How Is BAS Attestation Generated and Verified? A Complete Proof Lifecycle Analysis

The evolution of Web3 applications is transforming blockchain from a straightforward value transfer network into a network for identity, reputation, and data. An increasing number of use cases demand real-world information verification—such as identity authentication, corporate credentials, governance eligibility, and on-chain credit histories. However, blockchain alone cannot determine the authenticity of off-chain data. This necessitates a standardized mechanism to map trusted information on-chain.

BAS Attestation is a core building block of the BNB Attestation Service and the fundamental unit of its entire trust framework. From digital identity systems and DAO governance to AI Agent networks, Attestation plays a pivotal role in establishing trust.

What Is BAS Attestation?

As a digital proof record issued by a trusted entity for a specific fact, BAS Attestation can capture identity verification status, corporate credentials, DAO membership, KYC results, on-chain activity logs, and AI Agent reputation data. Because all attestations adhere to a uniform standard, they can be verified and reused across different applications.

Why Does BAS Need the Attestation Mechanism?

Blockchain guarantees data immutability but cannot automatically validate the authenticity of data sources.

For instance, after a user completes KYC, the blockchain has no way to confirm that the user truly passed identity verification. Similarly, whether a company holds legitimate credentials cannot be determined solely from on-chain transaction records.

The Attestation mechanism addresses this by introducing a trusted verifier that records verification results on-chain in a standardized format. When a third party needs to verify related information, it can directly check the existing attestation without rerunning the entire review process.

This model not only boosts verification efficiency but also lowers the costs of repeated certification across different platforms.

What Role Does Schema Play in the Attestation Lifecycle?

Schema marks the starting point of the Attestation lifecycle.

Think of Schema as an attestation template. It defines the data structure and field format of an attestation. Without Schema, the system cannot determine what specific content an attestation record describes.

For example, in identity verification, a Schema might include fields like user address, certifying authority, certification level, effective date, and expiration date. For academic credentials, the Schema might include fields such as school name, degree level, and graduation date.

By using a consistent data format, different applications can read and parse attestation content in the same way, enabling cross-platform interoperability.

How Does an Attester Issue an Attestation?

The Attester is the attestation issuer and a central participant in the trust system.

When a user submits a certification request, the Attester verifies the relevant information according to predefined rules. For example, an identity verification agency reviews the user's identity documents, a corporate certification agency validates business registration details, and a DAO may check member contribution records.

After the review, the Attester creates an Attestation based on the corresponding Schema and writes the certification result into the attestation data.

At this point, the Attestation includes issuer information, issuance timestamp, and related verification data, forming a complete trusted claim.

Since the Attestation is directly tied to the issuing entity, the Attester's reputation often determines the credibility of the attestation itself.

How Does a Recipient Receive and Use an Attestation?

The Recipient is the receiver of an attestation.

In most cases, the Recipient is an individual user, but corporate accounts, DAO organizations, smart contracts, and even AI Agents can also be attestation recipients.

Once an Attestation is issued, the Recipient gains the right to use that attestation. When accessing other applications later, the Recipient can authorize a third party to verify the relevant attestation without resubmitting documents or repeating the entire review process.

This model allows digital identity and reputation information to flow across platforms, gradually forming reusable data assets.

How Is an Attestation Stored in the BAS Network?

After issuance, the Attestation is recorded in the BAS registry system.

An attestation record typically includes the Schema identifier, issuing institution, recipient, issuance time, and relevant data fields. Because this information is recorded on the blockchain, it is immutable and traceable.

Different applications can query the corresponding attestation through a unified interface and verify its authenticity, its source (whether from a trusted entity), and its current validity.

This unified data layer is a key enabler of BAS's cross-application verification capability.

How Does a Third Party Verify an Attestation?

Verification is one of the most critical stages in the Attestation lifecycle.

When an application needs to confirm a user's identity or credentials, it sends a verification request to BAS and checks several key factors, including the issuer's identity, the attestation content, the issuance time, and the current status.

If the attestation comes from a trusted Attester and hasn't been revoked, the verification result is typically considered valid.

Compared to the traditional model of repeatedly collecting and reviewing user data, the attestation-based verification mechanism significantly improves efficiency and reduces the risks associated with redundant data storage.

How Does the Revocation Mechanism Work?

Real-world information is not permanent, so Attestation must support status updates.

Revocation is a mechanism to terminate an attestation's validity. When identity verification expires, corporate credentials become invalid, or user permissions change, the Attester can actively revoke the corresponding attestation.

A revoked attestation is not deleted from the chain—blockchain records are inherently permanent—but it is marked as invalid. During subsequent verifications, the system will recognize it as no longer valid.

This design preserves the integrity of historical records while ensuring the accuracy of current verification results.

What Is the Complete Lifecycle of an Attestation?

Overall, a BAS Attestation typically goes through the following stages.

First, a developer creates a Schema, defining the data structure and verification standards. Then, the user submits relevant materials to the Attester, who completes the review according to the rules.

After the review passes, the Attester issues the Attestation and writes it to the BAS network. The Recipient obtains the attestation and can authorize its use across different applications.

When a third party needs to verify the information, it can directly query the BAS network to check the attestation's status. If the information changes, the Attester can update its status through the Revocation mechanism.

This entire process—from creation, issuance, and storage to verification and revocation—forms the complete lifecycle and the core logic of the BAS trust network.

How Does BAS Attestation Differ from Traditional Certification Processes?

Traditional certification models typically rely on individual platforms to review user data separately.

Users repeatedly submit identity information across different platforms, and platforms must repeatedly execute verification processes. This not only increases operational costs but also degrades the user experience.

BAS Attestation adopts a "verify once, reuse many times" model, allowing verified information to be shared across different applications.

This model helps build a more open and efficient Web3 trust system.

Conclusion

As the core mechanism of the BNB Attestation Service, BAS Attestation transforms real-world identities, credentials, behaviors, and reputation into verifiable on-chain records through a standardized attestation framework. An Attestation begins with Schema creation, undergoes Attester review and issuance, is stored in the BAS network, and is ultimately verified and reused by third-party applications.

FAQs

What is the relationship between Attestation and Schema?

Schema is an attestation template that defines the data structure; Attestation is a specific attestation record generated from that template. Without Schema, standardized verification of Attestation is impossible.

Who can become an Attester?

Any entity with verification capabilities and a reputation basis can become an Attester, including KYC service providers, enterprises, educational institutions, DAO communities, and AI Agent networks.

Does an Attestation have to be stored on-chain?

BAS supports both on-chain and off-chain attestation models. Core verification information is typically recorded on-chain, while some data can be stored off-chain based on actual needs to improve privacy and scalability.

What happens after an Attestation is revoked?

A revoked Attestation is not deleted but is marked as invalid. The verification system can recognize this status and will no longer accept it as valid proof.

Can a user have multiple Attestations?

Yes. The same user can hold multiple Attestations simultaneously, such as identity verification, academic credentials, DAO membership, and on-chain reputation attestations.