Current state
Fragmented platforms
Credentials often live in private systems and fail to travel cleanly across employer workflows.
Manifesto
The Let's Encrypt moment for credentials
Credentials should be as easy to verify as HTTPS certificates: open standards, no lock-in, and strong proof by default.
Target state
Portable trust
A credential should be portable JSON with transparent issuer checks and proof verification.
Method
Open infra first
Invest in free, standards-aligned tooling so any issuer can publish trustworthy credentials.
What is concrete in this implementation
Verifier hardening
Public URL safety controls
Public endpoints reject private/internal targets before any server-side fetch occurs.
Issuer integrity
Anti-impersonation checks
Domain ownership flow built around /.well-known/openbadges-issuer.json verification.
Operational path
Issue + verify + test
A single app provides issuance APIs, public verifier APIs, and a live hosted sample for testing.
Design principles
Public verifiability
Verification should be inspectable and reproducible with clear status outputs.
Issuer accountability
Domain ownership and well-known profiles establish explicit issuer provenance.
Operator ergonomics
CLI, API, and MCP access should make secure issuance practical instead of aspirational.
Roadmap arc
Phase 1: Foundation
Reliable issue and verify primitives with markdown-first docs for humans and LLMs.
Phase 2: Integrations
Deeper LMS and hiring-system integrations built on stable trust interfaces.
Phase 3: Network effects
Credential verification becomes expected everywhere, with no dependence on a single vendor.
Build on open trust primitives
Use the API to move from idea to a verifiable credential pipeline.