On June 8, 2026, at the Moldova Digital Summit, a Ukrainian team did something no other non-EU country has done: it put its national digital identity wallet through a live cross-border interoperability test against the European Union's own emerging standard. Engineers from State Enterprise Diia and the e-Governance Academy joined counterparts from Romania, Moldova, the Netherlands, France, and Croatia to verify that Ukraine's Diia Wallet could issue, store, present, and — critically — verify credentials offline in line with the European Digital Identity (EUDI) Wallet specifications under eIDAS 2.0. According to the e-Governance Academy, which ran the session through the EU's DT4UA project, the Ukrainian solution proved technically compatible with both European infrastructure and the national wallets of participating member states.
That a country at war, and outside the Union, is helping debug the EU's flagship digital-identity rollout is a story about more than wartime resilience. It is a live demonstration of why the EU chose an interoperable, user-held wallet model in the first place — and a useful test of whether that model can deliver on its promise without sliding into over-identification.
What actually got tested
The EUDI Wallet is mandated by Regulation (EU) 2024/1183 — the eIDAS 2.0 reform, adopted on April 11, 2024 and in force since May 20, 2024. It requires every member state to offer at least one digital identity wallet by the end of 2026, capable of letting citizens prove who they are and share verified attributes across borders without repeated identity checks. The hard part is not building one wallet; it is making 27-plus independently built wallets recognise each other. That is what the Moldova session probed: not a demo of Diia's features, but whether a credential issued in one system can be trusted and validated in another, including without an internet connection.
Ukraine's participation is grounded in domestic law, not aspiration. In June 2025, Kyiv's Cabinet of Ministers approved Resolution No. 689, establishing a digital ID wallet framework explicitly aligned to EUDI specifications, with full mutual recognition targeted for the end of 2026. Diia is no pilot: over 23 million Ukrainians — the large majority of the adult population — now use the platform, which carries 33 digital documents and more than 70 government services. Ukraine was the first country to grant digital passports legal parity with paper. That installed base is precisely what makes it a valuable stress-test partner: real users, real documents, real edge cases.
The case for caution — taken seriously
The strongest argument against rushing this is not technophobia; it is privacy. Spain's data protection authority, the AEPD, has warned in a detailed analysis that selective disclosure alone does not guarantee privacy: without robust unlinkability safeguards, colluding issuers and relying parties can correlate a person's verified identity with otherwise anonymous activity, enabling profiling and surveillance at scale. A single, widely accepted identity credential is a single, attractive point of failure — and a tool that an illiberal government could repurpose. For a wallet that may soon be presented to open a bank account, rent a flat, or buy age-restricted goods, the risk of "function creep" — every counter demanding full ID where a yes/no would do — is real and well-documented.
These concerns are correct, and they argue for getting the architecture right, not for abandoning it. The decisive point is that the wallet model is the privacy-protective option compared with the realistic alternatives: centralised state identity databases, or the status quo of handing over a photographed passport to every website and landlord. Done properly, a wallet lets a user prove "over 18" or "resident of X" without disclosing a name, address, or document number. The technology to do this — selective disclosure with unlinkability — exists; the policy task is to make it mandatory and default, not optional.
Why interoperability-by-design beats a mandate
This is where Ukraine's role is instructive for the pro-innovation case. The EUDI project's best feature is that it is a standard, not a product: Brussels defines what credentials must do and how they must interoperate, then lets member states — and, evidently, capable neighbours — build competing implementations. That is the open-internet pattern that produced email and the web, and it is why a Ukrainian team can show up and contribute rather than wait for permission. Each independent wallet that passes the same conformance tests strengthens the whole, while preserving competition and avoiding lock-in to any one vendor or government stack.
The risk to that virtue is regulatory over-prescription. eIDAS 2.0's value collapses if implementing acts grow so detailed that only incumbents can comply, or if member states bolt on national mandates forcing wallet use where paper or pseudonyms would suffice. The proportionate path is narrow: enforce the security and unlinkability floor — backed by the ENISA certification scheme now being finalised — keep acceptance genuinely voluntary for individuals, and otherwise let implementations compete on usability and trust.
Ukraine, building under fire and outside the Union, has more incentive than anyone to make this work and fewer legacy systems holding it back. If a 23-million-user wallet from a non-member can clear the EU's own bar before the December 2026 deadline, it is strong evidence that interoperable, user-controlled digital identity is achievable — and a reminder that the EU's job now is to protect the standard's openness, not to smother it.