security: enforce TLS certificate validation by default

[createkr]

Summary

This change restores secure TLS behavior in the RustChain wallet and miner clients by keeping certificate validation enabled by default.

What changed

• Removed insecure default TLS behavior from rustchain-wallet/src/client.rs
• Removed insecure default TLS behavior from rustchain-miner/src/transport.rs
• Added a development-only opt-in environment variable for intentionally insecure TLS usage, with explicit warning language
• Updated wallet and miner documentation to distinguish secure default behavior from the unsafe development bypass
• Added the development-only environment variable to rustchain-miner/.env.example

Why

Disabling certificate validation allows HTTPS endpoints with invalid or attacker-controlled certificates to be accepted, which enables machine-in-the-middle interception and response tampering.

Validation

• Verified final change scope is limited to the intended wallet/miner TLS files
• Verified secure-by-default behavior and explicit documentation for the development-only insecure mode

Closes #2048

Payout Wallet

RTC1d48d848a5aa5ecf2c5f01aa5fb64837daaf2f35

[sunxh6910202626]

Verified this security fix. The change properly removes insecure default TLS behavior and adds explicit opt-in for development mode with warnings.

This is a critical security improvement - certificate validation should be enabled by default.

Verification:

• • TLS validation restored
• • TLS validation restored
• Dev opt-in with environment variable and warning text

Labels look appropriate: security, documentation, BCOS-L1, size/M

Looks good for merge!