SID-ACCESS-03 — User Consent Before Credential Disclosure
| Property | Value |
|---|---|
| Status | verified |
| Owner | platform |
| Category | technical |
| CSF Function | protect |
| Group | Access Control |
Description
Explicit user consent required before disclosing credentials in OID4VP flow. User reviews verifier identity, requested attributes, and credential selection before approving. Consent step (awaiting_consent) in engine state machine.
Components
- Wallet Frontend
- Wallet Backend (Go)