WF-R-1 — User denies signing a Verifiable Presentation
Component: Wallet Frontend. Mitigations: VP-JWT carries user DID and key reference; the signed VP itself provides cryptographic non-repudiation at the relying party. Action: Server-side logging of VP signing events is intentionally excluded — it would reveal which services the user presents credentials to, violating EUDI unlinkability and minimal disclosure principles; the signed VP-JWT is sufficient for non-repudiation
| Property | Value |
|---|---|
| Section | Repudiation |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-CRYPTO-01 | PKCS#11 HSM Key Protection |
Source: STRIDE analysis (April 2026), architecture/stride-threat-model.md