Jobchain - Verifiable employment credentials

Verifiable employment credentials. Signed by your employer, verified by anyone, owned by you.

The Problem

Employment verification is stuck in the dark ages. You write a PDF resume, an ATS shreds it back to text, and a background check company calls your old employer to confirm dates. Nobody can verify your actual work without a phone call.

Jobchain fixes this with cryptographically signed credentials. Your employer signs a structured document saying you worked there. Anyone can verify the signature. No phone calls, no PDFs, no trust-me-bro.

How It Works

Employer Signs a credential

→

Employee Hosts it anywhere

→

Verifier Checks the signature

1. Employer Sets Up Identity

$ jobchain init --org "Acme Corp" --domain acme.com
Initialized jobchain identity for Acme Corp
  DID: did:web:acme.com
  Next: host did.json at https://acme.com/.well-known/did.json

This generates a keypair and a DID document. The public key lives at a well-known URL on the company's domain. That's the trust anchor — if you control the domain, you control the identity.

2. Employer Issues a Credential

$ jobchain issue --domain acme.com \
    --employee "Jane Developer" \
    --title "Senior Engineer" \
    --company "Acme Corp" \
    --start 2022-06

{
  "@context": ["https://www.w3.org/2018/credentials/v1"],
  "type": ["VerifiableCredential", "EmploymentCredential"],
  "issuer": "did:web:acme.com",
  "credentialSubject": {
    "type": "EmploymentRecord",
    "title": "Senior Engineer",
    "company": "Acme Corp",
    "start": "2022-06"
  },
  "proof": {
    "type": "Ed25519Signature2020",
    "proofValue": "z4jH8n..."
  }
}

The output is a W3C Verifiable Credential — a JSON document signed with Ed25519. Hand the .vc.json file to the employee.

3. Anyone Can Verify

$ jobchain verify --input jane-acme.vc.json

VALID — credential signature verified
  Issuer:  did:web:acme.com
  Subject: Senior Engineer at Acme Corp
  Issued:  2024-06-15

Verification fetches the public key from acme.com/.well-known/did.json and checks the signature. No account needed, no API key, no phone call. Just math.

Your Wallet Is a Website

A "wallet" is just a folder of signed .vc.json files hosted as a static site. GitHub Pages, Netlify, your own server — anywhere.

$ jobchain wallet build --dir ./credentials --out ./site

This generates an HTML site with your credentials and a machine-readable index.json manifest. Hiring managers see a clean page. ATS systems consume the structured JSON.

What This Is Not

Not a blockchain. Trust comes from DNS and public key cryptography, same as HTTPS.
Not a platform. There's no account to create, no service to depend on.
Not self-attested. Only the employer's private key can produce a valid signature.

Built On Standards

W3C Verifiable Credentials 1.1 — credential format
did:web — issuer identity via DNS
Ed25519Signature2020 — fast, small signatures
JOBL — structured resume format (companion project)

Install

cargo install jobchain

Or build from source:

git clone https://github.com/ducks/jobchain
cd jobchain
cargo build --release