fix: address 16 architecture design flaws across all crates

Phase 1 — Foundation:
- Constant-time token comparison via subtle::ConstantTimeEq (Fix 11)
- Structured error codes E001–E020 in new error_codes.rs (Fix 15)
- Remove dead envelope.capnp code and related types (Fix 16)

Phase 2 — Auth Hardening:
- Registration collision check via has_user_record() (Fix 5)
- Auth required on uploadHybridKey/fetchHybridKey RPCs (Fix 1)
- Identity-token binding at registration and login (Fix 2)
- Session token expiry with 24h TTL and background reaper (Fix 3)
- Bounded pending logins with 5-minute timeout (Fix 4)

Phase 3 — Resource Limits:
- Rate limiting: 100 enqueues/60s per token (Fix 6)
- Queue depth cap at 1000 + 7-day message TTL/GC (Fix 7)
- Partial queue drain via limit param on fetch/fetchWait (Fix 8)

Phase 4 — Crypto Fixes:
- OPAQUE KSF switched from Identity to Argon2id (Fix 10)
- Random AEAD nonce in hybrid KEM instead of HKDF-derived (Fix 12)
- Zeroize secret fields in HybridKeypairBytes (Fix 13)
- Encrypted client state files via QPCE format (Fix 9)

Phase 5 — Protocol:
- Commit fan-out to all existing members on invite (Fix 14)
- Add member_identities() to GroupMember

Breaking: existing OPAQUE registrations invalidated (Argon2 KSF).
Schema: added auth to hybrid key ops, identityKey to OPAQUE finish
RPCs, limit to fetch/fetchWait.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Cargo.toml

@@ -5,6 +5,7 @@ members = [
     "crates/quicnprotochat-proto",
     "crates/quicnprotochat-server",
     "crates/quicnprotochat-client",
+    "crates/quicnprotochat-p2p",
 ]
 
 # Shared dependency versions — bump here to affect the whole workspace.
@@ -25,8 +26,10 @@ ed25519-dalek      = { version = "2", features = ["rand_core"] }
 sha2               = { version = "0.10" }
 hkdf               = { version = "0.12" }
 chacha20poly1305   = { version = "0.10" }
-opaque-ke          = { version = "4", features = ["ristretto255"] }
-zeroize            = { version = "1", features = ["derive"] }
+opaque-ke          = { version = "4", features = ["ristretto255", "argon2"] }
+zeroize            = { version = "1", features = ["derive", "serde"] }
+subtle             = { version = "2" }
+argon2             = { version = "0.5" }
 rand               = { version = "0.8" }
 serde              = { version = "1", features = ["derive"] }
 serde_json         = { version = "1" }
@@ -42,7 +45,7 @@ tokio-util         = { version = "0.7", features = ["codec", "compat"] }
 futures            = { version = "0.3" }
 quinn              = { version = "0.11" }
 quinn-proto        = { version = "0.11" }
-rustls             = { version = "0.23", default-features = false, features = ["std"] }
+rustls             = { version = "0.23", default-features = false, features = ["std", "ring"] }
 rcgen              = { version = "0.13" }
 
 # ── Database ─────────────────────────────────────────────────────────────