Abstract
Can non-custodial crypto survive EU regulations? As the European Union enforces eIDAS v2, the MiCA framework, and the Transfer of Funds Regulation (TFR), decentralized finance is under pressure to comply with strict identity verification rules. Non-custodial wallets — cornerstones of Web3 sovereignty — currently fall outside compliance pathways.
This article explores how the EUDI Wallet — when combined with protocols like OIDC4VP, Verifiable Credentials (VCs), and blockchain ownership proofs — can bridge this gap. Drawing on technical frameworks, wallet architecture patterns, and tested European pilots (like EWC’s A2A payment under DSP2), we show how compliant, decentralized identity is achievable. This integration opens the door to self-sovereign access to euro-backed stablecoins, re-usable KYC for DeFi, and AML-compliant peer-to-peer payments — paving the way for a lawful, open, and privacy-preserving future for crypto in Europe.
The Problem: Identity Compliance for Non-Custodial Wallets
The Transfer of Funds Regulation (TFR) mandates that identifying information about both the originator and beneficiary be attached to crypto-asset transfers. While this is feasible in custodial systems — where exchanges and centralized platforms manage user accounts and enforce KYC — it’s a fundamental challenge for non-custodial wallets, where users generate and control their own keys, and no intermediary exists to manage compliance.
Despite this, regulatory and industry-driven solutions for TFR compliance have largely overlooked the non-custodial use case. Protocols like TRISA (Travel Rule Information Sharing Architecture) are designed to enable secure identity exchange between regulated Virtual Asset Service Providers (VASPs). However, TRISA is a closed network, built primarily for custodial-to-custodial transfers, and is not open to non-custodial wallets, which fall outside the traditional VASP framework.
Projects like OpenVASP aimed to create a more decentralized and flexible alternative, allowing VASPs to communicate in a peer-to-peer fashion. While conceptually aligned with decentralized values, OpenVASP has seen limited adoption, is no longer actively evolving, and lacks integration with eIDAS v2 or support for EUDI Wallet-based identity verification.
Adding to the complexity, traditional crypto wallets were never designed to support identity natively. Their architecture is focused on key management and transaction signing, not on verifiable credentials, legal identity binding, or regulated disclosures. While some solutions have tried to introduce on-chain identity objects, these approaches face serious conflicts with GDPR and are often based on custom trust frameworks. For example, immutability of on-chain data can violate the “right to be forgotten,” and storing personal data on public ledgers undermines principles of user consent, data minimization, and privacy by design.
As a result, non-custodial wallets are at risk of being excluded from regulated financial systems, not due to their technical capabilities, but because they lack a privacy-preserving, standards-compliant way to prove identity. Without a solution that enables users to assert identity voluntarily, off-chain, and in a verifiable format, compliance with regulations like TFR becomes nearly impossible — pushing self-custody to the margins of legal crypto infrastructure in Europe.
Regulatory Context: MiCA, TFR, and eIDAS v2
Understanding the Transfer of Funds Regulation (TFR)
The Transfer of Funds Regulation (TFR) is the European Union’s implementation of the Financial Action Task Force (FATF) Travel Rule, aiming to prevent money laundering and terrorist financing in the crypto space. It requires Virtual Asset Service Providers (VASPs) — like exchanges, custodians, and wallet providers — to collect and share identifying information about both the sender (originator) and the recipient (beneficiary) of a crypto transaction. This applies to transfers over €1,000, including those involving stablecoins.
The EU has integrated this rule into its broader regulatory push under MiCA (Markets in Crypto Assets Regulation), which defines licensing and compliance obligations for crypto actors. Together, TFR and MiCA form a coordinated framework for legal and traceable crypto asset usage across the EU.
One of the major challenges with TFR is that it assumes there is a centralized intermediary in the transaction. However, in non-custodial scenarios — where users control their own wallets — there is no such intermediary to collect or relay identity information. This creates a regulatory gray area that could exclude peer-to-peer crypto transfers unless new mechanisms for self-attested, verifiable identity sharing are adopted.
What Is eIDAS v2 and the EUDI Wallet?
eIDAS v2 is the European Union’s upgraded electronic identification regulation, building on the original eIDAS framework to provide a pan-European digital identity system. A key feature of eIDAS v2 is the introduction of the European Digital Identity Wallet (EUDI Wallet), which allows EU citizens and residents to store and present Verifiable Credentials — digital proofs of attributes like legal identity, age, residence, and more.
These credentials are cryptographically signed by trusted issuers (e.g., governments, banks, universities) and can be selectively disclosed, verified offline, and used across borders. Unlike centralized ID systems, the EUDI Wallet is user-controlled, privacy-preserving, and designed to be interoperable with both public and private services. In the context of crypto, it offers a powerful foundation for proving identity in a decentralized way, potentially solving the compliance challenge posed by regulations like the TFR.
