feat(kt): add key revocation and Merkle-log audit support

Add RevocationLog with domain-separated leaf hashes (0x02 prefix) for
tracking revoked identity keys alongside the KT MerkleLog. Includes:

- RevocationLog with O(1) lookup, serialization, and double-revoke guard
- MerkleLog.append_raw() for pre-computed hashes
- MerkleLog.audit_log(start, end) for paginated log retrieval
- RevokeKey (510), CheckRevocation (511), AuditKeyTransparency (520) RPCs
- Server domain logic + v2 handlers + FileBackedStore/SqlStore persistence
- 4 new revocation tests + all 21 KT tests + 65 server tests passing

crates/quicproquo-proto/src/lib.rs

@@ -107,6 +107,11 @@ pub mod method_ids {
     pub const RESOLVE_USER: u16 = 500;
     pub const RESOLVE_IDENTITY: u16 = 501;
 
+    // Key Transparency (510-520)
+    pub const REVOKE_KEY: u16 = 510;
+    pub const CHECK_REVOCATION: u16 = 511;
+    pub const AUDIT_KEY_TRANSPARENCY: u16 = 520;
+
     // Blob (600-601)
     pub const UPLOAD_BLOB: u16 = 600;
     pub const DOWNLOAD_BLOB: u16 = 601;