feat: EVM payment integration for client chunk storage

[grumbach]

What

End-to-end EVM payment flow for storing chunks on saorsa-node. Clients request quotes from network nodes, pay on-chain (Arbitrum / local Anvil), and submit payment proofs with chunk storage requests. Nodes verify proofs before accepting data.

Why

Storage on the saorsa network must be paid. This PR implements the full cycle: quote, pay, store, verify — mirroring the autonomi MerklePaymentVault contract pricing model. Without this, nodes accept data for free with no economic incentive to run a node.

Architecture

Client                          Network Nodes                    EVM (Arbitrum/Anvil)
  |                                  |                                |
  |-- find 5 closest peers (DHT) -->|                                |
  |-- request quotes -------------->| generate ML-DSA-65 signed quote|
  |<-------------- 5 quotes -------|                                |
  |-- select median, pay 3x -------|----- on-chain payment -------->|
  |<-------------------------------|------- tx confirmation --------|
  |-- PUT chunk + payment proof -->| verify signatures (blocking)   |
  |                                | verify on-chain payment ------>|
  |<-------------- stored ---------|                                |

Key changes

Payment flow (src/payment/)

• Pricing — Logarithmic capacity-based pricing: empty nodes charge minimum, nearly-full nodes charge exponentially more, creating natural load balancing
• Quotes — ML-DSA-65 signed quotes with signer probe at startup to fail fast on bad keys
• Verification — Proof size validation, exactly 5 quotes required, duplicate peer rejection, xorname binding checks, signature verification offloaded to blocking threads
• Caching — LRU cache for verified addresses with atomic stats counters
• Metrics — Quoting metrics with persistence debounce (every 10 ops) and Drop flush

Client (src/client/)

• put_chunk_with_payment() — full quote > pay > store flow via DHT peer discovery
• put_chunk_with_proof() — store with pre-built proof (skip payment cycle)
• File chunking: 4MB chunks + manifest for multi-chunk file upload/download

Unified CLI (src/bin/saorsa-cli/)

• file upload/download — multi-chunk file operations with EVM payment
• chunk put/get — single-chunk operations (stdin/stdout support)
• Wallet via SECRET_KEY env var (no CLI flags for secrets)
• saorsa-client binary removed — all functionality merged into saorsa-cli

Node enforcement (src/node.rs, src/storage/handler.rs)

• Production nodes block startup if payment is disabled
• Storage handler verifies payment proof before accepting chunks
• max_message_size configured for 4MB chunk transport

E2E test suite (tests/e2e/)

• complete_payment_e2e — 10-node network with full quote > pay > store > retrieve
• payment_flow — payment workflow tests (quotes, median pricing, caching)
• security_attacks — forged signatures, wrong amounts, replay attacks, oversized proofs
• scripts/test_e2e.sh — shell-based E2E: upload, download, SHA256 verify, on-chain TX verification, payment rejection

Stats

• 44 files changed, +7017 / -1160
• 245 unit tests, 13 security E2E tests
• code clean (zero warnings, zero errors)