The Rise of Regulated Stablecoins in the EU
The momentum around euro-denominated stablecoins is rapidly accelerating across the European Union, with major issuers aligning themselves with MiCA’s regulatory framework. Circle, issuer of USDC, has launched EURC, a fully reserved, euro-backed stablecoin, and secured a MiCA-compliant e-money license via its French entity. Societe Generale’s crypto arm, SG-FORGE, has introduced EURCV, a permissioned euro stablecoin on Ethereum, tailored for institutional settlement, bond issuance, and wholesale financial markets. Meanwhile, Membrane Finance’s EURe, issued under Finland’s e-money license, is positioned for DeFi integrations, merchant payments, and cross-border remittances.
These stablecoins are already being tested or deployed in real-world financial operations — including automated treasury flows, B2B payments, tokenized asset settlement, and on-chain liquidity provisioning. Their adoption signals that stablecoins are no longer confined to crypto trading — they are evolving into a compliant payment layer for both traditional and decentralized finance. However, regulated usage of these tokens still depends on verifiable identity — particularly under the Transfer of Funds Regulation (TFR). This is where the EUDI Wallet becomes essential: it provides a user-controlled, reusable identity layer that enables AML-compliant stablecoin transactions — whether peer-to-peer, commercial, or institutional — without sacrificing decentralization or privacy.
Why Stablecoin Integration Is a More Natural Fit for EUDI Wallet Payment
Unlike fiat-based payment systems, which are heavily dominated by banks, card schemes, and legacy infrastructure providers, the stablecoin ecosystem presents a more open environment for identity innovation. Traditional financial actors have been reluctant to adopt the EUDI Wallet as a user authentication or payment method, often due to concerns around control, branding, and customer data. In contrast, stablecoin issuers and Web3 platforms are already building natively with programmable identity layers. This makes the integration of the EUDI Wallet into stablecoin payment flows much more straightforward with fewer gatekeepers, faster implementation cycles, and a greater alignment with self-sovereign principles. As euro stablecoins become more widely adopted, they offer a clean slate for embedding compliant identity standards like the EUDI framework without the friction of traditional financial politics.
The EUDI Wallet and the European Identity Framework
The European Digital Identity (EUDI) Wallet, introduced under eIDAS 2.0, is a cornerstone of the EU’s digital identity strategy. It enables users to receive, store, and present Verifiable Credentials (VCs) issued by certified public and private authorities, in a privacy-preserving and user-controlled manner. These credentials are structured as Selective Disclosure JWTs (SD-JWT VCs), which allow users to reveal only the minimum necessary information when presenting their identity, for example, proving that they are over 18 or reside in a specific country, without disclosing their full birthdate or address. The entire framework is supported by a Public Key Infrastructure (PKI) rooted in X.509 certificates, ensuring cryptographic trust between credential issuers, holders, and verifiers. All participants — issuers, verifiers, and wallets — must be certified within the EU’s trust framework, providing legal certainty across borders. In the context of stablecoin transfers or decentralized applications, the EUDI Wallet offers a compliant, secure, and reusable way to verify user identity without relying on centralized databases or document uploads.
The ARF Protocol Stack
At the heart of credential exchange is OpenID for Verifiable Presentations (OIDC4VP), a key protocol profile standardized under OpenID Foundation and integrated in the eIDAS Architecture Reference Framework (ARF). OIDC4VP extends OAuth 2.0 to support real-time, wallet-based credential presentation flows. A verifier — such as a regulated crypto exchange, wallet provider, or DeFi front-end — can initiate a request for specific credentials. The user’s wallet responds by signing and returning a verifiable presentation containing only the requested claims, anchored in a credential issued by a trusted authority. This entire flow happens off-chain and in real-time, without requiring data persistence or exposing sensitive information. Combined with SD-JWT and selective disclosure, OIDC4VP enables compliant Travel Rule–level identity checks that are interoperable, privacy-preserving, and user-centric. Because this system avoids identity storage by relying on cryptographic proofs, it is highly aligned with GDPR principles such as data minimization and user consent.
Wallet Models, Blockchain Integration, and Lessons from LSPs
Despite its potential, the EUDI Wallet was not designed to perform blockchain operations like signing transactions or holding private keys for crypto. Conversely, traditional crypto wallets — like MetaMask or Ledger — do not support verifiable identity. To address this architectural gap, two integration models are emerging. The first is the combined wallet approach, exemplified by projects like Altme.io, which natively support both credential management and blockchain signing. This offers a seamless user experience for identity-bound crypto transactions. The second model is modular, involving a dedicated EUDI Wallet for credentials and a separate crypto wallet for asset control. While this approach increases flexibility, it requires mechanisms to cryptographically prove that both wallets belong to the same user — such as challenge signing, self-issued attestations, or linkage credentials.
