Why: protect waiter business endpoints with thalos session validation. What: add edge auth guard call to thalos session/me, preserve anonymous health endpoints, and add auth enforcement docs. Rule: keep identity ownership in thalos and standardize edge auth behavior.
Why: baseline pending order edge handlers and runtime assets before security wave. What: add submit order contracts/handlers, service adapter updates, and docs/docker assets. Rule: keep technical intent and align repository workflow.
