A standard digital signature scheme has a binary property: you either reveal the signed message or you don't. This is inadequate for identity credentials, where a user might want to prove they are over 18 without revealing their birthdate, or prove they are a resident of Germany without revealing their home address.
BBS+ signatures solve this. A BBS+ credential is a multi-message signature where the holder can derive a zero-knowledge proof that reveals an arbitrary subset of the signed messages — without revealing the others, and without the verifier being able to link separate presentations back to the same credential.
The construction uses pairing-based cryptography over BLS12-381 curves. The core primitive is a commitment scheme where the issuer signs a vector of messages (m₁, m₂, ..., mₙ) and the holder can later produce a proof of knowledge for any subset (mᵢ, mⱼ, ...) while keeping the rest hidden.
Today, Solidus credentials are signed with Ed25519 — a fast, well-audited signature scheme that provides strong authentication. BBS+ selective-disclosure signatures (per the IRTF draft-irtf-cfrg-bbs-signatures spec, over BLS12-381) are live on testnet as of May 2026; external audit is pending and the full issuer flow is rolling out next. Once a credential is issued in BBS+ form, when a verifier requests proof of age, the user's wallet will construct a presentation that reveals only the age field — not the name, not the ID number, not the address. Predicate proofs (proving "over 18: true" without revealing the DOB itself) require an additional ZK-SNARK layer on top of BBS+, and remain on the roadmap.
This has two important properties for compliance. First, it will satisfy GDPR Article 5 (data minimization) — verifiers will be architecturally prevented from collecting more data than they request. Second, it will satisfy the principle of unlinkability — the same user presenting to two different verifiers cannot be correlated at the cryptographic level.
The performance overhead vs. standard signatures is manageable: both proof generation and verification are fast enough for interactive use, well within UX-acceptable bounds for a one-time authentication event.
Selective disclosure is not a privacy add-on. It is the correct default for identity credentials. Solidus shipped BBS+ on testnet in May 2026 (audit pending) and is rolling out the full issuer flow next.
Ready to integrate?
Replace your legacy auth provider today. Get 1,000 free verifications per month, no credit card required.
Join the Solidus Research Lab
Get weekly technical articles, protocol updates, and industry analysis delivered straight to your inbox.
No spam. Unsubscribe anytime. Read our Privacy Policy.