diff --git a/apps/api-gateway/src/oid4vc-verification/dtos/oid4vc-verifier-presentation.dto.ts b/apps/api-gateway/src/oid4vc-verification/dtos/oid4vc-verifier-presentation.dto.ts
index 6a8c2d776..1025a51b4 100644
--- a/apps/api-gateway/src/oid4vc-verification/dtos/oid4vc-verifier-presentation.dto.ts
+++ b/apps/api-gateway/src/oid4vc-verification/dtos/oid4vc-verifier-presentation.dto.ts
@@ -265,11 +265,11 @@ export class DcqlQueryDto {
 }
 
 export class DcqlDto {
-  @ApiProperty({ type: DcqlQueryDto })
+  //@ApiProperty({ type: DcqlQueryDto })
   @IsDefined()
-  @ValidateNested()
-  @Type(() => DcqlQueryDto)
-  query: DcqlQueryDto;
+  //@ValidateNested()
+  //@Type(() => DcqlQueryDto)
+  query: unknown;
 }
 
 /**
diff --git a/apps/oid4vc-issuance/libs/helpers/credential-sessions.builder.ts b/apps/oid4vc-issuance/libs/helpers/credential-sessions.builder.ts
index b849355a9..dac66df5e 100644
--- a/apps/oid4vc-issuance/libs/helpers/credential-sessions.builder.ts
+++ b/apps/oid4vc-issuance/libs/helpers/credential-sessions.builder.ts
@@ -96,8 +96,8 @@ export type CredentialOfferPayload = BuiltCredentialOfferBase &
   (
     | {
         preAuthorizedCodeFlowConfig: {
-          txCode: { description?: string; length: number; input_mode: 'numeric' | 'text' | 'alphanumeric' };
-          authorizationServerUrl: string;
+          txCode: { description?: string; length: number; input_mode: 'numeric' | 'text' | 'alphanumeric' } | undefined;
+          authorizationServerUrl?: string;
         };
         authorizationCodeFlowConfig?: never;
       }
@@ -225,31 +225,32 @@ export function validatePayloadAgainstTemplate(template: any, payload: any): { v
 
 function buildDisclosureFrameFromTemplate(attributes: CredentialAttribute[]): DisclosureFrame {
   const frame: DisclosureFrame = {};
-  const rootSd: string[] = [];
+  const sd: string[] = [];
 
   for (const attr of attributes) {
-    if (!attr.disclose) {
-      continue;
-    }
-
-    // Case 1: attribute has children → nested disclosure
-    if (attr.children && 0 < attr.children.length) {
-      const childSd = attr.children.filter((child) => child.disclose).map((child) => child.key);
-
-      if (0 < childSd.length) {
-        frame[attr.key] = {
-          _sd: childSd
-        };
+    const childFrame =
+      attr.children && 0 < attr.children.length ? buildDisclosureFrameFromTemplate(attr.children) : undefined;
+
+    const hasChildDisclosure =
+      childFrame && (childFrame._sd?.length || Object.keys(childFrame).some((k) => '_sd' !== k));
+
+    // Case 1: this attribute itself is disclosed
+    if (attr.disclose) {
+      // If it has children, children are handled separately
+      if (!attr.children || 0 === attr.children.length) {
+        sd.push(attr.key);
+        continue;
       }
-      continue;
     }
 
-    // Case 2: simple attribute → root SD
-    rootSd.push(attr.key);
+    // Case 2: attribute has disclosed children
+    if (hasChildDisclosure) {
+      frame[attr.key] = childFrame!;
+    }
   }
 
-  if (0 < rootSd.length) {
-    frame._sd = rootSd;
+  if (0 < sd.length) {
+    frame._sd = sd;
   }
 
   return frame;
@@ -491,7 +492,7 @@ export function buildCredentialOfferPayload(
     return {
       ...baseEnvelope,
       preAuthorizedCodeFlowConfig: {
-        txCode: DEFAULT_TXCODE,
+        txCode: DEFAULT_TXCODE, // Pass undefined to enable no auth implementation, TODO: Need to make it configuarble.
         authorizationServerUrl: overrideAuthorizationServerUrl
       }
     };