fix: remove plaintext postMessage fallback in DWeb Connect wallet

[LiranCohen]

Summary

Addresses enboxorg/enbox#886 (wallet side). Companion to enboxorg/enbox#887 (dapp-side fix).

Removes both plaintext postMessage fallback paths in the DWeb Connect wallet page, which previously sent delegate private keys, permission grants, and decryption keys unencrypted when the dapp didn't provide an ECDH ephemeral key or when encryption failed.

Changes

src/features/connect/DWebConnectPage.tsx

• Fallback path A removed: if the dapp doesn't send ephemeralPublicKey, the wallet now sends an { error: 'encryption_required' } response and shows an error — no private keys leave the wallet
• Fallback path B removed: the try/catch around encryptPostMessagePayload() no longer falls back to plaintext. If encryption fails, the error propagates to the outer catch which sends { error: 'connection_failed' } and shows the error UI
• Catch block notifies dapp: all errors (including encryption failures) send an error response to the dapp so it doesn't hang waiting for a response

What was exposed (before this fix)

When either fallback fired, the following were sent as a plain JS object via postMessage:

Field	Sensitivity
delegateDid.privateKeys	Ed25519 + X25519 private keys
delegateDecryptionKeys	HD-derived X25519 private keys
grants	Signed permission grant messages
connectedDid	User's real DID URI

[github-actions]

Coverage Report

Status	Category	Percentage	Covered / Total
🔵	Lines	27.57% (🎯 25%)	552 / 2002
🔵	Statements	26.99% (🎯 25%)	605 / 2241
🔵	Functions	32.63% (🎯 30%)	186 / 570
🔵	Branches	31.37% (🎯 29%)	455 / 1450

File Coverage

File	Stmts	Branches	Functions	Lines	Uncovered Lines
Changed Files
src/features/connect/DWebConnectPage.tsx	0%	0%	0%	0%	21-339

Generated in workflow #235 for commit c3830f1 by the Vitest Coverage Report Action