Fix WASM decrypt: store SPK secret, pass to decrypt_wire_message

Root cause: WASM was regenerating random pre-keys on every call to
decrypt_wire_message, instead of using the SPK that was registered
with the server. CLI sender encrypts to the registered SPK, but
WASM was trying to decrypt with a different random key.

Fix:
- WasmIdentity now stores spk_secret_bytes internally
- SPK secret persisted to localStorage as 'wz-spk'
- On load: restored from localStorage, not regenerated
- bundle_bytes() uses stored SPK secret (cached, deterministic)
- decrypt_wire_message() takes spk_secret_hex parameter
- Web UI passes stored SPK to all decrypt calls

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

warzone/crates/warzone-wasm/Cargo.toml

@@ -18,6 +18,7 @@ base64.workspace = true
 hex.workspace = true
 bincode.workspace = true
 x25519-dalek.workspace = true
+ed25519-dalek.workspace = true
 uuid = { version = "1", features = ["v4", "serde", "js"] }
 
 [profile.release]