PRD-20: Key Refresh / Share Rotation Protocol

[PancheI]

Implement CGGMP24 key refresh as an interactive 3-party protocol to rotate all shares while preserving the same public key and ETH address.

Acceptance Criteria

• cggmp24::key_refresh() exposed in WASM and native binary
• IThresholdScheme has createRefreshSession, processRefreshRound, and destroyRefreshSession methods
• Full 3-party refresh completes in under 30s (WASM) or 5s (native)
• After refresh, shared public key and ETH address are unchanged
• After refresh, old shares cannot co-sign with new shares
• After refresh, any 2 new shares can co-sign successfully
• Server Vault share updated atomically; share_version increments
• User share re-encrypted in browser and uploaded
• CLI signer share file re-encrypted and saved
• refresh_history table records all attempts with status
• Failed refresh leaves all shares unchanged (old shares still work)
• Concurrent refresh attempts on the same signer are rejected
• All key material buffers wiped in finally blocks
• No share bytes in server logs

Tasks

• Add refresh.rs to WASM crate with cggmp24::key_refresh()
• Add refresh subcommand to native binary
• Add refresh methods to IThresholdScheme + implement in CGGMP24Scheme
• Integration test: 3-party WASM refresh preserves public key
• Database migration: share_version column + refresh_history table
• RefreshService + RefreshController in server
• Browser refresh flow in browser-signer.ts
• CLI tw refresh command
• Dashboard UI: refresh button on signer detail page
• Server integration tests + failure/rollback tests