fix(security): require MNEMONIC env var, remove hardcoded default

[JackBinswitch-btc]

Summary

• Remove the hardcoded testnet mnemonic from DEFAULT_CONFIG in src/utilities.ts
• Require the MNEMONIC environment variable to be set, throwing a clear error if missing
• Prevents silent fallback to a publicly-known mnemonic phrase

What changed

In src/utilities.ts:

1. DEFAULT_CONFIG.MNEMONIC changed from the hardcoded testnet mnemonic "crater office wreck aunt lumber casino veteran mixed float arrive lens final" to an empty string "".

2. loadConfig() MNEMONIC resolution changed from:

   MNEMONIC: process.env.MNEMONIC || DEFAULT_CONFIG.MNEMONIC,

   to:

   MNEMONIC: (() => {
     const m = process.env.MNEMONIC;
     if (!m) throw new Error("MNEMONIC environment variable is required. Set it in your .env file.");
     return m;
   })(),

This ensures that if MNEMONIC is not set in the environment, the application fails fast with a descriptive error instead of silently using a publicly-known key.

Test plan

• Verify build passes with MNEMONIC env var set
• Verify application throws a clear error when MNEMONIC is not set
• Verify no other files were modified
• Confirm existing tests pass with MNEMONIC provided via .env

Closes #245.

🤖 Generated with Claude Code