WB-I-2 — MongoDB user records accessible without encryption at rest
Component: Wallet Backend. Mitigations: MongoDB connection supports optional mTLS; at-rest encryption is operator responsibility. Action: Document operator requirement to enable MongoDB encryption at rest
| Property | Value |
|---|---|
| Section | Information Disclosure |
| Owner | operator |
Mapped Controls
| Control | Title |
|---|---|
| SID-DATA-01 | SD-JWT Selective Disclosure |
Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md