SID-CRYPTO-05 — Secure Random Number Generation
| Property | Value |
|---|---|
| Status | verified |
| Owner | platform |
| Category | technical |
| CSF Function | protect |
| Group | Cryptography Controls |
Description
Cryptographic nonce generation using crypto/rand (Go) and WebCrypto API (crypto.getRandomValues). Base64url encoding with configurable byte length. Admin tokens: 32-byte hex-encoded. PBKDF2 salts: 32-byte random.
Components
- Wallet Frontend
- Wallet Backend (Go)
- VC Issuer/Verifier
Source References
Audit Findings
| Finding | Severity | Status |
|---|---|---|
| EN-S-2 — Partial asset classification and cryptographic documentation | medium | in progress |