessible using a verifiable data registry and contains information related to a specific decentralized identifier , such as the associated credential repository and public key information.
default graph
The graph containing all claims that are not explicitly part of a named graph .
derived predicate
A verifiable, boolean assertion about the value of another attribute in a verifiable credential . These are useful in zero-knowledge-proof-style verifiable presentations because they can limit information disclosure. For example, if a verifiable credential contains an attribute for expressing a specific height in centimeters, a derived predicate might reference the height attribute in the verifiable credential demonstrating that the issuer attests to a height value meeting the minimum height requirement, without actually disclosing the specific height value. For example, the subject is taller than 150 centimeters.
digital signature
A mathematical scheme for demonstrating the authenticity of a digital message.
entity
Anything that can be referenced in statements as an abstract or concrete noun. Entities include but are not limited to people, organizations, physical things, documents, abstract concepts, fictional characters, and arbitrary text. Any entity might perform roles in the ecosystem, if it is capable of doing so. Note that some entities fundamentally cannot take actions, e.g., the string "abc" cannot issue credentials.
graph
A set of claims, forming a network of information composed of subjects and their relationship to other subjects or data. Each claim is part of a graph; this is either explicit in the case of named graphs , or implicit for the default graph .
holder
A role an entity might perform by possessing one or more verifiable credentials and generating verifiable presentations from them. A holder is often, but not always, a subject of the verifiable credentials they are holding. Holders store their credentials in credential repositories .
identity
The means for keeping track of entities across contexts. Digital identities enable tracking and customization of entity interactions across digital contexts, typically using identifiers and attributes. Unintended distribution or use of identity information can compromise privacy. Collection and use of such information should follow the principle of data minimization .
identity provider
An identity provider, sometimes abbreviated as IdP , is a system for creating, maintaining, and managing identity information for holders , while providing authentication services to relying party applications within a federation or distributed network. In this case the holder is always the subject . Even if the verifiable credentials are bearer credentials , it is assumed the verifiable credentials remain with the subject , and if they are not, they were stolen by an attacker. This specification does not use this term unless comparing or mapping the concepts in this document to other specifications. This specification decouples the identity provider concept into two distinct concepts: the issuer and the holder .
issuer
A role an entity can perform by asserting claims about one or more subjects , creating a verifiable credential from these claims , and transmitting the verifiable credential to a holder .
named graph
A graph associated with specific properties, such as verifiableCredential . These properties result in separate graphs that contain all claims defined in the corresponding JSON objects.
presentation
Data derived from one or more verifiable credentials , issued by one or more issuers , that is shared with a specific verifier .
credential repository
A program, such as a storage vault or personal verifiable credential wallet, that stores and protects access to holders' verifiable credentials .
selective disclosure
The ability of a holder to make fine-grained decisions about what information to share.
subject
A thing about which claims are made.
user agent
A program, such as a browser or other Web client, that mediates the communication between holders , issuers , and verifiers .
validation
The assurance that a claim from a specific issuer satisfies the business requirements of a verifier for a particular use. This specification defines how verifiers verify verifiable credentials and verifiable presentations .
It also specifies that verifiers validate claims in verifiable credentials before relying on them. However, the means for such validation vary widely and are outside the scope of this specification. It is expected that verifiers will trust certain issuers for certain claims and apply their own rules to determine which claims in which credentials are suitable for use by their systems.
verifiable credential
A verifiable credential is a tamper-evident credential that has authorship that can be cryptographically verified. Verifiable credentials can be used to build verifiable presentations , which can also be cryptographically verified.
verifiable data registry
A role a system might perform by mediating the creation and verification of identifiers, keys, and other relevant data, such as verifiable credential schemas, revocation registries, issuer public keys, and so on, which might be required to use verifiable credentials . Some configurations might require correlatable identifiers for subjects . Some registries, such as ones for UUIDs and public keys, might just act as namespaces for identifiers.
verifiable presentation
A verifiable presentation is a tamper-evident presentation encoded in such a way that authorship of the data can be trusted after a process of cryptographic verification. Certain types of verifiable presentations might contain data that is synthesized from, but do not contain, the original verifiable credentials (for example, zero-knowledge proofs).
verification
The evaluation of whether a verifiable credential or verifiable presentation is an authentic and current statement of the issuer or presenter, respectively. This includes checking that: the credential (or presentation) conforms to the specification; the proof method is satisfied; and, if present, the status check succeeds. Verification of a credential does not imply evaluation of the truth of claims encoded in the credential.
verifier
A role an entity performs by receiving one or more verifiable credentials , optionally inside a verifiable presentation for processing. Other specifications might refer to this concept as a relying party .
verification material
Information that could be a cryptographic public key or any other data used to verify a proof.
URL
A Uniform Resource Locator, as defined by [ URL ]. URLs can be dereferenced such that they result in a resource, such as a document. The rules for dereferencing, or fetching, a URL are defined by the URL scheme . This specification does not use the term URI or IRI because those terms have been deemed to be confusing to Web developers.

