SID-TRANS-03 — OpenID4VP Credential Presentation Protocol

Property	Value
Status	verified
Owner	platform
Category	technical
CSF Function	protect
Group	Transport Security Controls

Description

Full OID4VP flow: request parsing → request JWT verification (x5c/jwk) → verifier trust evaluation → credential matching (DCQL/Presentation Exchange) → user consent → VP submission via direct_post. client_id_scheme validated: x509_san_dns, x509_san_uri, did, verifier_attestation.

Components

Wallet Backend (Go)
VC Issuer/Verifier
Wallet Frontend

Source References

go-wallet-backend/oid4vp.go
vc/openid4vp/

Audit Findings

Finding	Severity	Status
EN-S-4 — Partial wallet unit security and lifecycle	medium	in progress

Description​

Components​

Source References​

Audit Findings​

Description

Components

Source References

Audit Findings