Skip to content

Bitcoin accepted at checkout  |  Ships from Laval, QC, Canada  |  Expert support since 2016

SD-JWT

Digital Sovereignty

Definition

SD-JWT (Selective Disclosure for JWTs) is the IETF specification that retrofits privacy onto the ubiquitous JSON Web Token. A standard JWT is all-or-nothing: present the token and every claim inside it — name, birthdate, address, entitlements — is visible to the verifier, whether the interaction needs it or not. SD-JWT changes that contract. The issuer marks individual claims as selectively disclosable, and the holder later chooses, presentation by presentation, exactly which ones to reveal to each verifier — all without breaking the issuer's signature over the credential.

The salted-hash mechanism

The construction is refreshingly plain. For each disclosable claim, the issuer does not embed the cleartext value in the signed payload. Instead it creates a Disclosure — a base64url-encoded JSON array containing a random salt, the claim name, and the claim value — and places only a digest of that Disclosure into the signed token. The holder receives the JWT plus the full set of Disclosures alongside it. At presentation time, the holder forwards the token together with only the Disclosures they wish to reveal; the verifier hashes each one and matches it against the digests inside the signed payload. Anything not disclosed remains an opaque digest — provably committed to by the issuer, but unreadable. The per-claim random salt is what prevents guessing: without it, a verifier could hash likely values ("is the birthdate 1990-01-01?") and test them against the digests. Implementations must support SHA-256 as the digest function, and holder-binding extensions let the presentation prove possession of a holder key so a stolen credential cannot simply be replayed.

Why it won adoption

SD-JWT's virtue is that it demands almost nothing new. It reuses the existing JOSE/JWT tooling that every web stack already ships — ordinary signatures, ordinary hashing, ordinary base64url — rather than exotic pairing-based cryptography. That pragmatism is why the EU's eIDAS 2 regulation and the EUDI Wallet architecture adopted SD-JWT-based verifiable credentials alongside the ISO mdoc format, and why it has become the default answer when an existing JWT-shaped system needs privacy without a cryptographic research project. For a developer, upgrading from "send the whole token" to "send the token plus chosen disclosures" is an afternoon, not a migration.

The honest limitation: linkability

The trade-off versus zero-knowledge approaches is correlation. The salted hashes and the issuer's signature value are identical every time the same credential is shown, so two verifiers — or one verifier across visits — can match presentations and build a profile even when the disclosed claims differ. Batch issuance of many single-use credential copies blunts this but multiplies issuer interaction. Schemes built on BBS+ signatures avoid the problem cryptographically, letting the holder re-randomize each presentation so no two showings are linkable, and AnonCreds goes further still with predicate proofs. SD-JWT chooses deployability over unlinkability, and it is important to know which property your use case actually needs. The mitigation hierarchy is worth remembering: disclose less, rotate credentials often, and reserve the unlinkable schemes for contexts where correlation is the actual threat model rather than a theoretical one.

The sovereign read

SD-JWT is a genuine improvement over the status quo — data minimization by default, holder consent per presentation, and it composes cleanly into a verifiable presentation. The sovereign caution is simply to remember whose privacy model it implements: it hides claims from verifiers, not the fact of credential use from a determined correlator, and the issuer still learns whatever it learned at issuance. As one concrete implementation of selective disclosure, it is the pragmatic floor — and knowing where the floor is helps you decide when you need the stronger, heavier ceiling.

In Simple Terms

SD-JWT (Selective Disclosure for JWTs) is the IETF specification that retrofits privacy onto the ubiquitous JSON Web Token. A standard JWT is all-or-nothing: present the…

Explore the Full Glossary

Browse all Bitcoin mining terms from A to Z. Whether you are a beginner or expert, deepen your understanding of the mining ecosystem.

Mining Glossary

ASIC Miner Database

Compare 500+ miners with real-time profitability data, home mining scores, and detailed specs.

Compare Miners