Checks a receipt's optionalcredentialStatus reference (W3C BitstringStatusList, SPEC.md §REVOKE-1) and reads the revocation bit at statusListIndex in a supplied (zero-egress, never fetched) status list credential. A set bit means revoked, and revocation overrides §16 signature validity even when the receipt's own signature is cryptographically valid. Absence of a status reference is its own no-signal state, never treated as evidence of active status.
🔒 All inputs are processed locally in your browser. No data is transmitted. Do not enter real personal data — use synthetic or anonymised inputs only.
What this does NOT prove
This kernel never dereferences statusListCredential over the network: the status list credential's encoded bitstring must be supplied as an input. It does not validate the status list credential's own §16 signature, does not decompress a GZIP-encoded W3C encodedList (test-side fixtures use this kernel's own uncompressed base64url encoding, not the published SDK vectors), and a "no-signal" result is not a positive claim of active status; it means no status reference was checkable, nothing more.
Receipt credentialStatus (optional)
Status List Credential (supplied input, zero-egress)
–
Status
–
List Index
Revocation check
⚠ DECISION-SUPPORT DRAFT. Not an audit and not a PCAOB opinion. See the "What this does NOT prove" note above.