[P2] Implement Backup & Recovery API Methods (#27)

* Implement backup & recovery API methods matching ZHTP node endpoints

Added missing getBackupStatus() method and fixed parameter/type mismatches:

- Added getBackupStatus(identityId) method for GET /api/v1/identity/backup/status
- Fixed exportBackup() and importBackup() to use 'passphrase' instead of 'password'
- Updated BackupData type to match node response: { backup_data, created_at }
- Updated SeedVerification type to match node response: { verified }
- Added ImportBackupResponse type for proper import response handling
- Added comprehensive tests for all backup/recovery methods
- Fixed existing tests to match updated parameter names and response types

All backup/recovery methods now match ZHTP node implementation exactly.

* Add security improvements and validation to backup/recovery methods

Addresses code review feedback by adding:

Security Documentation:
- Added comprehensive JSDoc comments with security warnings
- Documented rate limiting (3 attempts/hour for import/recovery)
- Added passphrase strength requirements
- Warned about sensitive data handling

Client-side Validation:
- exportBackup: Validates passphrase minimum 12 characters
- importBackup: Validates passphrase minimum 12 characters
- verifySeedPhrase: Validates seed phrase has exactly 12 words

Test Coverage:
- Added 4 new test cases for validation errors
- Tests for short passphrase rejection
- Tests for invalid seed phrase word count

All 63 tests passing. Ready for production use.

Author: umwelt

dist/core/types.d.ts

@@ -249,13 +249,8 @@ export interface CitizenshipResult {
     };
 }
 export interface BackupData {
-    version: string;
-    encrypted_data: string;
-    metadata: {
-        created_at: number;
-        identity_id: string;
-        backup_type: string;
-    };
+    backup_data: string;
+    created_at: number;
 }
 export interface BackupVerification {
     valid: boolean;
@@ -265,17 +260,28 @@ export interface BackupVerification {
     errors: string[];
     warnings: string[];
 }
+export interface ImportBackupResponse {
+    status: string;
+    identity: {
+        identity_id: string;
+        did: string;
+    };
+    session_token: string;
+}
 export interface SeedVerification {
-    valid: boolean;
-    wallet_id?: string;
-    wallet_type?: string;
+    verified: boolean;
 }
 export interface SeedPhrases {
     primary?: string[];
     ubi?: string[];
     savings?: string[];
     master?: string[];
 }
+export interface BackupStatus {
+    has_recovery_phrase: boolean;
+    backup_date: number | null;
+    verified: boolean;
+}
 export interface Guardian {
     guardian_id: string;
     guardian_name?: string;