feat(auth): add SATP agent trust verification provider

[0xbrainkid]

Summary

Adds SATPProvider as a new auth provider that verifies agent identity and behavioral trust scores via AgentFolio/SATP (Solana Agent Trust Protocol).

Resolves #142

What it does

• Trust score verification — configurable minimum threshold (0-100)
• On-chain verification check — optionally require agents to be verified on Solana
• Agent ID extraction — from x-agent-id header or Authorization: Agent <id>
• Response caching — configurable TTL (default 5 min) to avoid per-request API calls
• Graceful degradation — onMissing: 'allow' (default) annotates requests without blocking; 'reject' enforces identity

Usage

import { MCPServer, SATPProvider } from 'mcp-framework';

const server = new MCPServer({
  auth: {
    provider: new SATPProvider({
      minTrustScore: 50,      // Require minimum trust score
      requireVerified: true,  // Require on-chain verification
      onMissing: 'allow',     // Don't break unidentified agents
      cacheTtlMs: 300_000,    // 5 minute cache
    }),
  },
});

Design decisions

1. Follows existing AuthProvider pattern — drop-in compatible, no breaking changes
2. Opt-in by default — onMissing: 'allow' means existing servers aren't affected
3. Minimal scope — just the provider + types, no new dependencies (uses native fetch)
4. Composable — can be used alongside JWT/OAuth/API key providers

No new dependencies

Uses native fetch (Node 18+). Zero additional packages.