Android provides a standard hardware attestation system with support for alternate operating systems via allowing their verified boot key fingerprints. It's mainly used with Google's root of trust and remote key provisioning service but the API supports alternative roots of trust.
Volla's Unified Attestation is fully built on Android's hardware attestation API. It solely exists to create a centralized authority and service determining what's allowed under their control.
Unified Attestation will permit using products from the companies involved in it while forbidding using arbitrary alternatives. They clearly aren't going to enforce reasonable security standards since their products wouldn't meet those. The whole purpose of the system is to permit their products regardless of merit and convince banking/government apps to adopt it.
There's nothing neutral or fair about a system controlled by companies approving their own products while disallowing other options.
Companies forming an anti-competitive cartel providing a service which permitting their products and while disallowing others isn't legal regardless of how they market it. It's not legal when Google does it with the Play Integrity API and it's not legal when it's Volla, Murena and iodé doing it.
We won't be participating in a system which gives these companies veto power over app compatibility on GrapheneOS. These companies will not be given the power to make arbitrary demands of GrapheneOS.
You should send all of this as a DMA complaint to the @EUCommission
GrapheneOS
Klaus Frank