Implement missing STUN/ICE and browser E2EE foundations

[Copilot]

Comprehensive audit identified critical gaps: browser clients use shared encryption keys (relay can decrypt), STUN/ICE claimed but unimplemented, and misleading code comments. This PR addresses the highest-priority items systematically.

Documentation Accuracy

• Remove 5 "(stub)" annotations from fully-implemented rift-rndzv functions
• Clarify README: STUN/ICE is in development (Phase 35), not complete
• Add prominent security warning to browser client docs about shared key vulnerability

Browser Security Foundation

New: rift-wasm/src/noise.rs - Noise protocol XX pattern for pairwise E2EE

// Replace insecure shared key with proper handshake
let mut initiator = NoiseHandshake::new_initiator(&static_key)?;
let mut responder = NoiseHandshake::new_responder(&static_key)?;

// Three-way handshake (-> e, <- e ee s es, -> s se)
let msg1 = initiator.write_message(None)?;
responder.read_message(&msg1)?;
// ... complete handshake

let transport = initiator.into_transport_mode()?;
let ciphertext = transport.send(plaintext)?;

Exported to WASM, ready for integration into rift-web-chat.

STUN/ICE Implementation (Phase 35.1)

New: rift-nat/src/stun.rs - RFC 5389 STUN Binding Request/Response

• StunBindingRequest encoder with random transaction IDs
• StunBindingResponse parser supporting MAPPED-ADDRESS and XOR-MAPPED-ADDRESS
• StunClient for querying servers with timeout/fallback
• IPv4/IPv6 support

Enhanced: ICE candidate gathering in rift-nat/src/lib.rs

pub struct Candidate {
    pub typ: CandidateType,     // Host | ServerReflexive | Relayed
    pub addr: SocketAddr,
    pub priority: u32,           // ICE priority calculation
    pub foundation: String,
}

pub async fn gather_candidates(nat_cfg: &NatConfig) -> Result<Vec<Candidate>, StunError> {
    // Collect host candidates from interfaces
    // Query STUN servers for server-reflexive candidates
    // Sort by priority (host > srflx > relay)
}

Test Coverage

+8 unit tests (58 → 66 passing):

• STUN message encoding/parsing roundtrips
• Candidate priority ordering per ICE spec
• Host candidate gathering (non-loopback filtering)

Next Steps

1. Integrate Noise handshake into rift-web-chat (Phase 1.2-1.4)
2. Complete STUN integration with mesh for candidate exchange (Phase 2.3-2.5)
3. Add ICE protocol messages for connectivity checks (Phase 3)

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.