1.2 Conformance

As well as sections marked as non-normative, all authoring guidelines, diagrams, examples, and notes in this specification are non-normative. Everything else in this specification is normative.

The key words MAY , MUST , OPTIONAL , RECOMMENDED , and REQUIRED in this document are to be interpreted as described in BCP 14 [ RFC2119 ] [ RFC8174 ] when, and only when, they appear in all capitals, as shown here.

A conforming render method is any concrete expression of the data model that complies with the normative statements in this specification. Specifically, all relevant normative statements in Sections 2. Data Model and 3. Algorithms of this document MUST be enforced.

A conforming processor is any algorithm realized as software and/or hardware that generates or consumes a conforming render method . Conforming processors MUST produce errors when non-conforming documents are consumed.

This document also contains examples that contain JSON and JSON-LD content. Some of these examples contain characters that are invalid JSON, such as inline comments ( // ) and the use of ellipsis ( ... ) to denote information that adds little value to the example. Implementers are cautioned to remove this content if they desire to use the information as valid JSON or JSON-LD.

2. Data Model

The following sections outline the data model that is used by this specification for rendering methods

2.1 The renderMethod Property

The renderMethod property is a reserved extension point in the Verifiable Credentials Data Model specification [ VC-DATA-MODEL-2.0 ]. An issuer can utilize this property in a verifiable credential to express one or more preferred render methods.

renderMethod
The value of the renderMethod property MUST specify one or more rendering methods that can be used by software to express the verifiable credential using a visual, auditory, or haptic mechanism. Each renderMethod value MUST specify its type , for example, TemplateRenderMethod , OpenAttestationEmbeddedRenderer , or OCABundle . The precise contents of each rendering hint is determined by the specific renderMethod type definition.

2.2 TemplateRenderMethod

When an issuer desires to specify template-based rendering instructions for a verifiable credential , they MAY add a render property that uses the data model described below.

Property Description
id An OPTIONAL string that follows the URL Standard and, when fetched, dereferences to a render template.
type A REQUIRED string that MUST be the value TemplateRenderMethod .
renderSuite A REQUIRED string that identifies the algorithms that are used for generating the concrete rendering.
name An OPTIONAL human-readable string that can be displayed to provide a hint to the type of rendering that will be performed. This property might be used in a graphical interface that enables an individual to select between multiple presentation modes.
description An OPTIONAL human-readable string that provides a more involved description than name of when the particular rendering might be useful.
renderProperty An OPTIONAL list of string values that each conform to the JavaScript Object Notation (JSON) Pointer syntax that specifies which properties from the verifiable credential are exposed when using this specific render method. If renderProperty is not provided, the entire verifiable credential is presumed to be shared when the render method is used.
template An OPTIONAL string or map that provides the template that will be used to perform the rendering. If the value is a string , it MUST be a URL. If the value is a map , it MUST conform to the following rules:
Property Description
id An REQUIRED string that follows the URL Standard and, when fetched, dereferences to a template such as an SVG or PDF file.
mediaType A RECOMMENDED string that identifies the media type for the id value as specified in Media Type Specifications and Registration Procedures .
digestMultibase An OPTIONAL multibase-encoded Multihash of the template file. The multibase value MUST be u (base64url-nopad) and the multihash value MUST be SHA-2 with 256-bits of output ( 0x12 ).
digestMultibase An OPTIONAL multibase-encoded Multihash of the render method referenced if id is specified. The multibase value MUST be u (base64url-nopad) and the multihash value MUST be SHA-2 with 256-bits of output ( 0x12 ).

The data model shown above is expressed in a verifiable credential in the example below.

