[#15c] Tamper-evident extension audit ledger: hash-chained entries with verify / replay subcommands

[quangdang46]

[#15c] Tamper-evident extension audit ledger: hash-chained entries with verify / replay subcommands

Sub-issue of #15. Turns the existing extension-trust.jsonl journal into a hash-chained, replay-able audit ledger.

Hard dependency

• #15a (journal must already exist).

Ledger format

• Append-only ~/.jcode/logs/extension-trust.jsonl (already from #15a) gains a prev_hash field per entry.
• prev_hash = blake3(prev_serialized_entry_bytes_excluding_prev_hash_field) truncated to 32 hex chars.
• First entry's prev_hash = "00000000..." (32 zeros).
• Genesis entry written on first run if file is missing.

Subcommands

• jcode ext-trust verify — walks the chain end-to-end; on mismatch, prints first divergence (line number + computed-vs-stored hash). Exits 0 if intact, 2 if tampered, 1 on missing file.
• jcode ext-trust replay — reconstructs the current state (per-extension state, compat-lane overrides) by replaying the chain from genesis. Compares against the live trust.json and reports any drift. Useful in incident response when the live state file is suspect.

Acceptance criteria

• Manually editing a journal line is detected by verify.
• replay produces the same in-memory state as the live file when no tampering has occurred.
• verify and replay exit codes are usable in CI gating.

Cross-references

• Parent: Extension trust lifecycle and kill-switch #15
• Siblings: #15a (state machine + journal), #15b (compat-lane writes to the same journal)

Reference

• pi_agent_rust → "Tamper-evident runtime risk ledger tooling" (verify | replay | calibrate). #15c does not yet ship calibrate — file as a follow-up if a calibration use case emerges.