docs: add architecture decision records

docs/adr/0003-qr-code-token-strategy.md

@@ -0,0 +1,26 @@
+# ADR-0003: Use Opaque Tokens in QR Codes
+
+Date: 2026-04-28
+
+## Status
+
+Accepted
+
+## Context
+
+Confirmed reservations need QR codes that visitors can show on a smartphone or printed page. Staff must be able to scan the QR code at the entrance and verify the reservation.
+
+QR codes are easy to copy or share, so they must not expose personal data or encode reservation details directly.
+
+## Decision
+
+QR codes will contain only an opaque, random, non-guessable token or a verification URL containing that token.
+
+The backend will resolve the token server-side, validate that the reservation is confirmed, and reject duplicate check-ins. Tokens must not contain names, email addresses, phone numbers, notes, or other personal data.
+
+## Consequences
+
+- QR codes remain privacy-preserving even if printed, forwarded, or photographed.
+- Token validation stays centralized in the backend.
+- Check-in requires backend availability at the venue.
+- Duplicate check-in prevention depends on reliable server-side state and database constraints.