Example 1 : Usage of the render property by an issuer 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2",
    "https://w3id.org/vc/render-method/v1"
  ],
  "id": "http://example.edu/credentials/3732",
  "type": ["VerifiableCredential", "UniversityDegreeCredential"],
  "issuer": "https://example.edu/issuers/14",
  "validFrom": "2010-01-01T19:23:24Z",
  "credentialSubject": {
    "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
    "degree": {
      "type": "BachelorDegree",
      "name": "Bachelor of Science and Arts"
    }
  },
  "renderMethod": {
    "type": "TemplateRenderMethod",
    "renderSuite": "svg-mustache",
    "template": {
      "id": "https://example.edu/credential-templates/BachelorDegree",
      "mediaType": "image/svg+xml",
      "digestMultibase": "zQmerWC85Wg6wFl9znFCwYxApG270iEu5h6JqWAPdhyxz2dR",
      "renderProperty": [
        "/issuer", "/validFrom", "/credentialSubject/degree/name"
      ]
    }
  }
  
}

In the example above, the issuer has provided a Mustache-based SVG rendering template for a Bachelor's degree that will be filled in with specific information from the verifiable credential listed in renderProperty .

2.2.1 The svg-mustache Render Suite

The svg-mustache render suite uses the Mustache templating language to modify an SVG file, which is then used to render a visual representation of the verifiable credential .

In the example below, a fully embedded SVG file is used as the rendering template.

Example 2 : Basic usage of the svg-mustache render suite 
{
  ...
  "renderMethod": {
    "type": "TemplateRenderMethod",
    "renderSuite": "svg-mustache",
    // the SVG file is embedded in the VC
    "template": "data:image/svg+xml;base64,Qjei89...3jZpW"
  }
}

The next example links to the SVG file on the Web and secures it against modification by using the digestMultibase property.

Example 3 : A remotely hosted SVG file for an SVG render template 
{
...
"renderMethod": {
  "type": "TemplateRenderMethod",
  "renderSuite": "svg-mustache",
  "template": {
    // this SVG file is fetched from the Web
    "id": "https://degree.example/credential-templates/bachelors",
    "mediaType": "image/svg+xml",
    "digestMultibase": "zQmerWC85Wg6wFl9znFCwYxApG270iEu5h6JqWAPdhyxz2dR"
  }
}

The next example links to the rendering template on the Web and secures it using the digestMultibase property:

Example 4 : A remotely hosted SVG render method 
{
...
"renderMethod": {
  // this render method is fetched from the Web
  "id": "https://degrees.example/bachelors-svg.jsonld",
  "mediaType": "application/ld+json",
  "type": "TemplateRenderMethod",
  "renderSuite": "svg-mustache",
  "digestMultibase": "zQmG270iEu5h6JqWAPdhyxz2dRerWC85Wg6wFl9znFCwYxAp"
}

2.2.2 The pdf-mustache Render Suite

The pdf-mustache render suite uses the Mustache templating language to modify a PDF file, which is then used to render a visual representation of the verifiable credential .

In the example below, a fully embedded PDF file is used as the rendering template.

Example 5 : Basic usage of the pdf-mustache render suite 
{
  ...
  "renderMethod": {
    "type": "TemplateRenderMethod",
    "renderSuite": "pdf-mustache",
    // this PDF file is embedded in the VC
    "template": "data:application/pdf;base64,k309SK...pwK83b"
  }
}

The next example links to the PDF file on the Web and secures it against modification by using the digestMultibase property.

Example 6 : Remotely hosted PDF file for a PDF rendering template 
{
...
"renderMethod": {
  "type": "TemplateRenderMethod",
  "renderSuite": "pdf-mustache",
  "template": {
    // this PDF file is fetched from the Web
    "id": "https://degree.example/bachelors.pdf",
    "mediaType": "application/pdf",
    "digestMultibase": "zQmznFCwYxApG270iEu5h6JqWAPdhyxz2dRerWC85Wg6wFl9"
  }
}

The next example links to the rendering template on the Web and secures it using the digestMultibase property:

Example 7 : Remotely hosted PDF rendering template 
{
...
"renderMethod": {
  // this render method is fetched from the Web
  "id": "https://degrees.example/bachelors-pdf.jsonld",
  "type": "TemplateRenderMethod",
  "renderSuite": "pdf-mustache",
  "digestMultibase": "zQmEu5h6JqWAPdhyxmz2dRerWC85Wg6wFl9znFCwYxApG270"
}

2.2.3 The nfc Render Suite

The nfc render suite transmits a binary payload representing the verifiable credential over a wireless NFC connection.

