Implement two-factor authentication (2FA) for wallet operations

[Smartdevs17]

Description

Add TOTP-based 2FA for sensitive wallet operations (withdrawals, key rotations, high-value payments). Currently wallet security relies solely on single-factor authentication.

Acceptance Criteria

• TOTP setup with QR code enrollment
• Recovery codes generation (10 one-time codes)
• 2FA enforcement on configurable operation types
• Session-based 2FA grace period (remember device)
• Backup 2FA method (SMS/email as fallback)
• Admin override with audit trail

Technical Scope

• backend/src/services/2fa-service.ts
• backend/src/routes/2fa.ts
• frontend/components/auth/TwoFactorSetup.tsx
• frontend/components/auth/TwoFactorVerification.tsx
• Edge: clock drift tolerance, recovery code usage tracking, concurrent 2FA setup

[Daveside9]

@Daveside9 has applied to work on this issue as part of the Stellar Wave Program's 5th wave.

can i do this?

ℹ️ Repo Maintainers: To accept this application, review their application or assign @Daveside9 to this issue.

[vjuliaife]

@vjuliaife has applied to work on this issue as part of the Stellar Wave Program's 5th wave.

Hi, I would like to resolve this

ℹ️ Repo Maintainers: To accept this application, review their application or assign @vjuliaife to this issue.

[drips-wave]

Congratulations, @vjuliaife! 🎉 Your application was accepted by the repo's maintainers, and the issue is due on June 2, 2026.

🧑‍💻 @vjuliaife: Please resolve the issue such that the repo's maintainers have enough time to review your contribution before the due date. You'll earn Points for completing the issue on-time, which will make you eligible for a share of the Stellar Wave Program's reward pool.

Warning

When opening a PR, please link it to this issue to ensure it gets tracked accurately. Points are awarded when this issue is marked as completed by the maintainer.

🤠 Repo maintainers: Please keep an eye on the contributor's progress and review their work before the due date. You can manage this issue, including adjusting its complexity and points, here.

🌊 Happy Wave 🌊