Overview

Understand the architecture and concepts of Solana Attestations

Overview

Solana Attestations provides a comprehensive framework for creating, managing, and verifying attestations on the Solana blockchain. This system enables developers to build trust-based applications with verifiable claims about accounts, tokens, and other on-chain entities.

Architecture

The attestation system is built on three core components that work together to provide a flexible and secure framework:

1. Credentials

Credentials represent attestation authorities and define who can issue attestations. They contain:

  • An authority that controls the credential
  • A list of authorized signers who can create attestations
  • A name for identification purposes

2. Schemas

Schemas define the structure and validation rules for attestations. They specify:

  • The data fields that attestations must contain
  • The data types for each field
  • Associated credential that can use this schema
  • Version information for schema evolution

3. Attestations

Attestations are the actual verifiable claims that contain:

  • The attested data conforming to a schema
  • References to the credential and schema used
  • Expiration timestamp for validity
  • Unique identifier (nonce)
  • Associated token account (optional)

Data Flow

Authority → Creates Credential → Defines Schema → Authorized Signers → Issue Attestations
  1. Authority Setup: An authority creates a credential and specifies authorized signers
  2. Schema Definition: The authority creates schemas that define attestation structure
  3. Attestation Issuance: Authorized signers create attestations following schema rules
  4. Verification: Anyone can fetch and verify attestations on-chain

Key Features

Flexible Schema System

  • Define custom data structures for different attestation types
  • Support for various data types (strings, integers, booleans, arrays)
  • Schema versioning for backwards compatibility
  • Pause/unpause schemas as needed

Authority Management

  • Hierarchical authority structure with credential authorities
  • Multiple authorized signers per credential
  • Dynamic signer management (add/remove signers)
  • Clear separation of concerns

Token Integration

  • Link attestations to specific token accounts
  • Enable token-specific claims and verifications
  • Support for both regular and tokenized attestations
  • Integration with Solana's token standards

On-Chain Verification

  • All attestations stored on Solana for transparency
  • Cryptographic verification of attestation authenticity
  • Expiration handling for time-sensitive claims
  • Immutable audit trail

Security Model

Trust Assumptions

  • Trust is placed in credential authorities and their authorized signers
  • Schema definitions are trusted to correctly validate data
  • The Solana blockchain provides the security foundation

Access Control

  • Only authorized signers can create attestations under a credential
  • Only credential authorities can modify signer lists
  • Schema modifications require authority approval
  • Attestation closure restricted to signers or authorities

Data Integrity

  • All attestation data is cryptographically signed
  • Schema validation ensures data conforms to expected structure
  • Expiration timestamps prevent stale claims
  • Immutable on-chain storage prevents tampering

Use Case Patterns

Identity and KYC

Credential: "Identity Verifier"
Schema: ["fullName", "dateOfBirth", "nationality", "verificationLevel"]
Attestation: User's verified identity information

Reputation Systems

Credential: "Reputation Authority" 
Schema: ["score", "category", "period", "evidence"]
Attestation: User's reputation score for specific time period

Professional Certifications

Credential: "Certification Body"
Schema: ["certificationType", "issueDate", "expiryDate", "grade"]
Attestation: Professional certification with validity period

Compliance Verification

Credential: "Compliance Auditor"
Schema: ["complianceType", "status", "auditDate", "riskLevel"]  
Attestation: Compliance status for regulatory requirements

Integration Patterns

Wallet Integration

Applications can integrate attestation verification into wallet interfaces to show verified claims about users or tokens.

DeFi Protocols

DeFi protocols can require specific attestations before allowing participation, enabling compliant and trust-based financial services.

NFT Marketplaces

Marketplaces can verify authenticity and provenance of NFTs through attestations from trusted authorities.

Gaming Platforms

Games can use attestations for achievement verification, anti-cheat measures, and player reputation systems.

Performance Considerations

On-Chain Storage

  • Attestation data is stored directly on-chain
  • Consider data size when designing schemas
  • Use efficient encoding for large datasets

Transaction Costs

  • Each attestation creation requires a transaction fee
  • Bulk operations can reduce per-attestation costs
  • Consider batching for high-volume use cases

Scalability

  • System scales with Solana's transaction throughput
  • Multiple credentials can operate independently
  • Schema design impacts query performance

Next Steps