VC-S-1 — External wallet presents forged OID4VCI authorization code
Component: vc Platform. Mitigations: Authorization code bound to PKCE challenge; single-use code validation. Action: None required.
| Property | Value |
|---|---|
| Section | Spoofing |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-AUTH-04 | WebSocket JWT Handshake Authentication |
| SID-CRYPTO-01 | PKCS#11 HSM Key Protection |
Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md