Cut the signing release (consume accumulated changesets) + add `PRX_PROVENANCE_KEY` repo secret

[bdelanghe]

Why

The GH-352 signing work is merged to main but does not reach users yet: the home-manager module installs the released binary (fetch-release.nix), and main changes only ship after a semver tag fires release-binary.yml. The accumulated @bounded-systems/prx patch changesets are sitting in a "Version Packages" PR waiting to be merged.

Tasks

1. Cut the release. Merge the "Version Packages" PR (consumes the ~accumulated @bounded-systems/prx changesets) → semver tag → release-binary.yml builds and publishes the binary → home-manager deployments pick it up on next home-manager switch.

   • ⚠️ Coordinate with the fail-closed rollout issue first — this is the release that makes feat(ci): fail-closed signing — local dev is the production surface (GH-352) #396/feat(scout): fail-closed signing for in-pipeline scout reads (GH-352) #427 enforcing for deployed users.

2. Add the PRX_PROVENANCE_KEY repo secret. ci.yml already wires:

   • PRX_PROVENANCE_KEY: ${{ secrets.PRX_PROVENANCE_KEY }}
   • PRX_CI_LEDGER: ${{ secrets.PRX_PROVENANCE_KEY != '' && format('{0}/.prx/ci-provenance.sqlite', github.workspace) || '' }}

   So CI signs only once the secret exists; until then the ledger path is empty and CI no-ops the signing (safe). Set the secret to dev to activate per-actor signing in CI, with the signed ci/phase/v1 derivations uploaded as the async mirror artifact.

Acceptance

• A released binary contains the feat(prx): anchor pilot telemetry into the signed summary (observed digest) #352 signing code (verifiable via prx provenance status reporting the new postures).
• CI produces signed ci/phase/v1 derivations and uploads the provenance artifact.

Related: #396, #427, GH-352. Companion: the fail-closed rollout-coordination issue.

https://claude.ai/code/session_01LPzb9h4TgS7zCB4vWtNiS4