iOS device-KEL rotation follow-ups (post Stage 1 local rotation)

[bordumb]

Follow-ups deferred from the initial iOS device-KEL rotation implementation.
The local-only rotation flow shipped without these; track here for Stage 2+.

Registry sync of rotation events

• Currently iPhone appends rot events to local IdentityStorage.kelEvents only.
• Paired devices (Mac CLI) won't see the iPhone's rotated key until we POST
  the event to a registry endpoint. Needs: endpoint design, offline retry
  queue, conflict handling if the registry already has a later state.

Multi-device / shared-KEL rotations

• Blocked on CESR indexed-signature support in the KERI validator.
• Once indexed sigs land, wire SharedKELService.removeDevice and the
  auths pair --recover flow to produce real remove/swap rotations.

Recovery flows

• What happens if the user loses the pre-committed next key (app data wiped,
  device reset after inception but before rotation)?
• Orphaned SE keys from interrupted rotations — need a cleanup sweep that
  runs on app launch (scans for orphaned v{N-1} tags after the version
  pointer has advanced).

Witness receipts

• Stage 1 ships witness-less. Stage 2 adds witness receipts; the iOS
  rotation flow will need to collect + persist receipts alongside rot events.

Validator round-trip CI

• Add a CI job that exports sample iOS-generated KEL fixtures and runs them
  through auths_keri::validate::validate_kel so iOS rotation output stays
  spec-compliant over time.

Entry points

• Rust FFI: crates/auths-mobile-ffi/src/device_kel_rotation.rs
• Swift service: auths-mobile/ios/Auths/Services/DeviceKelService.swift
• Swift UI: auths-mobile/ios/Auths/Views/RotateKeyView.swift