# Issue: [Security] Role-Based Access Control (RBAC)

[JerryIdoko]

Description: "Only Admins should be able to see the 'Pause' button API endpoints. Secure the routes."

Acceptance Criteria:

[ ] Middleware requireAdmin.

[ ] Verify wallet address against a whitelist in .env or DB.

Priority: High

Labels: security, auth