Replace NIP-04 messaging with NIP-17 (NIP-44 + NIP-59 gift wrapping)

Modernize the entire customer-merchant communication layer from deprecated
NIP-04 (kind 4, AES-256-CBC) to NIP-17 private direct messages using
NIP-44 v2 encryption (ChaCha20 + HMAC-SHA256) and NIP-59 gift wrapping
(rumor/seal/gift-wrap protocol). No backwards compatibility retained.

New modules:
- nostr/nip44.py: NIP-44 v2 encryption verified against official spec vectors
- nostr/nip59.py: NIP-59 gift wrap with wrap/unwrap convenience functions
- tests/: 44 unit tests for NIP-44 and NIP-59

Key changes:
- Subscription filters: kind 4 → kind 1059 gift wraps
- Message handler: _handle_nip04_message → _handle_gift_wrap (unwrap + route)
- send_dm/reply_to_structured_dm: NIP-59 gift wrap to recipient + self-archive
- Merchant model: removed NIP-04 crypto methods (decrypt/encrypt/build_dm_event)
- helpers.py: removed NIP-04 functions, kept Schnorr signing + key normalization
- views_api.py: consolidated DM sending through send_dm() service function

Reliability improvements:
- Event deduplication via bounded LRU set in NostrClient
- Subscription health monitor (resubscribes after 120s of silence)
- Preserved 5-minute lenient time window from prior work

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

helpers.py

@@ -1,55 +1,5 @@
-import base64
-import secrets
-from typing import Optional
-
 import coincurve
 from bech32 import bech32_decode, convertbits
-from cryptography.hazmat.primitives import padding
-from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
-
-
-def get_shared_secret(privkey: str, pubkey: str):
-    pk = coincurve.PublicKey(bytes.fromhex("02" + pubkey))
-    sk = coincurve.PrivateKey(bytes.fromhex(privkey))
-    shared_point = pk.multiply(sk.secret)
-
-    shared_point_bytes = shared_point.format(compressed=False)
-    x_coord = shared_point_bytes[1:33]
-    return x_coord
-
-
-def decrypt_message(encoded_message: str, encryption_key) -> str:
-    encoded_data = encoded_message.split("?iv=")
-    if len(encoded_data) == 1:
-        return encoded_data[0]
-    encoded_content, encoded_iv = encoded_data[0], encoded_data[1]
-
-    iv = base64.b64decode(encoded_iv)
-    cipher = Cipher(algorithms.AES(encryption_key), modes.CBC(iv))
-    encrypted_content = base64.b64decode(encoded_content)
-
-    decryptor = cipher.decryptor()
-    decrypted_message = decryptor.update(encrypted_content) + decryptor.finalize()
-
-    unpadder = padding.PKCS7(128).unpadder()
-    unpadded_data = unpadder.update(decrypted_message) + unpadder.finalize()
-
-    return unpadded_data.decode()
-
-
-def encrypt_message(message: str, encryption_key, iv: Optional[bytes] = None) -> str:
-    padder = padding.PKCS7(128).padder()
-    padded_data = padder.update(message.encode()) + padder.finalize()
-
-    iv = iv if iv else secrets.token_bytes(16)
-    cipher = Cipher(algorithms.AES(encryption_key), modes.CBC(iv))
-
-    encryptor = cipher.encryptor()
-    encrypted_message = encryptor.update(padded_data) + encryptor.finalize()
-
-    base64_message = base64.b64encode(encrypted_message).decode()
-    base64_iv = base64.b64encode(iv).decode()
-    return f"{base64_message}?iv={base64_iv}"
 
 
 def sign_message_hash(private_key: str, hash_: bytes) -> str:
@@ -58,17 +8,6 @@ def sign_message_hash(private_key: str, hash_: bytes) -> str:
     return sig.hex()
 
 
-def test_decrypt_encrypt(encoded_message: str, encryption_key):
-    msg = decrypt_message(encoded_message, encryption_key)
-
-    # ecrypt using the same initialisation vector
-    iv = base64.b64decode(encoded_message.split("?iv=")[1])
-    ecrypted_msg = encrypt_message(msg, encryption_key, iv)
-    assert (
-        encoded_message == ecrypted_msg
-    ), f"expected '{encoded_message}', but got '{ecrypted_msg}'"
-
-
 def normalize_public_key(pubkey: str) -> str:
     if pubkey.startswith("npub1"):
         _, decoded_data = bech32_decode(pubkey)