In the example below, a fully embedded NFC payload is used as the rendering template, which only discloses the barcode identifier associated with the credential.

Example 8 : Usage of the nfc render suite 
{
  ...
  "renderMethod": {
    "type": "TemplateRenderMethod",
    "renderSuite": "nfc",
    "name": "Tap to send",
    // the NFC payload is embedded
    "template": "data:application/octet-stream;base64,2QZkpQGDG...G8XJWnROcY4Biw",
    // only the barcode is transmitted over NFC
    "renderProperty": ["/credentialSubject/barcode"]
  }
  
}

2.3 OpenAttestationEmbeddedRenderer

OpenAttestationEmbeddedRenderer is used by an issuer to render a verifiable credential. The verifiable credential is rendered in HTML within an embedded <iframe> through a Template Renderer website referenced in the document. This arrangement allows for interactive selective disclosure using OpenAttestationMerkleProofSignature2018.

The Template Renderer is a web application embedded in an iframe. It renders verifiable credentials based on selected templates and must listen for specific messages from the Host application to facilitate the rendering process.

There currently exists a number of OpenAttestationEmbeddedRenderer issuers and decentralized renderer implementations.

When an issuer desires to specify an embedded rendering instructions for a verifiable credential , they MAY add a renderMethod property that uses the data model described below.

Property Description
id A URL that locates a website that implements the OpenAttestationEmbeddedRenderer Action API.
type The type property MUST be OpenAttestationEmbeddedRenderer .
renderName Name of the template used by the website specified by id to render the document. A different template can be used for the decentralized renderer to present a different HTML view of the verifiable credential.

The data model shown above is expressed in a verifiable credential in the example below.

Example 9 : Usage of the renderMethod property by an issuer 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://schemata.openattestation.com/com/openattestation/4.0/alpha-context.json"
  ],
  "type": ["VerifiableCredential", "OpenAttestationCredential"],
  "validFrom": "2021-03-08T12:00:00+08:00",
  "name": "Republic of Singapore Driving Licence",
  "issuer": {
    "id": "did:ethr:0xB26B4941941C51a4885E5B7D3A1B861E54405f90",
    "type": "OpenAttestationIssuer",
    "name": "Government Technology Agency of Singapore (GovTech)",
    "identityProof": { "identityProofType": "DNS-DID", "identifier": "example.openattestation.com" }
  },
  "credentialSubject": {
    "id": "urn:uuid:a013fb9d-bb03-4056-b696-05575eceaf42",
    "type": ["DriversLicense"],
    "name": "John Doe",
    "address": "123 Choa Chu Kang Road, Singapore 123456",
    "licenses": [
      {
        "class": "3",
        "description": "Motor cars with unladen weight <= 3000kg",
        "effectiveDate": "2013-05-16T00:00:00+08:00"
      },
      {
        "class": "3A",
        "description": "Motor cars with unladen weight <= 3000kg",
        "effectiveDate": "2013-05-16T00:00:00+08:00"
      }
    ]
  },
  "renderMethod": [{
    "id": "https://demo-renderer.opencerts.io",
    "type": "OpenAttestationEmbeddedRenderer",
    "rendererName": "GOVTECH_DEMO"
  }]
}

The verifiable credential specifies a decentralized renderer at https://demo-renderer.opencerts.io , using the template named GOVTECH_DEMO .

The decentralized renderer can support different templates that can provide different views of the verifiable credentials. Below are two renderings of the same verifiable credential using different templates.

Certificate Template
Figure 1 Certificate Template
Transcript Template
Figure 2 Transcript Template

2.3.1 Action API

The Host is the application that displays the document with the help of the Template Renderer. The Template Renderer MUST be a web application embedded within an iframe specified by renderMethod . id . It MUST communicate with the Host application using postMessage API to perform actions.

All actions follow the same structure. They are composed of type and payload :

  1. type indicates the kind of action being executed, for instance, RENDER_DOCUMENT means rendering a document. The type of an action is mandatory.
  2. payload indicates optional data associated to the type, for instance, the content of the document to render.

