MoFA Node DoS Vulnerability: Unbounded Memory Leak in TokenBucketRateLimiter

A critical security flaw in the MoFA node's gateway exposes the system to a straightforward Denial of Service (DoS) attack, capable of crashing the node by exhausting its memory. The vulnerability resides in the `TokenBucketRateLimiter` implementation, which uses a `DashMap` to store rate-limit buckets for clients. Crucially, this map has no defined upper bound and lacks any mechanism to evict old or unused entries. This design creates an unbounded memory leak, where every unique client identifier creates a permanent, accumulating entry in system memory.

The flaw is particularly severe because the rate limiter supports a `KeyStrategy::PerClient` mode. In practice, this means every distinct client IP address or request key—easily forged or rotated by an attacker—generates a new, persistent entry in the `DashMap`. Under normal operation over time, or during a deliberate attack flooding the system with unique identifiers, the map will grow infinitely. The code path in `crates/mofa-foundation/src/gateway/rate_limiter.rs` shows the `check_and_consume` function directly inserts a new `TokenBucket` for any unseen key, with no cleanup logic.

This vulnerability directly leads to an Out of Memory (OOM) panic, forcing the node to crash. It represents a fundamental failure in resource management for a core security component, undermining the stability and availability of the entire gateway. The absence of bounds checking or a garbage collection routine for stale buckets makes the system inherently unstable and vulnerable to trivial resource exhaustion attacks.