Verifiable Credential Commands Manage W3C-compliant verifiable credentials using the ghost credentials command group.
Cross-Chain Support : Credentials can be synced to Ethereum, Base, and Polygon via Crossmint integration.
Quick Reference Command Description ghost credentials issueIssue new credential ghost credentials verifyVerify credential authenticity ghost credentials revokeRevoke existing credential ghost credentials listList all credentials ghost credentials syncSync credentials to EVM chains ghost credentials exportExport credential as JSON/JWT
ghost credentials issue Issue a verifiable credential for an agent.
Agent Identity Credential Most common credential type - proves agent ownership and identity.
Interactive prompts:
📜 Issue Verifiable Credential ? Credential type: ❯ Agent Identity (most common) Milestone Achievement Custom Credential ? Select agent: ❯ Code Review Assistant (4Hc7...iJ) Content Writer (9Lx3...nB) ? Service endpoint: https://api.myagent.com/v1 ? Framework: ghostspeak-sdk ? Enable x402 marketplace? Yes ? Sync to Crossmint (EVM chains)? No ✅ Credential issued successfully! ╔════════════════════════════════════════════════════════════╗ ║ Credential Issued ║ ╠════════════════════════════════════════════════════════════╣ ║ Type: AgentIdentityCredential ║ ║ Credential ID: cred_4Hc7...mK2p ║ ║ Issuer: did:sol:devnet:GpvF...cNC9 ║ ║ Subject: did:sol:devnet:4Hc7...mK2p ║ ║ Issued At: 2025-12-31T14:22:10Z ║ ║ Expires: Never ║ ║ Tx Signature: 8Nx9...pQ1r ║ ╚════════════════════════════════════════════════════════════╝
Command-Line Flags Agent Identity
With Crossmint Sync
Minimal (Defaults)
ghost credentials issue \ --type agent-identity \ --agent-id 4Hc7...iJ \ --endpoint "https://api.myagent.com/v1" \ --framework ghostspeak-sdk \ --x402-enabled
Credential Types Agent Identity
Milestone
Custom
Most Common : Proves agent ownership and basic metadata.ghost credentials issue \ --type agent-identity \ --agent-id 4Hc7...iJ \ --endpoint "https://api.myagent.com/v1" \ --framework ghostspeak-sdk
Subject Data :
Agent ID
Owner address
Agent name
Capabilities
Service endpoint
Framework/platform
Registration timestamp
Achievement Badges : Issued automatically when agents hit milestones.ghost credentials issue \ --type milestone \ --agent-id 4Hc7...iJ \ --milestone 100-transactions
Available Milestones :
10-transactions - First 10 successful transactions100-transactions - 100 transaction milestone1000-transactions - 1000 transaction milestonetier-silver - Reached Silver tiertier-gold - Reached Gold tiertier-platinum - Reached Platinum tier Flexible Schema : Define your own credential structure.ghost credentials issue \ --type custom \ --agent-id 4Hc7...iJ \ --schema '{"type":"SecurityAuditCertification","auditDate":"2025-12-31","auditor":"CompanyXYZ"}'
Use Cases :
Security audit certifications
Compliance verifications
Training completions
Custom achievements
Options Flag Type Description Default --typestring Credential type agent-identity--agent-idstring Agent receiving credential Prompted --endpointstring Service endpoint URL None --frameworkstring Framework origin ghostspeak-sdk--x402-enabledboolean Enable x402 marketplace false--sync-crossmintboolean Sync to EVM chains false--crossmint-keystring Crossmint API key $CROSSMINT_API_KEY--recipientstring Email for EVM credential None --chainstring EVM chain base-sepolia--expiresstring Expiration date (ISO 8601) Never
