feat: add emergency kill-switch contract and runbook

[Olowodarey]

This PR introduces a new standalone Soroban smart contract, emergency_killswitch, designed to provide reusable, battle-tested pause/unpause infrastructure for handling production emergencies securely.

The contract implements an operational safety mechanism that allows administrators to:

• Pause target mutating functions during incidents
• Safely communicate and enforce cooling-off periods
• Resume operations after fixes are deployed and validated

This ensures rapid incident containment while preserving read-only contract functionality.

---

Key Changes

Emergency Kill-Switch Contract

• Core pause, unpause, and schedule_unpause capabilities

• Admin rights rotation via transfer_admin

• Read-only functions remain accessible:

  • is_paused
  • get_admin

• Representative mutating stubs are blocked while paused:

  • do_transfer
  • do_mint

Operational Readiness

• Added docs/EMERGENCY_KILLSWITCH_RUNBOOK.md

  • Incident detection guidelines
  • Step-by-step pause procedure
  • Communication templates
  • Cooling-off & scheduled unpause flow
  • Post-fix deployment process

Testing

Added 9 targeted integration tests covering:

• Pause behavior enforcement
• Unpause functionality
• Unauthorized access rejection
• Admin role transfer
• Scheduled unpause timestamp enforcement
• Telemetry emission validation

closes #163

[Olowodarey]

@Baskarayelu pls check

[Baskarayelu]

@Olowodarey Can you please resolve the conflicts?