1. Auth Service Nonce Cache Bypass Exposes Wallet Authentication to Replay Attacks
A critical security vulnerability has been identified in the authentication service at `backend/src/auth/auth.service.ts`, where nonce caching—the mechanism designed to prevent replay attacks—has been intentionally disabled. The code at lines 85-90 contains a temporary bypass that replaces the proper cache lookup with ...