How are you debugging mdoc/CBOR credentials during ETSI Plugtests?

The ETSI EAA Plugtests are running through 1 June 2026 with focus on SD-JWT VC and ISO 18013-5. Curious what tooling everyone is reaching for when an IssuerSigned structure or COSE_Sign1 envelope doesn't decode cleanly.

Our team got tired of pasting CBOR into half-broken local scripts (or worse, online decoders that upload to a server), so we built a browser-only one:

https://docs.igrant.io/docs/devtools-mdoc-decoder/

It surfaces the IssuerSigned tree, COSE_Sign1 protected/unprotected headers, the Mobile Security Object, every namespace, and the issuer x5chain.

What is everyone else using? Drop your toolkit — happy to compare notes on edge cases. If you've got a credential format that breaks our decoder, share it and we'll dig in.