[documentation] v2 design: contributor self-serve registration via GitHub OAuth (OQ2)

[yinkscss]

Context

PRD open question OQ2 defaults to maintainer-only contributor registration in v1. Self-serve OAuth is deferred.

Problem

Wave contributors expect wallet linking without maintainer manual entry. Need documented v2 API auth design.

Proposed scope

• Add docs/future/self-serve-contributor-oauth.md
• Outline OAuth flow, GitHub username verification, and API routes
• Contrast with current POST /api/v1/admin/contributors

Acceptance criteria

• v2 scope clearly labeled; no v1 implementation
• Security considerations for OAuth token storage
• Migration path from maintainer-only registrations

References

• docs/PRD.md OQ2, F2
• crates/api/src/routes/admin.rs