Backend: Add Redis-backed adaptive throttle state for horizontal scaling

[Junirezz]

Context

adaptiveThrottle.ts penalizes IPs that generate repeated 4xx responses using a decaying abuse score stored per IP.

Problem / Gap

Abuse state is held in a process-local Map. Attackers can evade throttling by hitting different pods, and legitimate blocks do not propagate across instances.

Proposed approach

• Add a Redis-backed abuse store when REDIS_URL is configured, matching the rate limiter fallback pattern.
• Keep in-memory store for local/test environments.
• Expose throttle block count and active blocks in metrics for observability.

Acceptance criteria

• When Redis is configured, a blocked IP is throttled on all backend instances.
• When Redis is absent, behavior matches current in-memory implementation with a startup warning.
• Score decay and block duration logic unchanged from current middleware.
• Tests cover cross-instance block propagation with a Redis test double or container.

Files/areas affected

• backend/src/middleware/adaptiveThrottle.ts
• backend/src/rateLimiter.ts (shared Redis client patterns)
• backend/src/metrics.ts

[Osifowora]

@Osifowora has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

​Hi maintainer, I would love to work on this issue. I can get started on it right away.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Osifowora to this issue.

[Bigdaddyobamo]

@Bigdaddyobamo has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hello Boss Ibimode, I can follow the existing Redis rate-limiter pattern, preserve score decay and block duration, add safe in-memory fallback and metrics, and test cross-instance propagation. Please kindly assign this to me.

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Bigdaddyobamo to this issue.

[dinahmaccodes]

@dinahmaccodes has applied to work on this issue as part of the Stellar Wave Program's 6th wave.

Hi maintainer
I can do this backend implementation
Can I please be assigned

ℹ️ Repo Maintainers: To accept this application, review their application or assign @dinahmaccodes to this issue.

[drips-wave]

Congratulations, @dinahmaccodes! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 30, 2026.

🧑‍💻 @dinahmaccodes: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