[FEATURE] Model Signing with Ed25519

[noahgift]

Summary

Add cryptographic model signing for integrity verification and provenance tracking.

Background

Per trueno-aprender-stdlib-core-language-spec.md Section 13.4 (Model Persistence):

• Model signing with Ed25519

Requirements

1. Signing API

   impl Model {
       fn sign(&self, private_key: &Ed25519PrivateKey) -> SignedModel;
       fn verify(&self, public_key: &Ed25519PublicKey) -> Result<bool, Error>;
   }

2. Features

   • Ed25519 signature (fast, secure)
   • Embedded signature in SafeTensors metadata
   • Key management utilities
   • Signature verification on load

3. Security

   • Tamper detection
   • Provenance tracking
   • Chain of custody

Acceptance Criteria

• Models can be signed with Ed25519 keys
• Signatures can be verified
• Signature embedded in SafeTensors format
• Tampered models fail verification

Related

• Ruchy spec: docs/specifications/trueno-aprender-stdlib-core-language-spec.md
• SafeTensors already implemented in aprender::serialization

[noahgift]

Implementation already complete in src/format/mod.rs:

✅ save_signed() - Save models with Ed25519 signature
✅ load_verified() - Load and verify signatures (Jidoka principle)
✅ Signature embedded in .apr format (64-byte signature + 32-byte public key)
✅ Tamper detection (signature verification fails on modified content)
✅ Trusted key support for verification
✅ Feature gated (format-signing) via ed25519_dalek

Tests included:

• Roundtrip signing/verification
• Wrong key detection
• Tampering detection
• Unsigned file rejection
• Property-based security tests