[CT-24] Build TransferValidationService

[mftee]

Problem

Transfer records are appended to Redis without verifying that the from_owner in the new transfer matches the to_owner of the most recent transfer. This allows a chain of transfers to be constructed with arbitrary owners, bypassing the custody chain.

Proposed Solution

Create a TransferValidationService inside contract/module/transfer-validation/ that validates custody continuity before recording a new transfer.

Acceptance Criteria

• validate_transfer(cache: &CacheBackend, document_hash: &str, from_owner: &str) async function fetches the transfer history from Redis and checks whether from_owner matches the to_owner of the last recorded transfer
• Returns Ok(true) if the history is empty (first transfer — no prior owner to check) or if from_owner matches the last to_owner
• Returns Ok(false) with a descriptive mismatch message if from_owner does not match
• Returns Err on Redis failure
• The transfer handler in CT-01 (or the transfer route) calls this before recording the new transfer and returns 422 Unprocessable Entity when validation fails, with a message explaining the expected owner
• Unit tests cover: empty history, matching owner, mismatched owner, Redis error
• Implementation files live inside contract/module/transfer-validation/