WB-D-3 — Admin API flooded to lock out legitimate administration
Component: Wallet Backend. Mitigations: Operator network segmentation reduces exposure; no dedicated rate limit on admin port. Action: Add deployment-level rate limiting/WAF policy for admin endpoint where exposed.
| Property | Value |
|---|---|
| Section | Denial of Service |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-HARD-02 | Input Validation and Injection Prevention |
| SID-HARD-03 | Network Segmentation (Separate Server Ports) |
Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md