Harden remaining inventory custody guards and audit safety

[JOY]

Source

• docs/design/45-inventory-and-equipment-system.md
• docs/design/149-alpha-inventory-custody-hardening-handoff.md
• docs/design/45-alpha-backlog-execution-packets.md
• docs/setup/alpha-playable-loop-handoff-coverage.md

Background

Issue #219 closed the first inventory lifecycle validation lane. The current design docs still list remaining custody, idempotency, audit, telemetry, entitlement, and shard-transfer guard work that should not point at a closed issue.

Scope

• Add remaining custody lifecycle transition guards for world drop, run loot, body carry, body equip, Garden storage, account stash, entitlement, destroyed, and recoverable wreck states where alpha code supports them.
• Add idempotency keys for inventory mutations.
• Add admin-only audit repair flow design or implementation guardrails.
• Add suspicious mutation telemetry.
• Add chain entitlement read-only path for cosmetic placeholder.
• Add shard transfer freeze rule for inventory and equipment.
• Preserve server authority: Unity, LLMs, and offline agents may request intents only and cannot directly mutate inventory state.

Acceptance

• Rejected or unsafe inventory transitions cannot partially mutate state.
• Body death is not normal respawn inventory retention.
• Account stash survival and body-bound loss rules remain explicit.
• LLM and agent inventory intents are allowlisted and server-validated.
• Evidence records custody transitions, idempotency, no-partial-mutation checks, known gaps, entitlement read-only behavior, suspicious mutation telemetry, and shard-freeze rejection.

Evidence Template

• docs/playtests/_templates/inventory-custody-guards/

Cut Line

No marketplace, trading, paid stash tabs, production NFT escrow mutation, random affix economy, or multi-shard transfer implementation beyond the freeze rule.

[JOY]

Docs-only tracking update: created this follow-up because #219 is closed but remaining custody/audit hardening items were still referenced in ROADMAP.md and docs/design/45-inventory-and-equipment-system.md. Added docs/playtests/_templates/inventory-custody-guards/ and updated docs/playtests/README.md, docs/setup/alpha-playable-loop-handoff-coverage.md, docs/setup/github-project-tracking.md, docs/setup/play-mode-smoke-checklist.md, ROADMAP.md, and docs/design/45-inventory-and-equipment-system.md to point remaining work here. Local checks pass: check-backlog-sync.ps1, git diff --check, local markdown link check, and dash scan.

[JOY]

Completed in PR #308 and merged into dev. Evidence: docs/playtests/2026-05-30-inventory-custody-guards/. Verification: npm.cmd run build, npm.cmd test, git diff --check, GitHub lint, and nakama build + test passed.