Request Signing for Sensitive Operations

[luca-fitseveneleven]

Cryptographic request signing for critical API operations.

Requirements:

• HMAC-based request signing
• Replay attack prevention with nonce/timestamp
• Configurable per endpoint