[BE-W3A-114] Web3 Signature Security and Auditing - Step 114

[sochima2]

close #468

Description
Added address normalization and checksum-backed decoding using StrKey and Keypair and implemented SEP-53-style message hashing and signature decoding with decodeSignature and verifyStellarSignature.
Introduced Redis helpers and a fast blacklist lookup (isSessionBlacklisted) with a 1ms budget and hashed blacklist keys, plus bearer-token/cookie extraction and secure cookie parameters (lance_session).
Wrapped challenge upsert and session creation/cleanup in prisma.$transaction calls using ReadCommitted isolation and added cleanup_expired_sessions usage to keep tables trimmed.
Added PostgreSQL B-tree indexes and a migration 20260529000001_session_expiry_cleanup.sql plus corresponding Prisma schema indexes for expires_at on sessions and auth_challenges.
Added GET /session route that enforces blacklist checks and expiry validation, and added a lightweight test mockup at backend/scripts/auth-helpers.test.ts and wired npm test to run it.

Testing
Ran npx prisma generate to refresh the client and it completed successfully.
Ran the auth helper mock script via npm test (executes ts-node scripts/auth-helpers.test.ts) and the assertions passed.
Built the TypeScript project with npm run build (runs tsc) and the build completed successfully.

[vercel]

@sochima2 is attempting to deploy a commit to the mAzI's projects Team on Vercel.

A member of the Team first needs to authorize it.

[soomtochukwu]

• see that the CI checks pass

[soomtochukwu]

• If you could fix the merge conflict(s) ASAP
• see that the CI checks pass

[drips-wave]

@sochima2 Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits