[codex] Build FlowMemory crypto v0 foundation

[FlowmemoryAI]

Summary

Builds FlowMemory Crypto V0 as a runnable package and schema foundation for facts, observation IDs, receipts, report digests, roots, attestations, replay protection, and future proof boundaries.

What changed

• Added private @flowmemory/crypto ESM package with typed declarations, package scripts, fixtures, and tests.
• Implemented deterministic helpers for canonical JSON, Keccak typed hashes, FlowPulse observation IDs, cursor IDs, receipt hashes, report digests, artifact/root commitments, work receipt IDs, Merkle roots, worker/verifier payloads, attestation envelopes, and local secp256k1 sign/verify test helpers.
• Added 21 package-level deterministic vectors plus the FlowPulse aggregate vector and validators.
• Added crypto schema docs, attestation docs, Merkle/root docs, receipt hashing docs, observation identity docs, threat model, implementation plan, zk roadmap, and a decision record.
• Added verifier integration notes and shared-contract boundary docs without modifying production contracts.
• Updated architecture/security docs with crypto cross-links and trust-boundary notes.

Validation

• cd crypto; npm test -> 13 passing tests.
• cd crypto; npm run validate:vectors -> FLOWMEMORY_CRYPTO_VECTORS_OK 21.
• cd crypto; python validate_test_vectors.py -> FLOWPULSE_VECTOR_RECOMPUTE_OK.
• cd crypto; npm run vectors prints the sample pulse/observation/receipt/report/attestation hashes.
• cd crypto; npm audit --audit-level=high -> 0 vulnerabilities.
• cd crypto; npm pack --dry-run succeeded.
• git diff --cached --check passed.
• Secret scan found only policy/doc mentions, no committed secrets.
• forge build --root . --out E:\tmp\flowmemory-forge-out --cache-path E:\tmp\flowmemory-forge-cache succeeded. forge test currently reports no discovered tests in this checkout.

Trust boundary

This PR does not claim full trustlessness, does not implement zk proofs, does not add tokenomics, and does not modify production contracts. MVP claims remain verifier-attested unless independently replayed or later proven by an accepted proof system.

Refs #17, #38, #40, #42, #47.

[FlowmemoryAI]

Launch-core direction: please align this crypto PR with issue #64 and docs/V0_LAUNCH_ACCEPTANCE.md. Crypto-side completion should provide canonical ids/schemas/fixtures for MemorySignal, MemoryReceipt, RootflowTransition, RootfieldBundle, AgentMemoryView, and verifier reports.

[FlowmemoryAI]

Acceptance audit follow-up: please make the PR summary identify the canonical schema/fixture artifacts for MemorySignal, MemoryReceipt, RootflowTransition, RootfieldBundle, AgentMemoryView, and verifier reports, plus the exact validation command output. The required evidence is tracked in docs/reviews/ROOTFLOW_FLOW_MEMORY_V0_ACCEPTANCE_AUDIT.md on PR #59.