Add contact public-key management flow

[TheSilkky]

Summary

• add an authenticated Contact keys route for creating, updating, and revoking account-scoped contact public keys
• add API client methods and schema coverage for the server contact-public-key management routes
• document the public-key-only boundary, revoked-key ineligibility, and current scope in README and docs

Validation

• npm run typecheck
• npm run lint
• npm run test
• npm run build
• npm run test:e2e
• git diff --check origin/develop...

Security and scope notes

• Frontend-only change; no backend routes or server behavior added.
• Request bodies are limited to public-key metadata fields and reviewed state.
• The UI and parser tests cover that contact private keys, raw media keys, plaintext, wrapped-key ciphertext, request bodies, stored paths, object keys, and private deployment details are not retained or displayed.
• Revoked keys stay visibly ineligible and are not offered reactivation controls.

Closes #49

[TheSilkky]

@codex review

Please review this PR for correctness, security, scope control, tests, and consistency with README.md, AGENTS.md, SECURITY.md, and relevant docs.

Focus on frontend route behavior, API client assumptions against open-proofline/server, token handling, no secret logging, no browser decryption or key unwrapping, Catalyst licensing boundaries, and validation results.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 65cc69fa10

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".