@Benjamin_Behrens
Thanks so much for the review! I’m really glad the Native Messaging - Zero-Trust approach resonates.
You are spot on about the timestamp window. I had originally debated between 5 minutes and 60 seconds, but tightening that drift window to strictly 60s is definitely the right move to kill stale requests early. I’m going to make sure that specific Code Node validation step is front-and-center in Part 2.
Really appreciate you taking the time to look it over.