SID-HARD-01 — Error Message Sanitization
| Property | Value |
|---|---|
| Status | verified |
| Owner | platform |
| Category | technical |
| CSF Function | protect |
| Group | System Hardening Controls |
Description
ErrorCode.UserFacingMessage() maps internal error codes to generic user-facing messages. Internal errors never exposed to WebSocket/HTTP clients. err.Error() removed from HTTP response bodies.
Components
- Wallet Backend (Go)
Source References
Audit Findings
| Finding | Severity | Status |
|---|---|---|
| EN-P-7 — Partial hardening and error handling | medium | resolved |
| ISO-T-9 — Partial data leakage prevention | low | open |