Client-side Ed25519 key management in browser

## v0.0.7 — Client-Side Key Management

### Problem
The React frontend has no awareness of Ed25519 keypairs. It only knows JWT tokens. Events are signed server-side, not client-side.

### Acceptance Criteria
- [ ] Browser-side Ed25519 keypair generation using WebCrypto/subtle
- [ ] Keypairs stored in IndexedDB (encrypted with user password)
- [ ] Key export/download for backup
- [ ] Key import for account recovery on new device
- [ ] Client-side event signing before posting to API
- [ ] Frontend posts include `sig` field (client-signed, server verifies)
- [ ] Settings page shows public key and key management options
- [ ] E2E test: generate key in browser, sign event, verify server-side

### Files to create/modify
- `apps/web/src/lib/keys.ts` (NEW — keypair generation, storage, signing)
- `apps/web/src/lib/event-signer.ts` (NEW — client-side event signing)
- `apps/web/src/hooks/useKeypair.ts` (NEW)
- `apps/web/src/pages/Settings.tsx` (add key management UI)
- `apps/web/src/components/KeyManager.tsx` (NEW)

### Test
```bash
bun run --cwd apps/web typecheck
```

### Version bump
All `package.json` files: `0.0.6` to `0.0.7`

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Client-side Ed25519 key management in browser #8

v0.0.7 — Client-Side Key Management

Problem

Acceptance Criteria

Files to create/modify

Test

Version bump

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Client-side Ed25519 key management in browser #8

Description

v0.0.7 — Client-Side Key Management

Problem

Acceptance Criteria

Files to create/modify

Test

Version bump

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions