Evidence — PSDP

319/332 OIDF conformance test modules passed, 0 failed Official OpenID Foundation suite, local run, reproducible — not an OIDF certification. Details ↓

15/33 Protocol theorems discharged (machine-checked) 18 partial — we publish the split. Theorem status ↓

22 Credential types, in 43 issuer configurations, issued and stored against the walt.id wallet stack SD-JWT VC and ISO mdoc, end to end over live OID4VCI. Interop matrix ↓

OIDF conformance

OpenID Foundation conformance — local run, reproducible

Self-run against the official OpenID Foundation conformance suite. This is self-run evidence — not an OpenID Foundation certification; we are not listed on openid.net/certification.

Local runs of the official OIDF conformance suite. Every result bundle is signed by the suite’s own key and archived; runs are reproducible. Not a published OIDF certification.
Run	Scope	Result	Status	Source artifact
2026-06-01 independently reproduced 2026-06-04	Full suite — OID4VCI, OID4VP and OpenID Federation test plans	319/332 passed, 0 failed 11 warnings, 2 skipped	Pass	`tier3_results/oidf_conformance/SCORECARD.json` [OIDF-1]
2026-05-26 re-confirmed 2026-06-04	FAPI 2.0 Security Profile (Final) test modules embedded in the OID4VCI issuer plans	78/80 passed, 0 failed 2 warnings	Pass	`tier3_results/local_oidf_20260526_122209_mdoc_keyatt/summary.json` [OIDF-2]
2026-05-26	Earlier full-suite baseline	210/218 passed, 0 failed 7 warnings, 1 skipped	Pass	`tier3_results/local_oidf_20260526_122209_mdoc_keyatt/summary.json` [OIDF-3]
All runs	Signed result bundles — each export signed by the suite’s own key and archived	archived	Provenance	`conformance_results/test-log-*.zip` [OIDF-4]

Wallet interop

Tested against real wallets, on the wire

Wire-level results from lab captures. Coverage varies per wallet — each row states exactly what was tested, and nothing more. Tested against ≠ endorsed by.

Wallet interoperability evidence. Each cell says exactly what was tested; tested against ≠ endorsed by.
Wallet / stack	What was tested	Result	Status	Source artifact
walt.id wallet stack	22 credential types, in 43 issuer configurations (SD-JWT VC and ISO mdoc formats), each issued and stored end-to-end over live `OID4VCI`	22 types · 43 configs	Pass	`auto_research/scripts/wallet_baselines.json` [WAL-1]
vck library (A-SIT — the engine behind the ID-Austria Valera wallet)	Presented an SD-JWT PID to the PSDP verifier over `OID4VP 1.0 Final` (direct_post + DCQL); PSDP verified the issuer signature and the Key-Binding JWT and accepted (2026-06-08, reproducible harness). Scope: the vck library, not the Valera app binary; dc+sd-jwt only — not JARM, not mso_mdoc	KB-JWT verified, accepted	Pass	`scripts/vck-vp-holder/README.md` [WAL-2]
Wallet clients identifying as Paradym/Credo, Sphereon and Lissi	The live PSDP issuer served complete `OID4VCI` issuance flows (metadata → offer → token → credential, all HTTP 200), logged 2026-06-04. The log records user agents, not proof of the physical app	full HTTP-200 chains	Pass	`tier3_results/wallet_attempts/attempts.jsonl` [WAL-4]
Real Android wallet apps on physical devices — Paradym, Sphereon, EUDI reference, Procivis	Captured device logs (adb/logcat) against live PSDP endpoints. Device-traffic evidence only — no completed end-to-end real-phone flow is claimed	device logs captured	Partial	`tier3_results/android_config_sweep_*` [WAL-3]

Formal verification

Formal verification — the honest count

33 protocol theorems tracked: 15 discharged (machine-checked), 18 partial. We publish the split — partial means exactly that. A theorem map without gaps is a theorem map you should distrust.

Discharged = machine-checked and closed. Partial = exactly that: modeled, lemmas machine-verified where stated, not closed overall.
Track	Scope	Result	Status	Source artifact
Theorem map	33 protocol theorems tracked across the protocol	15 discharged · 18 partial	Partial	`auto_research/knowledge/theorem_map.json` [FV-1]
Tamarin prover (Dolev-Yao adversary)	Protocol model machine-checked across 7 theory files	36 lemmas verified — 32 trace + 4 observational‑equivalence (≈5,500 proof steps)	Pass	`conformance_results/EVIDENCE_PACKAGE.json` [FV-2]
Unlinkability — discharged	Identifier-hiding (T10a), audit/verifier-split (T10d) and nullifier-unlinkability / private-presentation theorems	discharged	Pass	`auto_research/knowledge/theorem_map.json` [FV-3]
Unlinkability — partial	Verifier-view unlinkability, issuer hiding and selective-disclosure privacy — modeled with machine-verified observational-equivalence lemmas but partial overall	partial	Partial	`auto_research/knowledge/theorem_map.json` [FV-3]
ZK circuit checks (circom reference circuits)	Picus (Veridise, Z3): “properly constrained”; Circomspect (Trail of Bits): “no issues found”; April 2026 evidence package. The live verify path is the arkworks Groth16 backend, not these circom artifacts	14/14 negative-witness tests	Pass	`conformance_results/EVIDENCE_PACKAGE.json` [FV-4]

Post-quantum boundary

What’s post-quantum here — and what isn’t

Hybrid post-quantum key establishment (X25519 + ML-KEM-768) and hybrid issuer signatures (ES256/EdDSA + ML-DSA-65, FIPS 204) are implemented in the reference stack.

PQC hybrid applies to confidentiality and authentication only; the limitation statement above accompanies every PQC mention on this site.
Layer	What ships	Post-quantum?	Source artifact
Key establishment (confidentiality)	Hybrid post-quantum `X25519 + ML-KEM-768`, implemented in the reference stack	Hybrid PQ	`src/psdp_ref/pqc_credentials.py` [PQ-2]
Issuer signatures (authentication)	Hybrid `ES256/EdDSA + ML-DSA-65` (FIPS 204), implemented in the reference stack	Hybrid PQ	`src/psdp_ref/issuer_signatures.py` [PQ-2]
Zero-knowledge proofs	The shipping ZK backend is classical `Groth16/BN254`	Not PQ	`docs/PQ_ZK_STATUS.md` [PQ-1]
PQ-STARK backend (roadmap)	Transparent proving spike (hash-based, no trusted setup), de-risked: fused proof ≈73 KB, prove time ≈16 s on 2016 laptop hardware — not live, not formally sound, not production-ready	Not live	`docs/PQ_ZK_STATUS.md` [PQ-3]

Security posture

Security posture — stated plainly

PSDP is a reference implementation; production hardening is in progress. That sentence is the ceiling — no stronger readiness wording appears anywhere on this site.

Verified read-only against the code in this tree; each row names the module that implements it.
Control	What the code does	Source artifact
Mock-proof rejection in production	In production mode (`PSDP_PRODUCTION=1`) the verifier refuses mock proofs — submissions are rejected with `mock_crypto_rejected_in_production` — and startup checks enforce production configuration before serving	`src/psdp_ref/age_verification.py` `src/psdp_ref/startup_checks.py` [SEC-1]
Real ZK exercised in CI	Real Groth16/BN254 verification is exercised in CI: a blocking job builds the Rust provers and runs the suite with `PSDP_REQUIRE_ZK=1`, so a missing prover is a hard failure, not a silent skip	`.github/workflows/ci.yml` [SEC-2]
Production-mode issuer trust	Fail-closed in production mode: real Ed25519 issuer-signature verification, expiry, registry/revocation status — any failure rejects — and one-time-use nullifiers persist across restarts via a file-backed replay guard. Scoped to the production layer; not a blanket “fail-closed everywhere” claim	`src/psdp_ref/production.py` [SEC-4]
Readiness ceiling	PSDP is a reference implementation; production hardening is in progress. Informed by a 2026-06-09 production-readiness audit and its ongoing remediation	2026-06-09 production-readiness audit [SEC-3]

Reproduce

Re-run it yourself

The artifacts behind every table on this page, by path (relative to the PSDP lab tree). The signed OIDF bundles and the vck harness include their own rerun instructions.

Evidence artifacts — source paths

# OIDF conformance scorecards (local runs of the official suite)   [OIDF-1, OIDF-3]
$ cat tier3_results/oidf_conformance/SCORECARD.json
$ cat tier3_results/local_oidf_freshrun_20260604_161726_full/summary.json
$ cat tier3_results/local_oidf_20260526_122209_mdoc_keyatt/summary.json  # FAPI 2.0 [OIDF-2]

# Signed result bundles (suite-signed exports)                      [OIDF-4]
$ ls conformance_results/test-log-*.zip

# Wallet interop baselines + live issuance logs                     [WAL-1, WAL-4]
$ cat auto_research/scripts/wallet_baselines.json
$ cat tier3_results/wallet_attempts/attempts.jsonl

# vck OID4VP harness — rerun instructions inside                    [WAL-2]
$ cat scripts/vck-vp-holder/README.md

# Formal verification — theorem map + Tamarin/circuit evidence      [FV-1..FV-4]
$ cat auto_research/knowledge/theorem_map.json
$ cat conformance_results/EVIDENCE_PACKAGE.json

# The PQ/ZK status register — source of the do-not-claim list       [PQ-1..PQ-3]
$ cat docs/PQ_ZK_STATUS.md

Want the full evidence pack for a procurement file? Talk to us →

Do-not-claim

The do-not-claim register

The register of claims we refuse to make is published next to the numbers — same repository, same review gate. The short version:

What we never claim

“Post-quantum zero-knowledge proofs” — the live ZK layer is classical Groth16/BN254.
Sub-kilobyte “post-quantum” proof sizes — the honest PQ-STARK size is ≈73 KB.
“Certified”, “conformance-signed”, or any published OpenID Foundation certification — we are not on openid.net/certification.
Any eIDAS legal status — qualified, notified, or trusted-list recognition. All PKI and EUDI work is interop evidence, not legal status.
A company, customers, a team, or revenue — PSDP is a pre-incorporation, single-founder project.
“Production-ready”, “battle-tested”, “enterprise-grade” — the ceiling is: reference implementation, production hardening in progress.
“Unlinkability-certified” or “proven unlinkable in production”.
Blanket “open source” — protocol-core modules are BUSL-1.1 and license finalization is in progress.
“All security findings fixed” or “zero known vulnerabilities”.

The full claims register — every allowed phrasing, its source artifact, and the claims rejected during audit — is published next to the numbers, at /claims-register.