WB-T-1 — MITM modifies API request between reverse proxy and backend
Component: Wallet Backend. Mitigations: TLS configured (cert_file/key_file); reverse proxy enforces TLS to public clients. Action: Enforce TLS on reverse-proxy → backend leg in production
| Property | Value |
|---|---|
| Section | Tampering |
| Owner | operator |
Mapped Controls
| Control | Title |
|---|---|
| SID-TRANS-01 | TLS 1.2+ Minimum with Configurable Version |
Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md