EU Digital Product Passports

Alpha · Active development

Signed by you. Verified by anyone.

Odal Node is sovereign infrastructure for EU Digital Product Passports. Your product data is validated and signed on your infrastructure, with your keys — only the signed proof is stored and served. Anyone can verify it.

Why now

The deadlines are set. The infrastructure mostly isn't.

Compliance arrives sector by sector, date by date — not "everything by 2027." Three dated obligations are already in law:

19 July 2026

Unsold goods

Large companies

Destruction of unsold textiles and footwear is banned for large companies, and destruction practices must be disclosed.

ESPR (EU) 2024/1781, Art. 25

18 February 2027

Battery passports

EV, industrial (>2 kWh), LMT

Every battery in scope placed on the EU market needs a digital battery passport, registered in the EU central registry.

Regulation (EU) 2023/1542, Art. 77

Next, from 2026

Priority sectors next

Textiles, iron & steel, furniture, tyres

The ESPR 2025–2030 working plan sets the order: textiles and iron & steel lead the first delegated acts, each fixing its own DPP application date when adopted. Electronics is not a priority sector in this plan.

ESPR 2025–2030 Working Plan, COM(2025) 187

The question is whether the infrastructure you adopt now still fits the next sector's act. Odal Node is built so that it does: new sectors arrive as schema and plugin updates, not as new systems.

How it works

Proof-bound: the data stays yours. The proof is what travels.

Manufacturers keep trade secrets. Regulators and customers need data they can trust. A proof-bound architecture serves both without asking either to compromise: raw production data is validated and signed locally, then discarded — only the signed passport is stored and served.

  1. 1

    Import

    Product data from CSV, Excel, or your ERP into your own node.

  2. 2

    Validate

    Against versioned sector schemas tracking the regulation, locally.

  3. 3

    Sign

    With your own key, generated and held on your infrastructure.

  4. 4

    Publish

    Only the signed passport becomes resolvable, via QR and GS1 Digital Link.

Any consumer, authority, or recycler verifies the signature against your public DID document — without Odal in the loop. What the node stores: the signed passport, the audit trail, the signature. What it never stores: raw import files, supply-chain detail beyond passport content, or your private keys.

What you get

Built for the compliance officer and the engineer at the same desk.

Proof-bound by architecture

Raw inputs are discarded after signing. A property of the software, not a policy promise.

Standards-native

GS1 Digital Link 1.2 resolution, W3C VC 2.0 credentials, did:web identity, AAS submodel export.

Sandboxed sector plugins

Each sector's compliance logic runs in an isolated sandbox. New regulations land as plugins, not rewrites.

Honest open-core

dpp-core (the regulatory standard in Rust) is Apache-2.0, full capability, forever. dpp-engine is BSL-1.1 with a real self-host grant — production self-hosting is free.

No vendor lock-in

The node is a single, self-contained service. You can run it on your own infrastructure, or on a cloud you control.

Self-host in minutes

One compose file. No licence keys, no passport caps. Ever.

Data and trust

What Odal Node can and cannot see.

Proof-bound is not a promise about our conduct; it is a property of the software. The node validates and signs locally, then discards the raw input — so there is no data for us to access, by construction. Stated precisely:

We can see

The signed passport you publish to a resolver we operate, and the metadata required to serve it.

We cannot see

Your private keys (held in-process on your infrastructure), your raw production data, your supply-chain detail.

We could see but do not

The contents of your import files, which the node discards after validation.

Standards

Built on the standards the regulation itself cites.

  • GS1 Digital Link

    Product identification and QR resolution

  • W3C Verifiable Credentials

    Credential format for signed passports

  • did:web

    Issuer identity, anchored in DNS and HTTPS

  • IDTA AAS

    Industrial submodel export for Industry 4.0 consumers

  • CEN/CENELEC JTC 24

    Harmonised DPP standards — tracked as they finalise