Ciarán

The closing date for responses to the public consultation on Ireland's Digital Wallet is today at 5pm.
I would strongly encourage anyone who has ties to Ireland to engage. #mastodaoine
Its only 5 minutes.

https://www.gov.ie/en/department-of-public-expenditure-infrastructure-public-service-reform-and-digitalisation/consultations/consultation-on-the-government-digital-wallet/

If you are a person who uses alternative android distribution - #GrapheneOS, #murena (/e/), #iode, #lineageos

"How the Government Digital Wallet is kept secure
...
and will not run on phones that have been jailbroken or rooted."
https://www.gov.ie/en/department-of-public-expenditure-infrastructure-public-service-reform-and-digitalisation/publications/government-digital-wallet-your-questions-answered/
[1/4]

Jun 24 at 6:05amWeb
Show threadCiarán1d ago

The line in their FAQ that states that rooted phones will not work with the app is an indication that they are planning to use only Google's ecosystem for integrity checks (for Android).

There are open source alternatives, such as Unified Attestation that would allow alternative android distributions to work. But unless there is the demand for it, the Irish government have no need to look into this.
This consultation is the opportunity for those who would be affected to have a voice.
[2/4]

Show threadCiarán1d ago

It is a pain to access government services without a myGovID versus with one. This Digital Wallet will likely have the same impact.

If you think that you can just get by without using it, I think you will be very much at a disadvantage in a few years time. You will be kinda forced to use it.

So I am asking you provide feedback and try to help make it an app you will enjoy using. Preferably one that isnt reliant on a Google Account.
[3/4]

Show threadCiarán1d ago

What I have seen online has almost entirely focused on how this app will be used to keep children off social media.

This Digital Wallet app aims to be far bigger and more important than that.
[4/4]

Show threadCiarán1d ago

Here are some of the concern I have voiced for your inspiration:

- Privacy concerns: Risk of government/company overreach eroding online/offline privacy.
- Second-class citizens: Services may favor digital wallet users, marginalizing non-users.
- Dependence on foreign companies: Worry about exclusion of non-Google/Apple platforms (e.g., GrapheneOS, LineageOS, /e/).
- Lockout of specific Android users: Exclusion via Google Play Store/Integrity API requirements.

Show threadCiarán1d ago
- Platform exclusivity: Lack of desktop support or non-smartphone access.
- Lack of clarity: No public technical details or source code (unlike European neighbors).
- Censorship/age gating: Focus on censorship over root causes of online issues.
- Language availability: Unclear support for Irish, other EU languages and non EU languages.
- Email dependence: Is there a risk of losing access if email is compromised?
Show threadScanner1d ago

@coraven Unified Attestation is another closed ecosystem. Volla, Murena and iodé sell unsafe products, neglect important patches and protections, and mislead users with inaccurate security claims. It mainly gives them an unfair advantage while pretending to improve security. Apps need verified secure devices, not authorised by niche companies.

Hardware-based attestation has valid uses without control by any organization.

Show threadCiarán1d ago

@a53bdb the fact that there is an alternative is a much better situation than just one defacto standard. This is of value.

This consultation is an opportunity for people to tell the 'powers that be' that they want to keep their choice over the devices they use day-to-day.

These operating systems are kept niche largely due to fear and uncertainty with banking apps. If government apps also slam the door on these, they will drive them to become less niche and more dead.

Progress over perfection.

Show threadScanner1d ago
@coraven I agree with most of what you said, but Unified Attestation does not represent real progress, and it will be very difficult to convince application developers to adopt it. Without adoption, the effort will be wasted. Hardware-based attestation is also far from perfect, but the focus of this consultation could simply shift to that approach, since it’s already usable now. https://x.com/GrapheneOS/status/2033925685568250119
GrapheneOS (@GrapheneOS) on X

@hello_volla Android provides a standard hardware attestation system with support for alternate operating systems via allowing their verified boot key fingerprints. It's mainly used with Google's root of trust and remote key provisioning service but the API supports alternative roots of

X (formerly Twitter)