Since a webhook route is needed for Streams, there is no way to really protect this webhook route/endpoint from accepting any malicious request, correct?
Wouldn’t it be better in the Streams UI to generate some sort of signing key to send with each request from Moralis and then in the webhook route check to see if this signing key exists before executing anything in the route?
Stripe offers this whenever you create a webhook in Stripe, you add your webhook endpoint, select the events to watch and it generates a key. You use this key to intercept the incoming requests on your endpoint to determine if they are legit.