Every time a verification session happens, for example if I have to prove that I am over 18 and I’m vaccinated, I’m actually showing attributes of different credentials, but they share that secret key as its first attribute. I’m also proving that this secret key is the same in both credentials.