Return RFC 6585 429 responses with Retry-After from rateLimit middleware

[mikewheeleer]

Description

When request limits are exceeded the API should return a standards-compliant 429 with a Retry-After header rather than a generic error. Align the rateLimit middleware with the safe-error policy in src/errors/errorMessagePolicy.

Requirements and context

• Emit 429 Too Many Requests with Retry-After and X-RateLimit-* headers reflecting remaining budget.
• Use src/errors/safeErrors.ts so no internal limiter state leaks to clients.
• Document headers and client backoff guidance in docs/request-limits-implementation.md.
• Acceptance: integration test asserts header values and that the body matches the safe-error contract.

Suggested execution

• Fork the repo and create a branch:
  • git checkout -b enhancement/rate-limit-429-headers
• Implement changes:
  • src/rateLimit.ts
  • Tests: src/rateLimit.integration.test.ts
  • Docs: docs/request-limits-implementation.md
  • Include TSDoc/NatSpec-style doc comments
  • Validate security assumptions (input validation, auth, signature verification, secret redaction, idempotency)

Test and commit

• Run tests: npm test (coverage: npm run test:ci)
• Cover edge cases
• Include test output and security notes in the PR

Example commit message

feat(rate-limit): return 429 with Retry-After headers

Guidelines

• Minimum 95% line coverage on new/changed code
• No secrets in repo; use .env + deployment secrets only
• Clear documentation
• Timeframe: 96 hours from assignment

[Abolax123]

@Abolax123 has applied to work on this issue as part of the Stellar Wave Program's 5th wave.

Hey maintainer, i can fix this

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Abolax123 to this issue.

[drips-wave]

Congratulations, @Abolax123! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 2, 2026.

🧑‍💻 @Abolax123: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