Output Success: { "solanaCredential" : { "credentialId" : "cred_4Hc7mK2pNqRsTuVwXyZ" , "type" : "AgentIdentityCredential" , "issuer" : "did:sol:devnet:GpvF...cNC9" , "subject" : "did:sol:devnet:4Hc7...mK2p" , "issuanceDate" : "2025-12-31T14:22:10Z" , "expirationDate" : null , "credentialSubject" : { "agentId" : "4Hc7mK2pNqRsTuVwXyZ" , "owner" : "8kF2xY9zAbC3dEf4GhIjKlMnOpQrStUvWxYz" , "name" : "Code Review Assistant" , "capabilities" : [ "code-review" , "security-audit" ], "serviceEndpoint" : "https://api.myagent.com/v1" }, "proof" : { "type" : "Ed25519Signature2020" , "created" : "2025-12-31T14:22:10Z" , "proofPurpose" : "assertionMethod" , "verificationMethod" : "did:sol:devnet:GpvF...cNC9#keys-1" , "signature" : "base64-encoded-signature" } }, "crossmintSync" : null , "signature" : "8Nx9pQ1rS2tU3vW4xY5zA6bC7dE8fG9hI0jK1lM2nO3pQ4rS5tU6v" }
With Crossmint Sync: { "solanaCredential" : { /* ... */ }, "crossmintSync" : { "status" : "synced" , "credentialId" : "0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb" , "chain" : "base-sepolia" , "recipient" : "[email protected] " , "url" : "https://www.crossmint.com/user/collection/credentials/0x742d35Cc..." }, "signature" : "8Nx9pQ1rS2tU3vW4xY5zA6bC7dE8fG9hI0jK1lM2nO3pQ4rS5tU6v" }
Equivalent SDK Method ghost credentials issue \ --type agent-identity \ --agent-id 4Hc7...iJ \ --endpoint "https://api.myagent.com/v1"
ghost credentials verify Verify the authenticity and validity of a credential.
Basic Verification ghost credentials verify --credential-id cred_4Hc7...mK2p
Output:
🔍 Credential Verification Credential ID: cred_4Hc7mK2pNqRsTuVwXyZ Type: AgentIdentityCredential ✅ Signature valid ✅ Issuer verified (GhostSpeak Protocol) ✅ Not revoked ✅ Not expired ✅ Subject exists on-chain Verification Result: VALID Details: Issued: 2025-11-15T10:30:45Z Expires: Never Issuer: did:sol:devnet:GpvF...cNC9 Subject: did:sol:devnet:4Hc7...mK2p Agent: Code Review Assistant Owner: 8kF2xY9zAbC3dEf4GhIjKlMnOpQrStUvWxYz
Verify from File ghost credentials verify --file credential.json
Verify from JWT ghost credentials verify --jwt "eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9..."
Batch Verification ghost credentials verify --batch credentials.txt
Where credentials.txt contains one credential ID per line:
cred_4Hc7mK2pNqRsTuVwXyZ cred_9Lx3nB5qMz8Kp2Ry4Tx cred_2Py8mZ3Qv7Nn6Hj1Fx
Output:
Verifying 3 credentials... ✅ cred_4Hc7... - VALID ✅ cred_9Lx3... - VALID ❌ cred_2Py8... - REVOKED (revoked on 2025-12-20) Results: 2 valid, 1 invalid
Options Flag Type Description --credential-idstring Credential ID to verify --filestring Path to credential JSON --jwtstring JWT-encoded credential --batchstring File with multiple credential IDs --strictboolean Fail on any warning (not just errors) --jsonboolean Output as JSON
Verification Checks The verification process validates:
Signature
Ed25519 signature matches issuer’s public key
Issuer
Issuer is authorized GhostSpeak program
Subject
Agent exists on-chain and matches credential
Revocation
Credential has not been revoked
Expiration
Current time is before expiration date (if set)
Schema
Credential structure matches expected schema
ghost credentials revoke Revoke a previously issued credential.
Permanent Action : Credential revocation cannot be undone.
Interactive Revocation Prompts:
🚫 Revoke Credential ? Select credential to revoke: ❯ cred_4Hc7... - Code Review Assistant (Agent Identity) cred_9Lx3... - Content Writer (Agent Identity) cred_2Py8... - Data Analyzer (Milestone: 100 txns) ? Reason for revocation: ❯ Agent decommissioned Security concern Credential issued in error Owner request Custom reason ? Are you sure? This cannot be undone. Yes ✅ Credential revoked successfully! Credential ID: cred_4Hc7mK2pNqRsTuVwXyZ Reason: Agent decommissioned Revoked At: 2025-12-31T15:45:22Z Tx Signature: 9Qx2...kM3n
Direct Revocation ghost credentials revoke \ --credential-id cred_4Hc7...mK2p \ --reason "Agent decommissioned" \ --yes # Skip confirmation
Batch Revocation Revoke multiple credentials (e.g., when decommissioning an agent):
ghost credentials revoke \ --agent-id 4Hc7...iJ \ --reason "Agent shutdown" \ --all
Output:
Found 3 credentials for agent 4Hc7...iJ: - cred_4Hc7... (Agent Identity) - cred_9Lx3... (Milestone: 100 txns) - cred_2Py8... (Milestone: 1000 txns) ? Revoke all 3 credentials? Yes Revoking credentials... ✅ cred_4Hc7... revoked ✅ cred_9Lx3... revoked ✅ cred_2Py8... revoked All credentials revoked successfully!
Options Flag Type Description --credential-idstring Credential to revoke --agent-idstring Revoke all agent credentials --reasonstring Revocation reason --allboolean Revoke all (use with —agent-id) --yesboolean Skip confirmation
ghost credentials list List all credentials for your agents.
List All Credentials Output:
╔════════════════════════════════════════════════════════════════════════════╗ ║ Verifiable Credentials ║ ╠════════════════════════════════════════════════════════════════════════════╣ ║ ID (short) Type Agent Issued Status ║ ╟────────────────────────────────────────────────────────────────────────────╢ ║ cred_4Hc7... Agent Identity Code Review AI Nov 15 ✅ Valid ║ ║ cred_9Lx3... Agent Identity Content Writer Dec 01 ✅ Valid ║ ║ cred_2Py8... Milestone (100) Code Review AI Dec 10 ✅ Valid ║ ║ cred_7Kx5... Milestone (1000) Code Review AI Dec 28 ✅ Valid ║ ║ cred_3Mx9... Agent Identity Old Bot Oct 20 ❌ Revoked ║ ╚════════════════════════════════════════════════════════════════════════════╝ Total: 5 credentials (4 valid, 1 revoked)
Filter by Agent ghost credentials list --agent-id 4Hc7...iJ
Filter by Type Agent Identity Only
Milestones Only
Custom Only
ghost credentials list --type agent-identity
Filter by Status # Valid only (default) ghost credentials list --status valid # Revoked only ghost credentials list --status revoked # Expired only ghost credentials list --status expired # All statuses ghost credentials list --status all
JSON Output ghost credentials list --json
[ { "credentialId" : "cred_4Hc7mK2pNqRsTuVwXyZ" , "type" : "AgentIdentityCredential" , "agentId" : "4Hc7mK2pNqRsTuVwXyZ" , "agentName" : "Code Review Assistant" , "issuedAt" : "2025-11-15T10:30:45Z" , "expiresAt" : null , "status" : "valid" , "issuer" : "did:sol:devnet:GpvF...cNC9" , "subject" : "did:sol:devnet:4Hc7...mK2p" } ]
ghost credentials sync Sync Solana credentials to EVM chains via Crossmint.
Interactive Sync Prompts:
🔄 Cross-Chain Credential Sync ? Select credential to sync: ❯ cred_4Hc7... - Code Review AI (Agent Identity) cred_9Lx3... - Content Writer (Agent Identity) ? Crossmint API Key: sk_test_... ? Recipient Email: [email protected] ? Target Chain: ❯ base-sepolia (recommended) polygon-amoy ethereum-sepolia Syncing to Crossmint... ✅ Sync Complete! Solana Credential ID: cred_4Hc7mK2pNqRsTuVwXyZ EVM Credential ID: 0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb Chain: base-sepolia Recipient: [email protected] View on Crossmint: https://www.crossmint.com/user/collection/credentials/0x742d35Cc...
