Add verifyAdr36 verification support to provider app

[Copilot]

Aligns provider app auth implementation with middleman app to support both ERC4361 and ADR36 signature verification methods.

Changes

• apps/provider/package.json: Updated @poktscan/vault-siwp from #shannon to #shannon-adr36
• apps/provider/src/auth.ts: Replaced siwp.verify() with parallel verification via Promise.allSettled:

const results = await Promise.allSettled([
  siwp.verifyERC4361({ signature, domain, publicKey }),
  siwp.verifyAdr36({ signature, domain, publicKey }),
]);

if (results.every((result) => result.status === "rejected")) {
  throw (results.at(0) as PromiseRejectedResult).reason;
}

const result = results.find((result) => result.status === "fulfilled")!.value;

Authentication succeeds if either verification method passes, matching middleman behavior.

---

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.