SID-AUTH-01 — FIDO2/WebAuthn Passwordless Authentication

Property	Value
Status	verified
Owner	platform
Category	technical
CSF Function	protect
Group	Authentication Controls

Description

All user authentication via FIDO2/WebAuthn (registration + login). Password-based authentication completely removed. Supports discoverable credentials (passkeys), platform authenticators, and roaming authenticators. Implements challenge-response with RP ID validation.

Components

Wallet Frontend
Wallet Backend (Go)

Source References

go-wallet-backend/handlers.go
go-webauthn library

Audit Findings

Finding	Severity	Status
EN-S-4 — Partial wallet unit security and lifecycle	medium	in progress
EN-P-5 — Partial user authentication and session controls	high	in progress

Description​

Components​

Source References​

Audit Findings​

Description

Components

Source References

Audit Findings