diff --git a/public/attributes b/public/attributes
index b7f0701ce7e8e3ce9ffa749590f99aeb0545ff4e..abb86d92268f8ed4e045e0329b48541a2103e28e 100644
--- a/public/attributes
+++ b/public/attributes
@@ -239,3 +239,12 @@ attribute hal_wifi_keystore_server;
 attribute hal_wifi_supplicant;
 attribute hal_wifi_supplicant_client;
 attribute hal_wifi_supplicant_server;
+
+# HwBinder services offered across the core-vendor boundary
+#
+# We annotate server domains with x_server  to loosen the coupling between
+# system and vendor images. For example, it should be possible to move a service
+# from one core domain to another, without having to update the vendor image
+# which contains clients of this service.
+
+attribute wifi_keystore_service_server;
diff --git a/public/hal_wifi_keystore.te b/public/hal_wifi_keystore.te
deleted file mode 100644
index 15368ae3e5d49ce30b85ea19c11a2426f2c2b6ea..0000000000000000000000000000000000000000
--- a/public/hal_wifi_keystore.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# HwBinder IPC from client to server.
-binder_call(hal_wifi_keystore_client, hal_wifi_keystore_server)
diff --git a/public/keystore.te b/public/keystore.te
index 456c74d50fb7da75532ea76ddffbd9e9f6514773..378949a987539602bed96d68068b1b2549f8bcf0 100644
--- a/public/keystore.te
+++ b/public/keystore.te
@@ -10,8 +10,9 @@ binder_call(keystore, system_server)
 # talk to keymaster
 hal_client_domain(keystore, hal_keymaster)
 
-# Implement the wifi keystore hal.
-hal_server_domain(keystore, hal_wifi_keystore)
+# Offer the Wifi Keystore HwBinder service
+hwbinder_use(keystore)
+typeattribute keystore wifi_keystore_service_server;
 
 allow keystore keystore_data_file:dir create_dir_perms;
 allow keystore keystore_data_file:notdevfile_class_set create_file_perms;
diff --git a/vendor/hal_wifi_supplicant_default.te b/vendor/hal_wifi_supplicant_default.te
index f0a6ffc383dc553dcc8329862a50a68497510953..82bccdbdf81596f2fcd25d5b885a7582853ea3da 100644
--- a/vendor/hal_wifi_supplicant_default.te
+++ b/vendor/hal_wifi_supplicant_default.te
@@ -8,8 +8,10 @@ net_domain(hal_wifi_supplicant_default)
 # Create a socket for receiving info from wpa
 type_transition hal_wifi_supplicant_default wifi_data_file:dir wpa_socket "sockets";
 
-# Allow wpa_supplicant to talk to Wifi Keystore HAL.
-hal_client_domain(hal_wifi_supplicant_default, hal_wifi_keystore)
+# Allow wpa_supplicant to talk to Wifi Keystore HwBinder service.
+hwbinder_use(hal_wifi_supplicant_default)
+binder_call(hal_wifi_supplicant_default, wifi_keystore_service_server)
+
 # TODO (b/36645291) Move hal_wifi_supplicant's data access to /data/vendor
 # Remove coredata_in_vendor_violators attribute.
 # wpa supplicant or equivalent