Last night I was going through most f the whitepapers of Crypto Projects.What I found was totally amazing😍 projects broooo.....
SIGN Supports Auto-Expiring Credentials. The Expiry Logic Lives in a Smart Contract. Nobody Says Who Can Change It.
caught something in the Sign Protocol attestation management section that sits right at the edge of what "automatic" actually means
the whitepaper lists
"expiration management:
support for time-bound Attestations with automatic expiration" as a credential Lifecycle feature. I think a professional license expires after one year. a visa expires after six months. the expiry is automatic — the credential fails verification after the defined date without anyone needing to manually revoke it.
I thing this is clean design. no manual expiry process. no revocation list to maintain for expired credentials. time-bound credentials expire by themselves.
but automatic expiration in a blockchain system means the expiry logic lives somewhere.
in SIGN's architecture it lives in the attestation smart contract or the on-chain verification logic. when a verifier checks a credential,
the contract checks the expiry timestamp against the current block time and returns valid or expired.
heres the thing nobody asks.
who can modify that expiry logic after deployment?
if a government deploys SIGN and hard-codes credential expiry periods in the smart contract one year for professional licenses,
five years for national ID can those periods be changed? who holds the upgrade keys for the expiry logic contract? if an emergency requires extending all visa validity by six months
COVID-style