fdbcbf0bdd
P2-1: a money-tier request id is reserved the moment its prompt is raised (money_pending_ids); a replayed envelope (drain overlapping the live subscription, or deliberate) returns AlreadyPending / the cached result and can never raise a second prompt or re-sign. Applies to sign and escalated encrypt. Regression test covers both replay-while-pending and replay-after- completion. P2-3: the money modal for a pay-committing encrypt now shows the inspected plaintext (escaped + truncated exactly like the sign path), so the user sees what they are agreeing to pay, not a blind label. Hardening: - payment marker set widened (amount, total, price, msat), TODO(audit) kept. - identity dropped mid-session now answers identity_mismatch on the channel (refusal_json per op type) instead of silently timing out the site. - session-end payload carries reason: revoked (wallet end) / expired (TTL or idle sweep, newly published by the tick) / logout (site's own). - decrypt gets its own soft-cap window (30/min) and an honest 'reading your messages' notice, distinct from the signing-volume toast (new locale key in all six languages). - money answers route by the session's site channel key, never the display domain. - committed the auditor's env-gated NIP-44 v2 interop test against nostr-tools (GOBLIN_CT1 harness).