SID-PRIV-01 — Minimal Disclosure Enforcement

Property	Value
Status	verified
Owner	platform
Category	technical
CSF Function	protect
Group	Privacy Controls

Description

OID4VP limit_disclosure='required' enforces only explicitly requested fields are disclosed. DCQL (Digital Credentials Query Language) enables precise credential and claim selection. SD-JWT and mDOC both support per-claim/element selective disclosure.

Components

VC Issuer/Verifier
Wallet Backend (Go)

Source References

go-wallet-backend/oid4vp.go
vc/openid4vp/dcql.go

Audit Findings

Finding	Severity	Status
ISO-O-14 — Partial PII protection	high	open
ISO-T-9 — Partial data leakage prevention	low	open

Description​

Components​

Source References​

Audit Findings​

Description

Components

Source References

Audit Findings