Enforce per-socket rate limits (events/sec) and a max payload size (cap total and per-envelope ciphertext length). Use Redis counters keyed by socket/device. Exceeding limits warns then disconnects. Limits configurable via env.
Acceptance criteria:
- Flooding a socket triggers throttle then disconnect
- Oversized payloads rejected before persistence
- Limits configurable via env
Enforce per-socket rate limits (events/sec) and a max payload size (cap total and per-envelope ciphertext length). Use Redis counters keyed by socket/device. Exceeding limits warns then disconnects. Limits configurable via env.
Acceptance criteria: