# 9. Security & Performance

*   **Security:**
    *   **Authentication:** Managed via cryptographic signatures. The server is stateless regarding authentication.
    *   **Authorization:** All API endpoints inside `server/middleware/auth.ts` will verify the incoming signature against the `publicKey` to ensure the action is performed by the legitimate owner of the key.
    *   **Secrets:** The `DATABASE_URL` will be managed via the `.env` file, which is excluded from version control.
*   **Performance:**
    *   The primary performance consideration is the Raspberry Pi environment. The monolithic Nuxt/PostgreSQL stack is chosen for its low resource overhead compared to more complex microservice architectures.
    *   Database queries will be optimized using indices as defined in the Prisma schema.
    *   Frontend assets will be optimized by Nuxt's build process.

---