feat: persist extern AID metadata for alias-based lookup and rotation

[yeomjaeseung]

Description

Resolves #415

This PR completes the ExternKeeper implementation as discussed in the issue. Previously, extern type AIDs (managed by external modules) lacked a persistence layer in the KERIA database, which led to 500 Internal Server Errors during alias-based lookups and rotations.

By introducing eprms storage, this PR ensures that extern AIDs achieve functional parity with salty and randy types, allowing them to be fully managed via aliases within KERIA.

Key Implementation Details:

• Minimal Metadata Only: To maintain security boundaries, only extern_type and pidx are persisted. Assumption-free handling of externally managed key material is preserved.
• Enhanced info() Response: Extern AIDs now correctly expose their metadata via the info() helper, preventing lookup failures in RemoteManager.

Changes

keeping.py

• Added ExternPrm dataclass to store extern_type and pidx.
• Integrated eprms sub-database into RemoteKeeper for persistence.
• Implemented incept, rotate, and params methods in ExternKeeper to manage the metadata lifecycle.

aiding.py

• Updated IdentifierResourceEnd.rotate to support Algos.extern metadata updates.
• Updated AgentResourceEnd.on_put to allow client-side updates of extern_type and pidx.

Verification Results

• Alias Lookup: Confirmed identifiers().get(alias) returns the correct metadata without 500 errors.
• Rotation Flow: Verified that rotating an extern AID successfully updates the local DB state.
• Regression Testing: Ran full pytest suite — all tests passed with no regressions observed.

[kentbull]

Thank you for your contribution. If you are able, please post a sample project showing how this is used with SignifyTS so we can properly evaluate the PR.

If you'd like, you can submit the sample project in a new /examples project in the https://github.com/WebOfTrust/signify-react-ts project.

[kentbull]

And, ideally with something like Google KMS or other KMS that makes it easy to validate and test. I have a GCP account and can easily test with GCP, though will test with a different service if you submit with a different service, within reason.

[codecov]

Codecov Report

❌ Patch coverage is 61.22449% with 19 lines in your changes missing coverage. Please review.
✅ Project coverage is 86.58%. Comparing base (568fbb5) to head (e823413).
⚠️ Report is 4 commits behind head on main.

Files with missing lines	Patch %	Lines
src/keria/app/aiding.py	35.29%	11 Missing ⚠️
src/keria/core/keeping.py	75.00%	8 Missing ⚠️

❌ Your patch check has failed because the patch coverage (61.22%) is below the target coverage (75.00%). You can increase the patch coverage or adjust the target coverage.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #418      +/-   ##
==========================================
- Coverage   86.91%   86.58%   -0.34%     
==========================================
  Files          25       25              
  Lines        5451     5507      +56     
==========================================
+ Hits         4738     4768      +30     
- Misses        713      739      +26     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.