What does an SD-JWT VC actually look like? A walkthrough with real disclosures

SD-JWT VC adds a lot of moving parts on top of plain JWT — disclosures, key-binding JWTs, salt, and an issuer key resolution chain (x5c, jwk, did:key, did:jwk).

If you've never picked one apart byte-by-byte, paste any sample into the JWT/SD-JWT decoder we built and watch each piece light up:

https://docs.igrant.io/docs/devtools-jwt-decoder/

It auto-derives the issuer key, parses every disclosure inline, and gives you one-click signature verification.

Two questions for the community:

1. What's the trickiest SD-JWT VC quirk you've hit in the wild?

2. Is anyone using `did:jwk` for issuance, or are most production deployments still on `x5c`?