Why a Wallet Unit Attestation?

An Issuer is about to place a credential (a PID, a diploma, a licence) into a user's wallet. In the moment before it does, it has to answer a question the user never thinks about: is this a genuine, certified wallet, on hardware that will keep the credential safe, or a convincing fake? It cannot reach into the phone and look. The Wallet Unit Attestation (WUA) is how it answers, before signing anything.

An open ecosystem with no single owner

The EU Digital Identity Wallet is, by design, an open ecosystem. A user picks a wallet from any certified provider; an Issuer places a credential into whatever wallet the user happens to hold; a Verifier later accepts it across the member states. No single organisation owns the chain end to end. That openness is the point, but it means trust cannot be assumed: it has to be proven, at the moment of issuance, by something the Issuer can verify independently.

The question comes in two parts

The party best placed to vouch for a wallet is the one that built it: the Wallet Provider. It issues a small, signed proof, the WUA, that answers two distinct questions:

Is the wallet instance genuine and healthy right now? The Wallet Instance Attestation (WIA) answers this. It is short-lived (under 24 hours) because "genuine and healthy" can change quickly.
Are the keys held in certified secure hardware? The Key Attestation (KA) answers this. It attests that the credential-binding keys live in a WSCD, which is a fixed fact that does not need a daily refresh.

You need both. A genuine app with software-only keys, or strong hardware keys in a tampered app, would each fail one half. See What is a WUA? for the structure, and the playground to build and decode them.

The credential is locked to the wallet

When an Issuer issues a credential, it does not simply hand it over: it binds it (cnf) to a specific key that lives in the wallet's secure hardware and never leaves it. The credential therefore works only in that wallet. Even an exact copy is useless elsewhere, because the holder cannot prove control of the bound key.

What it defeats

The WUA, together with the key proof of possession, stops attacks that other mechanisms miss:

A repackaged or trojanised wallet app, because only a wallet signed by an approved provider produces a valid WUA.
Software key extraction, because the KA proves the binding key sits in certified, tamper-resistant hardware; a software-only key fails the check.
Replay of a stolen issuance request, because the WIA is short-lived and the key proof is bound to a one-time challenge (nonce) from the Issuer.
Diverting a credential to a different wallet, because the credential is cryptographically bound to the same attested key the wallet proved control of.
A wallet that was healthy but no longer is, caught at the next check, because the WIA expires within hours and the provider keeps revocation status available.

Why not reuse platform attestation?

Android Key Attestation and Apple App Attestation are excellent at what they do, but each attests a key on a specific platform and is signed against that platform's root, not a European trust list. The WUA is the layer that turns a platform fact into a European trust statement: a Wallet Provider, certified under eIDAS and listed on an official EU trust list, vouches for the wallet in terms any Issuer across the Union can verify.

Three states an Issuer needs to see

A wallet moves through more states internally than an Issuer needs to track. For an Issuer, the lifecycle reduces to three, published by the Wallet Provider and checked at issuance (and re-checked over the credential's life):

Valid: trusted, WIA fresh, not revoked.
Suspended: paused by the provider or the user, and can be reinstated.
Revoked: permanently withdrawn.

What it unlocks for issuers and businesses

The WUA is what makes large-scale issuance possible with confidence. An Issuer can set its own bar as policy, for example issuing a high-value credential only to wallets whose keys meet a given certification level, and rely on the WUA to enforce it automatically at scale, without inspecting each device by hand.

The same model for organisational wallets

The same two-part structure applies to wallets that organisations run for themselves (European Business Wallets). An organisational wallet presents an attestation of the same shape before it is issued credentials, so the trust model carries over from the personal wallet to the enterprise.

In short

A great deal of effort goes into making credentials trustworthy. The WUA makes the wallet that holds them trustworthy first, so that an Issuer never has to take the wallet on faith. Next: What is a WUA? for the structure, the playground to try it, or the FAQ.

An open ecosystem with no single owner​

The question comes in two parts​

The credential is locked to the wallet​

What it defeats​

Why not reuse platform attestation?​

Three states an Issuer needs to see​

What it unlocks for issuers and businesses​

The same model for organisational wallets​

In short​