chore: rename project quicnprotochat -> quicproquo (binaries: qpq)

Rename the entire workspace:
- Crate packages: quicnprotochat-{core,proto,server,client,gui,p2p,mobile} -> quicproquo-*
- Binary names: quicnprotochat -> qpq, quicnprotochat-server -> qpq-server,
  quicnprotochat-gui -> qpq-gui
- Default files: *-state.bin -> qpq-state.bin, *-server.toml -> qpq-server.toml,
  *.db -> qpq.db
- Environment variable prefix: QUICNPROTOCHAT_* -> QPQ_*
- App identifier: chat.quicnproto.gui -> chat.quicproquo.gui
- Proto package: quicnprotochat.bench -> quicproquo.bench
- All documentation, Docker, CI, and script references updated

HKDF domain-separation strings and P2P ALPN remain unchanged for
backward compatibility with existing encrypted state and wire protocol.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

docs/src/cryptography/threat-model.md

@@ -1,6 +1,6 @@
 # Threat Model
 
-This page defines the attacker models quicnprotochat is designed to resist,
+This page defines the attacker models quicproquo is designed to resist,
 catalogues what is and is not protected, identifies known gaps in the current
 implementation, and outlines future mitigations.
 
@@ -41,7 +41,7 @@ state-level adversary).
 **What they can do:**
 
 - Attempt TLS 1.3 MITM: TLS 1.3 prevents this if the client validates the
-  server's certificate. However, quicnprotochat currently uses **self-signed
+  server's certificate. However, quicproquo currently uses **self-signed
   certificates**, which means the client has no CA chain to verify. On the first
   connection, a MITM could present their own certificate and intercept the
   session (trust-on-first-use vulnerability).