Middleware chain model

Request -> middleware pre-hooks -> route handler -> middleware post-hooks -> response

Hook classes:
- auth guard
- rate-limit
- audit/log
- TLS policy check
- tenant policy resolver

Security controls

- Per-request TLS policy objects
- Min TLS version enforcement
- Certificate pinning
- Handshake timeout controls
- Tenant-level policy overrides without global mutation

Rate-limit + auth hooks

Recommended contract:
1) Resolve tenant identity
2) Enforce auth rule
3) Enforce request budget (sliding window/token bucket)
4) Apply route-level policy
5) Emit structured status for telemetry

Production rollout checklist

- Add middleware unit tests
- Add integration tests with TezzApi route-table
- Validate TNXB + JSON transport paths
- Run soak/load tests with failure injection
- Lock policy defaults in release docs