SpruceID
Identity Platforms/FrameworksSelf-sovereign identity toolkit providing DID and verifiable credential implementations, authentication tools (Sign-In with Ethereum / SIWE), credential issuance platforms (Credible), and identity wallet SDKs (SpruceKit). Built the California DMV mobile driver's license (mDL) wallet, winning a Gartner Eye on Innovation Award. Powers credential workflows for government, enterprise, and Web3 use cases with open-source libraries.
Hybrid Company Medium capture risk
Links
Details
License Apache 2.0 / MIT / Permissive
Dev Status Released
Owner Spruce Systems Inc.; Co-founders Wayne Chang (CEO) and Gregory Rocco; both previously at ConsenSys
Country USA
Start Year 2020
Stack Rust, TypeScript, Python, Go
Funding VC
Last Investigated Mar 10, 2026
Identity Toolkit / Platform Attributes
Permissions Apache 2.0 / MIT (dual, permissive) — SpruceKit and all component libraries are published under Apache 2.0 or MIT licenses, allowing use in commercial and proprietary products without source disclosure. Contributors provide an express patent grant under Apache 2.0.
Development Tools SpruceKit SDK (open source, Apache 2.0 / MIT) — modular Rust, Swift, Kotlin, and TypeScript libraries for W3C VC issuance/verification, mDL (ISO 18013-5), and selective disclosure; ssi Rust core library (Apache 2.0) for DID resolution and cryptographic signing; SpruceKit Mobile SDK for iOS/Android credential wallet integration; SIWE (Sign-In with Ethereum) libraries in JavaScript, Rust, and Python; OpenID4VP Rust implementation; archived DIDKit cross-platform CLI and language bindings (Rust, Python, Java, Flutter); Credible reference wallet (Flutter, archived); TreeLDR schema definition language; Swagger/OpenAPI docs at sprucekit.dev.
Authentication & Identity Decentralized ID (DID) with multiple methods; Sign-In with Ethereum (SIWE/EIP-4361) as primary Web3 authentication; OIDC Identity Provider bridge for Web2 integration; wallet-based authentication
Storage Model Kepler (decentralized storage with user-controlled Orbits); credential storage in holder wallets; issuer-side credential management via Credible Platform (cloud-prem or on-prem)
Interoperability High: W3C VC + ISO mDL dual-format support; OIDC/SIWE bridge for Web2; interoperability demonstrated with 25+ vendors; working with AAMVA, NIST, Google, Panasonic, Samsung, Okta, Auth0; TSA mDL acceptance
Data Portability Full portability (W3C VC and ISO mDL standards-based credentials; open-source wallet SDK; no platform lock-in; CA DMV Wallet supports Apple and Android native wallets as alternatives)
Governance & Decision Making Company-controlled (Spruce Systems Inc.) with strong open-standards commitment; SIWE developed via open community calls with Ethereum Foundation and ENS; active W3C, DIF, and standards body participation
Identity Standards W3C DID; W3C Verifiable Credentials (VCDM 1.1 and 2.0); EIP-4361 (SIWE); ISO/IEC 18013-5 (mDL); OpenID Connect; OIDC4VC; DID method traits specification
DID Methods Supported did:key, did:web, did:pkh (blockchain-agnostic), did:ens, did:ethr, did:ion, did:tz (Tezos); DID method traits spec for upgradeable identity paths
Key Management User-controlled (wallet-based key management); HSM support for enterprise (Credible Platform supports hardware security modules); TEE support (trusted execution environments); browser/OS keychain integration
Credential Types Verifiable Credentials (W3C VCDM); mobile driver's licenses (ISO mDL); SD-JWT VCs; professional/educational credentials; age verification credentials; government IDs; Rebase witnesses for social account linking
Verification Method Cryptographic signature verification (multiple suites including Ed25519, EcdsaSecp256k1, BBS+); on-device verification (mDL NFC/QR without callback to issuer); selective disclosure; Groth16 ZKP support
Privacy Features Selective disclosure (mDL: share only required fields, e.g., age >21 without address); no digital trail/phone-home by design; on-device verification; privacy-preserving credential presentation
Authentication Methods Cryptographic signatures (wallet-based); Sign-In with Ethereum (EIP-4361); OIDC via SIWE Identity Provider; biometric authentication (device-level for mDL); passkeys/WebAuthn compatibility
Revocation Mechanism Credential revocation via Credible Platform (issuer-controlled); StatusList2021 support; ZCAP-LD for capability revocation in Kepler
Agent Types Supported Humans (individuals with wallet credentials); Organizations (issuers/verifiers via Credible Platform); Government entities (DMV, TSA integration)
Wallet/Client Types Mobile app (CA DMV Wallet, custom wallets via SpruceKit SDK); browser extension (SIWE integration); desktop application; SDK/Library integration (React Native, Flutter, native mobile, Rust, TypeScript)
Recovery Mechanisms Wallet-dependent (device-level backup via Apple/Google ecosystem for mDL); enterprise key recovery via HSM/TEE infrastructure; seed phrase for crypto wallet integrations
Compliance / Regulations REAL ID compliant (mDL); TSA-accepted; ISO/IEC 18013-5 certified; DHS Silicon Valley Innovation Program participant; AAMVA interoperability testing; Gartner Eye on Innovation Award 2023
Credential Exchange Protocols OIDC4VC (OpenID for Verifiable Credentials); ISO/IEC 18013-5 (mDL presentation); Presentation Exchange; SIWE (EIP-4361); ZCAP-LD (authorization capabilities)
Trust Framework Cryptographic verification (DID-based trust); government-anchored trust (state DMV issuance); AAMVA interoperability framework; open standards compliance
Cost Model Free (open-source libraries under Apache 2.0/MIT); Enterprise licensing (Credible Platform for government/enterprise deployments)
Censorship Resistance Hybrid (SIWE/DID-based credentials are user-controlled and portable; mDL credentials depend on issuing government authority; Kepler provides decentralized storage option)