docs: add comprehensive contribution guidelines and developer documentation

[giwaov]

Summary

This PR adds comprehensive contribution guidelines and developer documentation to improve the developer experience for new and existing contributors.

Changes

New Files

1. CONTRIBUTING.md - Complete contribution workflow guide

   • Development setup instructions for backend (Django) and frontend (Svelte 5)
   • Branch naming conventions (emphasizing dev as target branch)
   • Pull request guidelines and commit message format
   • Coding standards for Python and JavaScript/Svelte
   • Testing guidelines
   • Security considerations
   • Common issues and solutions

2. SECURITY.md - Security policy document

   • Vulnerability reporting process
   • Authentication best practices (SIWE)
   • API security guidelines
   • Development security practices
   • Security checklist for contributors

3. docs/API_REFERENCE.md - Complete API endpoint documentation

   • Authentication endpoints
   • Users, Contributions, Submissions, Leaderboard APIs
   • Request/response examples
   • Error response formats
   • Pagination and rate limiting

4. docs/BEST_PRACTICES.md - Developer best practices guide

   • Code organization patterns
   • Django and Svelte 5 specific guidelines
   • API design principles
   • Database optimization tips
   • Error handling patterns
   • Testing approaches
   • Performance considerations

Backend Improvements

5. Nonce cleanup management command (backend/ethereum_auth/management/commands/cleanup_nonces.py)
   • Prevents database bloat from expired authentication nonces
   • Supports dry-run mode and configurable age threshold
   • Can be scheduled via cron or celery-beat

Frontend Improvements

6. Added submissionsAPI to frontend/src/lib/api.js
   • getMySubmissions(params) - Get current user's submissions
   • getSubmission(id) - Get single submission
   • createSubmission(data) - Create new submission
   • updateSubmission(id, data) - Update existing submission
   • cancelSubmission(id) - Cancel/soft-delete submission
   • addEvidence(id, data) - Add evidence to submission

Documentation Fixes

7. README.md improvements
   • Fixed repository URL placeholder (yourusername → genlayer-foundation)
   • Added environment variable configuration steps
   • Added references to CONTRIBUTING.md and SECURITY.md
   • Improved code block formatting with bash syntax highlighting

Why These Changes?

1. Lower barrier to entry - New contributors can quickly understand how to set up and contribute
2. Consistent code quality - Clear coding standards help maintain codebase quality
3. Security awareness - SECURITY.md ensures responsible disclosure and security mindset
4. Complete API docs - Reduces friction for frontend development and integrations
5. Bug prevention - Nonce cleanup prevents potential database issues
6. Better DX - submissionsAPI provides clean interface for user submission management

Testing

• Verified all documentation renders correctly in GitHub
• Nonce cleanup command tested with --dry-run flag
• API client changes are backward compatible

Related Issues

Addresses general developer experience improvements and helps with contribution guidelines commonly requested by new contributors.