refactor: centralize auth middleware and standardize logging

1. API Key Middleware (api.ts)
- Create apiKeyAuth Hono middleware with timing-safe comparison
- Apply to /deposit/balance and /deposit/deduct routes
- Remove duplicate requireApiKey() calls from handlers
- Reduce ~15 lines of duplicated code

2. Logger Standardization (6 files, 27 replacements)
- webhook.ts: 2 console.error → logger
- message-handler.ts: 7 console → logger
- deposit-matcher.ts: 4 console → logger
- n8n-service.ts: 3 console.error → logger
- circuit-breaker.ts: 8 console → logger
- retry.ts: 3 console → logger

Benefits:
- Single point of auth change
- Structured logging with context
- Better observability in production

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

src/services/deposit-matcher.ts

@@ -55,11 +55,18 @@ export async function matchPendingDeposit(
   }>();
 
   if (!pendingTx) {
-    console.log('[matchPendingDeposit] 매칭되는 pending 거래 없음');
+    logger.info('매칭되는 pending 거래 없음', {
+      depositorName: notification.depositorName.slice(0, 7),
+      amount: notification.amount
+    });
     return null;
   }
 
-  console.log('[matchPendingDeposit] 매칭 발견:', pendingTx);
+  logger.info('매칭 발견', {
+    transactionId: pendingTx.id,
+    userId: pendingTx.user_id,
+    amount: pendingTx.amount
+  });
 
   try {
     // Optimistic Locking으로 동시성 안전한 매칭 처리
@@ -108,7 +115,7 @@ export async function matchPendingDeposit(
       });
     });
 
-    console.log('[matchPendingDeposit] 매칭 완료:', {
+    logger.info('매칭 완료', {
       transactionId: pendingTx.id,
       userId: pendingTx.user_id,
       amount: pendingTx.amount,
@@ -125,8 +132,12 @@ export async function matchPendingDeposit(
         transactionId: pendingTx.id,
         userId: pendingTx.user_id,
       });
+    } else {
+      logger.error('DB 업데이트 실패', error as Error, {
+        transactionId: pendingTx.id,
+        userId: pendingTx.user_id,
+      });
     }
-    console.error('[matchPendingDeposit] DB 업데이트 실패:', error);
     throw error;
   }
 }