feat(relay): NIP-OA agent authentication for NIP-43 membership (WS + REST + git)

[tlongwell-block]

Summary

Allow NIP-OA bearing agents to authenticate to relays that enforce NIP-43 membership — across all transport paths: WebSocket, REST API, and git.

The relay verifies the agent's NIP-42 AUTH (WS) or X-Auth-Tag header (HTTP), cryptographically verifies the owner attestation, and checks the owner's pubkey for relay membership — granting the agent access without a persistent member record.

How it works

WebSocket (NIP-42)

Agent connects → relay sends NIP-42 challenge
    ↓
Agent signs kind:22242 with NIP-OA ["auth", owner, conditions, sig] tag
    ↓
Relay verifies NIP-42 (agent's signature, challenge, relay URL, freshness)
    ↓
Relay detects auth tag → verifies NIP-OA Schnorr sig (owner attested this agent)
    ↓
Relay checks owner's pubkey for NIP-43 membership
    ↓
Agent gets session-scoped access

REST / Git (X-Auth-Tag header)

Agent sends HTTP request with:
  X-Pubkey: <agent_hex>
  X-Auth-Tag: ["auth","<owner_hex>","<conditions>","<sig_hex>"]
    ↓
Relay authenticates via X-Pubkey (dev mode) or Bearer token
    ↓
enforce_relay_membership: agent not a direct member?
    ↓
Parse X-Auth-Tag → verify NIP-OA sig against agent pubkey
    ↓
Check owner's pubkey for relay membership → grant access

Changes

File	What
sprout-auth/src/lib.rs	AuthMethod::Nip42OwnerAttestation variant + owner_pubkey field
sprout-relay/src/config.rs	allow_nip_oa_auth config flag (SPROUT_ALLOW_NIP_OA_AUTH=true)
sprout-relay/src/handlers/auth.rs	WS: NIP-OA tag extraction, verification, membership routing
sprout-relay/src/api/relay_members.rs	REST: NIP-OA fallback in enforce_relay_membership
sprout-relay/src/api/mod.rs	extract_single_auth_tag helper (rejects duplicates)
sprout-relay/src/api/git/transport.rs	Git: X-Auth-Tag for NIP-98 auth path
sprout-relay/src/api/media.rs	Media: X-Auth-Tag for upload auth
sprout-relay/src/api/tokens.rs	Tokens: X-Auth-Tag for NIP-98 mint path
sprout-relay/src/audio/handler.rs	Audio: pass None (WS-only, no HTTP headers)
sprout-acp/src/relay.rs	ACP: apply_auth_with_tag, RestClient.auth_tag field
sprout-mcp/src/relay_client.rs	MCP: apply_auth sends X-Auth-Tag
sprout-sdk/examples/compute_auth_tag.rs	Utility for generating NIP-OA auth tags
sprout-relay/Cargo.toml	sprout-sdk dependency

Design decisions

• Opt-in — disabled by default. Relay operators must set SPROUT_ALLOW_NIP_OA_AUTH=true.
• Stateless — REST path verifies the tag per-request (no session coupling, no DB state for agent→owner).
• Fail-closed — invalid OA tag → rejection. Verification errors fall through to 403.
• Multiple auth tags rejected — WS rejects events with 2+ auth tags; REST rejects duplicate X-Auth-Tag headers (400).
• Session-scoped — no persistent member record for agents. Access depends on owner's membership.
• Owner attribution — AuthContext.owner_pubkey carries the owner for downstream audit/rate-limiting.

E2E Testing

Tested with agents that are NOT relay members, authenticated purely via NIP-OA:

Test	Result
WS auth (NIP-OA owner attestation)	✅
REST: channel discovery	✅
REST: presence set + heartbeat	✅
REST: user profile lookup	✅
Task receipt + reply via WS	✅
Git push (NIP-98 + X-Auth-Tag)	✅
Git clone	✅
Negative: no auth tag → 403	✅
Negative: non-member owner → 403	✅
Negative: wrong agent pubkey → 403	✅
Negative: malformed tag → 403	✅
Negative: duplicate headers → 400	✅
Unit tests (340)	✅ all pass

Future work

• Rate limiting aggregated by owner pubkey
• Owner removal → agent session revocation (WS)
• Integration test suite for NIP-OA paths