An open source reference implementation is available on GitHub .

The interaction between the Host and the Template Renderer is illustrated in the following diagram.

Sequence Diagram
Figure 3 Sequence Diagram
2.3.1.1 Host-to-Frame Actions

When the iframe is first displayed, the host sends commands to the iframe to render the document. The 4 types of actions supported are described below.

type payload action
GET_TEMPLATES 

{
type:

"GET_TEMPLATES"

}
Obtain a list of templates supported by the renderer for the given document. The list of templates is returned from UPDATE_TEMPLATES call from the iframe.
SELECT_TEMPLATE 
{
  type: "SELECT_TEMPLATE",
  payload: "CUSTOM_TEMPLATE"
}
Select the template to be used for rendering. It should be from the list returned by GET_TEMPLATES. If not found, a default template is used.
RENDER_DOCUMENT 
{
  type: "RENDER_DOCUMENT",
  payload: {
    document: {
      credentialSubject: ...,
      renderMethod: ...
    }
  }
}
Render the verifiable credential inside the IFRAME using the selected template. Document is JSON object form of the verifiable credential.
PRINT 

{
type:

"PRINT"

}
MUST show the print dialog so the contents of the IFRAME can be printed.
2.3.1.2 Frame-to-Host Actions

These are used by the iframe to update the host to make adjustments on formatting, or selective redaction.

type payload action
OBFUSCATE 
{
  type: "OBFUSCATE",
  payload: "a[0].b.c",
}
This is used for selective redaction. The Host is informed of the path of the field that has been obfuscated so that the host can create an updated version of the document with the selected field obfuscated.
UPDATE_HEIGHT 
{
  type: "UPDATE_HEIGHT",
  payload: 150,
}
Notify the Host of the height of the embedded iframe in pixels so the Host can adjust the size on the browser.
UPDATE_TEMPLATES 
{
  type: "UPDATE_TEMPLATES",
  payload: [
    {
      id: "template1",
      label: "template1",
    },
    {
      id: "template2",
      label: "template2",
    }
  ]
}
Notify the Host of the list of template names that are usable from RENDER_METHOD, or GET_TEMPLATES calls.

2.4 OCABundle

OCABundle is used by an issuer to specify rendering instructions based on an Overlays Capture Architecture (OCA) Bundle as defined in Overlays Capture Architecture Specification . OCA provides a standardized way to define schemas with semantic overlays that enable multi-language support, data entry formats, sensitive data flagging, and rich metadata for rendering verifiable credentials in a consistent and interoperable manner.

An OCA Bundle consists of a capture base that defines the core structure and data types of the credential attributes, along with various overlays that provide additional context such as labels, character encoding, format specifications, entry codes, and information overlays. This layered approach enables flexible and culturally-aware rendering of credentials while maintaining data integrity.

When OCA is used as a render method for verifiable credentials , the capture base in the OCA Bundle uses JSON paths (as defined in JavaScript Object Notation (JSON) Pointer ) as attribute names to reference properties from the root of the verifiable credential document, and defines the data type for each attribute. For example, an attribute named /credentialSubject/degree/name would reference the name property within the nested degree object of the credential's credentialSubject . The overlays then provide presentation metadata such as human-readable labels in multiple languages, formatting rules for dates and numbers, constraints for data entry, and descriptive information about each attribute. This separation allows the same credential data to be rendered differently based on context, locale, or user preferences while maintaining a consistent semantic foundation.

When an issuer desires to specify OCA-based rendering instructions for a verifiable credential , they MAY add a renderMethod property that uses the data model described below.

Property Description
id A REQUIRED string that follows the URL Standard specification and, when fetched, dereferences to an OCA Bundle in JSON format. The OCA Bundle contains the capture base and associated overlays needed for rendering the credential.
type A REQUIRED string that MUST be the value OCABundle .
name An OPTIONAL human-readable string that can be displayed to provide a hint to the type of rendering that will be performed. This property might be used in a graphical interface that enables an individual to select between multiple presentation modes.
description An OPTIONAL human-readable string that provides a more detailed description of the OCA-based rendering method and when it might be useful.
digestMultibase An OPTIONAL multibase-encoded Multihash of the OCA Bundle. The multibase value MUST be u (base64url-nopad) and the multihash value MUST be SHA-2 with 256 bits of output (0x12 in the multicodec table). This property can be used by verifiers to ensure the integrity of the fetched OCA Bundle.
version An OPTIONAL string that specifies the OCA specification version that the referenced OCA Bundle conforms to (e.g., "v2.0.0-rc1", "v2.0.0", "v1.0"). This property helps renderers determine compatibility and select appropriate processing logic for the OCA Bundle format.

The data model shown above is expressed in a verifiable credential in the example below.

Example 10 : Usage of OCABundle render method with a remote OCA Bundle 
{
  "@context": [
    "https://www.w3.org/ns/credentials/v2",
    "https://www.w3.org/ns/credentials/examples/v2"
  ],
  "type": ["VerifiableCredential", "UniversityDegreeCredential"],
  "issuer": {
    "id": "https://example.edu/issuers/565049",
    "name": "Example University"
  },
  "validFrom": "2024-01-01T00:00:00Z",
  "credentialSubject": {
    "id": "did:example:ebfeb1f712ebc6f1c276e12ec21",
    "degree": {
      "type": "BachelorDegree",
      "name": "Bachelor of Science and Arts",
      "degreeType": "Undergraduate",
      "major": "Computer Science"
    }
  },
  "renderMethod": [{
    "id": "https://example.edu/oca-bundles/degree-2024.json",
    "type": "OCABundle",
    "name": "University Degree Display",
    "description": "Renders the degree credential with multi-language support",
    "digestMultibase": "uEiC96D8xPcVfm...WNcMF4Kc-Yw",
    "version": "v2.0.0-rc1"
  }]
}

In this example, the OCA Bundle located at https://example.edu/oca-bundles/degree-2024.json contains the capture base and overlays necessary to render the credential. The bundle might include label overlays for multiple languages, format overlays for date and number formatting, and information overlays with descriptions of each attribute.

An example OCA Bundle structure for this credential might look like:

Example 11 : Example OCA Bundle structure with JSON path attributes 
{
  "bundle": {
    "v": "OCAS11JSON000646_",
    "digest": "EBfdlu8R27Fbx-ehrqwIxQ-na4B7A4LqidzXqj8gkzHp",
    "capture_base": {
      "digest": "ECui6bAv2zzW2gMVQbKT3M7g2q4r6yWKf2Y2k9CDa8Nq",
      "type": "spec/capture_base/2.0.0",
      "attributes": {
        "/credentialSubject/degree/type": "Text",
        "/credentialSubject/degree/name": "Text",
        "/credentialSubject/degree/degreeType": "Text",
        "/credentialSubject/degree/major": "Text"
      },
      "classification": ""
    },
    "overlays": [
      {
        "digest": "EMzAk6N2iI1K5EpS9YqU7WxTc8BvPq1RgFn0D4XyJwLz",
        "type": "spec/overlays/meta/2.0.0",
        "capture_base": "ECui6bAv2zzW2gMVQbKT3M7g2q4r6yWKf2Y2k9CDa8Nq",
        "name": "University Degree Credential",
        "description": "Academic degree credential issued by universities"
      },
      {
        "digest": "EJqWh3K9fF8H2BmP6VnR4TxQz5YsLm8NcDk7A1UvGtIw",
        "type": "spec/overlays/label/2.0.0",
        "capture_base": "ECui6bAv2zzW2gMVQbKT3M7g2q4r6yWKf2Y2k9CDa8Nq",
        "language": "en",
        "attribute_labels": {
          "/credentialSubject/degree/type": "Degree Type",
          "/credentialSubject/degree/name": "Degree Name",
          "/credentialSubject/degree/degreeType": "Degree Classification",
          "/credentialSubject/degree/major": "Major"
        }
      },
      {
        "digest": "EKpXi4L0gG9I3CnQ7WoS5UyRa6ZtNo9OdEl8B2VwHuJx",
        "type": "spec/overlays/label/2.0.0",
        "capture_base": "ECui6bAv2zzW2gMVQbKT3M7g2q4r6yWKf2Y2k9CDa8Nq",
        "language": "fr",
        "attribute_labels": {
          "/credentialSubject/degree/type": "Type de diplôme",
          "/credentialSubject/degree/name": "Nom du diplôme",
          "/credentialSubject/degree/degreeType": "Classification du diplôme",
          "/credentialSubject/degree/major": "Spécialisation"
        }
      },
      {
        "digest": "ELrYj5M1hH0J4DoR8XpT6VzSb7AuOp0QeFm9C3WxIvKy",
        "type": "spec/overlays/information/2.0.0",
        "capture_base": "ECui6bAv2zzW2gMVQbKT3M7g2q4r6yWKf2Y2k9CDa8Nq",
        "language": "en",
        "attribute_information": {
          "/credentialSubject/degree/type": "The type of academic degree awarded",
          "/credentialSubject/degree/name": "The full official name of the degree",
          "/credentialSubject/degree/degreeType": "Classification level (e.g., Undergraduate, Graduate)",
          "/credentialSubject/degree/major": "The primary field of study"
        }
      },
      {
        "digest": "ENaZl7O3jJ2L6FqT0ZrV8XyUd9CwRs2ShGo1E5YzKxMa",
        "type": "spec/overlays/sensitive/2.0.0",
        "capture_base": "ECui6bAv2zzW2gMVQbKT3M7g2q4r6yWKf2Y2k9CDa8Nq",
        "attributes": [
          "/credentialSubject/degree/name"
        ]
      }
    ]
  }
}