A relevant precedent comes from the EWC Large Scale Pilot, which explored wallet-based attestations for account-to-account payments under the DSP2 regulation. In that model, users could initiate regulated payments by presenting proofs of bank account control, issued as verifiable credentials and used within a secure consent flow. This model maps directly to crypto: instead of proving control over an IBAN, the user could prove control over a blockchain address linked cryptographically to their EUDI identity. By adapting these proven mechanisms, the crypto industry can implement regulatory-grade compliance and trust, without sacrificing decentralization or user autonomy.
Proof of Blockchain Address Control
To bridge the gap between a user’s EUDI identity and their blockchain wallet, we need a reliable and privacy-preserving method to prove ownership of a blockchain address in a way that can be tied to a verified identity. There are at least two main approaches:
1. External Attestation (Third-Party Issuer)
An external verifier and attestation provider — such as a regulated VASP, notary, or identity service — can issue a Verifiable Credential stating that the user controls a specific blockchain address. Once issued, this credential can be reused for future transactions, offering a persistent and auditable link between the user’s identity and their crypto wallet. This method aligns well with regulated environments but introduces some reliance on trusted third parties.
2. Self-Issued Attestation via Dual-Key Wallets
A more privacy-preserving and decentralized approach becomes possible when a wallet supports both identity management and blockchain key control. In this case, the wallet itself can self-issue a Verifiable Credential, where the issuer is the blockchain key and the subject is the user’s EUDI identity. When this VC is later presented, it is signed by the EUDI identity key, creating a bidirectional cryptographic association between the identity and blockchain address without disclosing the link unless explicitly shared.
This method preserves self-sovereignty, removes dependency on third parties, and is fully compatible with selective disclosure and Zero-Knowledge Proof (ZKP) mechanisms for privacy. It provides a strong foundation for TFR-compliant, non-custodial crypto payments.
Key Use Cases Enabled by EUDI and Blockchain Integration
By combining verifiable digital identity with user-controlled blockchain wallets, the EUDI Wallet model opens up a powerful set of use cases at the intersection of compliance and decentralization. These integrations allow crypto users to remain self-sovereign while meeting the demands of EU regulations such as TFR, MiCA, and eIDAS v2.
1. Compliant P2P Stablecoin Transfers
Users can send and receive stablecoins directly from their non-custodial wallets, while attaching verifiable identity credentials as required by the Transfer of Funds Regulation (TFR). This makes it possible to perform fully compliant, wallet-to-wallet transfers without relying on custodial exchanges preserving decentralization without sacrificing legal compliance.
2. Identity-Verified Payments for Merchants and Professionals
Merchants can receive payments in stablecoins, backed by legal identity credentials such as VAT numbers, business registration, or tax residency. This enables compliant crypto invoicing, B2B payments, and automated back-office processes offering a real-world payment solution that bridges traditional business needs with Web3 tools.
3. On-Chain KYC for DeFi and Regulated Tokens
DeFi protocols and regulated stablecoin issuers can request EUDI-based credentials to verify a user’s KYC, age, or residency without Fintech compliance, professionals collecting or storing any personal data. This enables privacy-preserving compliance with MiCA and national AML laws, while keeping the user in control of what information they share and when.
4. Access to Regulated Digital Assets
With EUDI credentials, users can seamlessly onboard to regulated euro-backed stablecoins, e-money tokens, or compliant tokenized financial instruments. This creates a user-controlled gateway to regulated digital finance, anchored in reusable, government-grade identity.
5. Cross-Border, Reusable Identity for Crypto
Because the EUDI Wallet is interoperable across EU member states, users can complete crypto transactions and onboarding across borders without duplicating KYC processes. This reduces friction for platforms, increases trust in P2P transfers, and supports scalable, pan-European Web3 services.
Conclusion: Toward an Identity-Aware, Decentralized Financial System
The EUDI Wallet represents more than a government-backed digital ID, it offers a new layer of trusted interoperability for decentralized systems. When combined with blockchain key proofs and standards-based protocols like OIDC4VP, it enables regulatory-grade identity verification without compromising the core principles of crypto: user sovereignty, decentralization, and privacy.
Critically, this framework does not require reinventing identity infrastructure. It builds on proven tools: verifiable credentials, PKI trust chains, selective disclosure formats like SD-JWT, and integration protocols already tested in real-world scenarios such as the EWC Large Scale Pilot under DSP2. What’s missing is broad implementation across crypto infrastructure and coordinated collaboration between identity providers, crypto wallet developers, DeFi projects, and regulators.
Looking forward, the convergence of digital identity and crypto holds the potential to unlock new use cases, from AML-compliant P2P stablecoin payments to cross-border B2B invoicing and on-chain KYC for DeFi. The EUDI Wallet offers a regulatory path forward that does not force users to give up self-custody or accept invasive surveillance. Instead, it supports a modular, standards-driven future, where identity is portable, privacy is preserved, and crypto remains open, lawful, and human-centric.