Cardano Updates

cardano-crypto-wallet links against libsodium for Argon2id KDF and
XChaCha20-Poly1305 AEAD. Without this override, the Windows
cross-compiled DLL links against the default system libsodium, which
is not available in the Wine iserv environment (only libsodium-vrf is
present there, used by all other crypto packages).

This caused the iserv to crash (exit 1) at TH-module boundaries when
compiling cardano-wallet for Windows/ucrt64.

- wallet-key-export.hs: pattern-match HashedCredentials instead of
  tuple; V2 keys exit with a clear error (no XPrv export possible)
- wallet-key-export-test.hs: wrap serializeXPrv args in HashedCredentialsV1
- PersistPrivateKeySpec.hs: bind IO-returning encryptedCreate with >>=
- LayerSpec.hs: remove now-redundant XPrv import (Werror)
- Cardano.Wallet: use encryptedChainCode in decryptV2 to supply the
  missing 32-byte chain code so CC.xprv receives the full 96 bytes

The merged cardano-base PR changed encryptedCreateDirectWithTweak,
encryptedValidatePassphrase, and encryptedKeyMaterial to return IO
instead of pure Either, since they operate on locked memory.

- Bump SRP tag to cb068e0 (merged HEAD of cardano-base master)
- mkV2Credentials: lift to IO, bind encryptedCreateDirectWithTweak
- attachPrivateKeyFromPwd: bind mkV2Credentials with <-
- withRootKey: separate STM read from IO validation so
  encryptedValidatePassphrase can run outside atomically
- migrateV1toV2: bind encryptedCreateDirectWithTweak with >>=
- decryptV2: lift to IO; use mlsbToByteString + mlsbFinalize instead
  of BA.convert (MLockedSizedBytes has no ByteArrayAccess instance)

Tracks the rename from cardano-crypto-wallet-v2 to cardano-crypto-wallet
and the module rename from Cardano.Crypto.WalletV2.Encrypted to
Cardano.Crypto.WalletHD.Encrypted.

Integrates the new cardano-crypto-wallet-v2 package from cardano-base,
replacing the legacy PBKDF2/ChaCha20 passphrase scheme for root key
storage with an authenticated v2 envelope format.

Key changes:

- HashedCredentials is now a sum type (V1 / V2) stored in the same DB
  columns; v1 keys are the existing 128-byte XPrv blob, v2 keys are a
  longer CBOR envelope distinguished by byte length on read-back.

- withRootKey opportunistically migrates v1 keys to v2 on every
  successful passphrase use, atomically and silently, so no user action
  or schema migration is needed.

- attachPrivateKeyFromPwd now always creates v2 credentials for new
  wallets; a reattachPrivateKey helper handles wallet delete-recreate
  flows (shared wallet activation) preserving the credential format.

- GET /v2/wallets/:id now includes encryption_method in the passphrase
  object ("scrypt", "pbkdf2-hmac-sha512", or "argon2id-v2"), allowing
  frontends to detect legacy keys and prompt for a passphrase change.
  The Byron wallet handler also gains an EncryptWithArgon2idV2 branch
  that was previously a silent fallthrough to Nothing.

- PassphraseScheme gains a FromText instance to support JSON round-trips
  via ApiT.

Test coverage added:

- PersistPrivateKeySpec: 6 roundtrip tests covering V1 Shelley/Byron and
  V2 Shelley/Byron (no-payload and with-payload) serialization, plus
  column-length and empty-hash invariants for V2 keys. Uses seed
  0x02*32 (a valid ed25519 extended-key seed) for deterministic V2 key
  construction.

- WalletSpec: three migration scenario tests — V1→V2 upgrade on
  passphrase use, rejection on wrong passphrase, and V2 idempotency.

Supporting fixes:

- WalletFlavor: added instance for TestState so DummyState satisfies
  the WalletFlavor constraint needed by withRootKey and related ops.

- Credentials: added Show instance for HashedCredentials.

- DerivationSpec, LayerSpec, StoreSpec: updated to the new
  HashedCredentials API (constructors, serialization signatures).

cardano-crypto-wallet links against libsodium for Argon2id KDF and
XChaCha20-Poly1305 AEAD. Without this override, the Windows
cross-compiled DLL links against the default system libsodium, which
is not available in the Wine iserv environment (only libsodium-vrf is
present there, used by all other crypto packages).

This caused the iserv to crash (exit 1) at TH-module boundaries when
compiling cardano-wallet for Windows/ucrt64.

- wallet-key-export.hs: pattern-match HashedCredentials instead of
  tuple; V2 keys exit with a clear error (no XPrv export possible)
- wallet-key-export-test.hs: wrap serializeXPrv args in HashedCredentialsV1
- PersistPrivateKeySpec.hs: bind IO-returning encryptedCreate with >>=
- LayerSpec.hs: remove now-redundant XPrv import (Werror)
- Cardano.Wallet: use encryptedChainCode in decryptV2 to supply the
  missing 32-byte chain code so CC.xprv receives the full 96 bytes

The merged cardano-base PR changed encryptedCreateDirectWithTweak,
encryptedValidatePassphrase, and encryptedKeyMaterial to return IO
instead of pure Either, since they operate on locked memory.

- Bump SRP tag to cb068e0 (merged HEAD of cardano-base master)
- mkV2Credentials: lift to IO, bind encryptedCreateDirectWithTweak
- attachPrivateKeyFromPwd: bind mkV2Credentials with <-
- withRootKey: separate STM read from IO validation so
  encryptedValidatePassphrase can run outside atomically
- migrateV1toV2: bind encryptedCreateDirectWithTweak with >>=
- decryptV2: lift to IO; use mlsbToByteString + mlsbFinalize instead
  of BA.convert (MLockedSizedBytes has no ByteArrayAccess instance)

cardano-crypto and cardano-crypto-wallet both bundle ed25519.c with the
same ED25519_FN macro prefix (cardano_crypto_), producing duplicate
cardano_crypto_ed25519_* symbols.  The GHC runtime linker (used by iserv
for Template Haskell evaluation) is strict about duplicates and aborts on
the first affected module, breaking every TH splice in the cross build.

Fix via postPatch: sed the macro definition and all direct call sites in
the four affected C files, renaming cardano_crypto_##fn → ccw_##fn and
cardano_crypto_ed25519 → ccw_ed25519.  No Haskell FFI changes are needed
because the Haskell bindings only import wallet_encrypted_* / wallet_sodium_*
symbols, not the ed25519 internals directly.

- wallet-key-export.hs: pattern-match HashedCredentials instead of
  tuple; V2 keys exit with a clear error (no XPrv export possible)
- wallet-key-export-test.hs: wrap serializeXPrv args in HashedCredentialsV1
- PersistPrivateKeySpec.hs: bind IO-returning encryptedCreate with >>=
- LayerSpec.hs: remove now-redundant XPrv import (Werror)
- Cardano.Wallet: use encryptedChainCode in decryptV2 to supply the
  missing 32-byte chain code so CC.xprv receives the full 96 bytes