Implementers can use the OCA Bundle to generate appropriate user interfaces, select language-specific labels, apply format specifications, and ensure consistent rendering across different applications and platforms.

3. Algorithms

The following sections outline the algorithms that is used by this specification for rendering methods.

3.1 Render (TemplateRenderMethod)

The following algorithm is used to transform the SVG image template into the final SVG image that is displayed. The inputs to the algorithm are the verifiable credential ( verifiableCredential ) and the SVG image source code ( svgImage ). The output is a SVG image.

  1. Generate a map, replacementMap , by finding all strings in svgImage that start with {{ (double open braces) and end with }} (double close braces). For each string, templateKey , that is found:
    1. Generate another string, templateValue , by evaluating the value of templateKey (without the opening or closing braces) using the JSON Pointer [ RFC6901 ] algorithm with the verifiableCredential as input to the algorithm. If the evaluation is null , set templateValue to the empty string.
    2. Set a key in replacementMap by using templateKey and associate it with templateValue .
  2. For every key in replacementMap , replace each corresponding string in svgImage that matches the key with the associated value in the replacementMap .

4. Security Considerations

Issue 1 : Summary of Security Considerations

The list of security considerations listed below need to be converted into sections:

5. Privacy Considerations

Issue 2 : Summary of Privacy Considerations

The list of privacy considerations listed below need to be converted into sections:

6. Internationalization Considerations

Issue 3 : Summary of Internationalization Considerations

The list of internationalization considerations listed below need to be converted into sections:

A. References

A.1 Normative references

[infra]
Infra Standard . Anne van Kesteren; Domenic Denicola. WHATWG. Living Standard. URL: https://infra.spec.whatwg.org/
[OCA]
Overlays Capture Architecture Specification . Human Colossus Foundation. 2024. Living Specification. URL: https://oca.colossi.network/specification/
[RFC2119]
Key words for use in RFCs to Indicate Requirement Levels . S. Bradner. IETF. March 1997. Best Current Practice. URL: https://www.rfc-editor.org/rfc/rfc2119
[RFC6838]
Media Type Specifications and Registration Procedures . N. Freed; J. Klensin; T. Hansen. IETF. January 2013. Best Current Practice. URL: https://www.rfc-editor.org/rfc/rfc6838
[RFC6901]
JavaScript Object Notation (JSON) Pointer . P. Bryan, Ed.; K. Zyp; M. Nottingham, Ed. IETF. April 2013. Proposed Standard. URL: https://www.rfc-editor.org/rfc/rfc6901
[RFC8174]
Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words . B. Leiba. IETF. May 2017. Best Current Practice. URL: https://www.rfc-editor.org/rfc/rfc8174
[URL]
URL Standard . Anne van Kesteren. WHATWG. Living Standard. URL: https://url.spec.whatwg.org/
[VC-DATA-MODEL-2.0]
Verifiable Credentials Data Model v2.0 . Ivan Herman; Michael Jones; Manu Sporny; Ted Thibodeau Jr; Gabe Cohen. W3C. 15 May 2025. W3C Recommendation. URL: https://www.w3.org/TR/vc-data-model-2.0/