[Backend] DB pool has no SSL enforcement and no statement_timeout

[grantfox-oss]

Telegram (ask questions / claim the issue here first): https://t.me/+DOylgFv1jyJlNzM0

Why this matters

src/db/connection.ts creates the Pool with only connectionString and sizing (lines 19-24). There is no ssl option, so TLS/cert validation depends entirely on the DATABASE_URL string, and there is no statement_timeout, so a slow or stuck query can hold a connection indefinitely and exhaust the pool.

Acceptance criteria

• Add configurable SSL (with rejectUnauthorized in production) driven by env
• Set a per-connection statement_timeout (env-configurable, sane default) and/or query_timeout
• Document the new env vars in .env.example
• Add a test or startup check that the timeout is applied

Files to touch

• src/db/connection.ts
• .env.example

Out of scope

• Switching connection pooler (pgbouncer)
• Read-replica routing

[isaacCodes1]

I've gone through your requirement thoroughly, I will fix this issues and implement a clean pull request to match your acceptance criteria

[Chucks1093]

Hello team,

I am a full stack software engineer and can handle this issue confidently.

I have strong experience in contributing to open source projects on stellar.

[grantfox-oss]

🦊 GrantFox — @Chucks1093 has been assigned to this issue as part of the Official Campaign campaign!

Next steps:

1. Open a Pull Request referencing this issue (e.g., Closes #9)
2. Your PR will be reviewed by the LabsCrypt maintainers

Good luck! Track your progress on GrantFox.