- Implement POST /users/register with email/password + walletAddress validation
- Implement email verification token generation + storage (tokenHash/expiresAt)
- Implement confirm-email endpoint using ConfirmEmailDto and mark token used + verifiedStatus=true
- Summarize strong password validation already implemented in RegisterDto