The "MEX" Layer: Inside WhatsApp's EU DMA Compliance Architecture

Source: Decompiled GraphQL operation manifests from WhatsApp Android version 2.26.3.79. All operation names and structures are as observed in the client codebase. WhatsApp is undergoing the most significant architectural shift in its history — and most of it is invisible to users. Hidden inside recent Android builds is a higher-trust GraphQL schema called whatsapp_mex . MEX stands for Meta Experience , and it's where the platform's most regulated, security-sensitive operations live: EU Digital Markets Act interoperability, parent-child account supervision, passkey authentication, and cross-Meta identity linking. This is a technical deep-dive into what that schema reveals about where WhatsApp — and Meta — is headed. The Three-Layer Architecture Before getting into specifics, it helps to understand how WhatsApp's backend is now structured: Layer Schema Purpose Public whatsapp General messaging, AI features, payments MEX whatsapp_mex High-trust ops: interop, parental controls, identity li