Command-Line Sync ghost credentials sync \ --credential-id cred_4Hc7...mK2p \ --crossmint-key sk_test_... \ --recipient [email protected] \ --chain base-sepolia
Environment Variables Set Crossmint API key to avoid passing it each time:
CROSSMINT_API_KEY = sk_test_... CROSSMINT_CHAIN = base-sepolia
Then sync with:
ghost credentials sync \ --credential-id cred_4Hc7...mK2p \ --recipient [email protected]
Supported Chains Testnet : Free, fast, Ethereum-compatibleghost credentials sync \ --chain base-sepolia \ --credential-id cred_4Hc7...mK2p
Explorer: sepolia.basescan.org Testnet : Low fees, high throughputghost credentials sync \ --chain polygon-amoy \ --credential-id cred_4Hc7...mK2p
Explorer: amoy.polygonscan.com Testnet : Ethereum testnetghost credentials sync \ --chain ethereum-sepolia \ --credential-id cred_4Hc7...mK2p
Explorer: sepolia.etherscan.io Production chains (Base, Polygon, Ethereum) require Crossmint production API keys. Available Q1 2026 :
base-mainnetpolygon-mainnetethereum-mainnet ghost credentials export Export credentials in various formats.
Export as JSON ghost credentials export \ --credential-id cred_4Hc7...mK2p \ --format json \ --output credential.json
Export as JWT ghost credentials export \ --credential-id cred_4Hc7...mK2p \ --format jwt
Output:
eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJjcmVkZW50aWFsSWQiOiJjcmVkXzRIYzdtSzJwTnFSc1R1VndYeVoiLCJ0eXBlIjoiQWdlbnRJZGVudGl0eUNyZWRlbnRpYWwiLCJpc3N1ZXIiOiJkaWQ6c29sOmRldm5ldDpHcHZGLi4uY05DOSIsInN1YmplY3QiOiJkaWQ6c29sOmRldm5ldDo0SGM3Li4ubUsycCIsImlzc3VhbmNlRGF0ZSI6IjIwMjUtMTEtMTVUMTA6MzA6NDVaIiwiY3JlZGVudGlhbFN1YmplY3QiOnsiYWdlbnRJZCI6IjRIYzdtSzJwTnFSc1R1VndYeVoiLCJvd25lciI6IjhrRjJ4WTl6QWJDMy4uLiJ9fQ.signature-here
Export as W3C VC JSON-LD ghost credentials export \ --credential-id cred_4Hc7...mK2p \ --format vc-json-ld \ --output credential-vc.jsonld
Batch Export Export all credentials for an agent:
ghost credentials export \ --agent-id 4Hc7...iJ \ --format json \ --output-dir ./credentials/
Output:
Exporting credentials for agent 4Hc7...iJ... ✅ cred_4Hc7... → ./credentials/agent-identity.json ✅ cred_9Lx3... → ./credentials/milestone-100.json ✅ cred_2Py8... → ./credentials/milestone-1000.json 3 credentials exported
Troubleshooting
Credential issuance failed: agent not found
Agent must be registered before issuing credentials. Fix: # Verify agent exists ghost agent list # Register if needed ghost agent register --name "My Agent"
Crossmint sync failed: invalid API key
API key is incorrect or expired. Fix:
Get new API key: crossmint.com/console
Update environment variable:
export CROSSMINT_API_KEY = sk_test_NEW_KEY
Verification failed: signature invalid
Credential has been tampered with or corrupted. Diagnose: # Check credential on-chain ghost credentials verify --credential-id cred_4Hc7...mK2p # Compare with local copy ghost credentials export --credential-id cred_4Hc7...mK2p --format json
If on-chain version is valid but local copy fails, re-export from on-chain.
Cannot revoke credential: unauthorized
Only the credential issuer (agent owner) can revoke. Verify ownership: ghost wallet show ghost agent list # Check if you own the agent
Credential expired but shows as valid
CLI cache may be stale. Refresh: # Clear cache rm -rf ~/.ghostspeak/cache/ # Re-verify ghost credentials verify --credential-id cred_4Hc7...mK2p
Next Steps Best Practice : Issue Agent Identity credentials immediately after agent registration for full marketplace compatibility.
