Implements social.coves.community.update endpoint for updating
community profiles (displayName, description, visibility, etc.).

Changes:
- Add UpdateHandler with XRPC endpoint support
- Register update route in community routes
- Uses community's own PDS credentials (V2 architecture)
- Preserves OAuth TODO for production deployment

Related: Update endpoint was defined in service layer but had
no HTTP handler or route registration.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

V2.0 Communities Architecture: PDS-Managed Keys & Password Encryption

This major refactor simplifies community provisioning by delegating all
cryptographic operations to the PDS, enabling faster shipping and better
atProto compliance.

Key Changes:
- Password encryption (not hashing) for session recovery
- PDS-managed DID and key generation
- Removed Coves-side DID generator
- Local PLC directory for E2E testing
- Comprehensive integration tests

Architecture Benefits:
- Simpler codebase (less cryptography to maintain)
- Faster community creation
- Standard atProto migration support
- Better separation of concerns

Migration Path:
- V2.0 (current): PDS-managed keys, Coves-to-Coves migration
- V2.1 (future): Optional Coves rotation key for external migration

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

Update development configuration and project documentation to reflect
V2.0 architecture changes and improve code review guidelines.

Changes:
- .env.dev: Add PLC directory configuration for local development
- CLAUDE.md: Enhance PR review checklist with V2-specific concerns

Documentation Updates:
- Clarify atProto write-forward architecture requirements
- Add federation and DID resolution verification steps
- Improve security review checklist
- Add performance and testing coverage guidelines

Environment Updates:
- Configure PLC_DIRECTORY_URL for local PLC directory
- Update IS_DEV_ENV flag documentation

These changes support better code review practices and local
development workflow for V2.0 communities.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

Remove unused dependencies that were only needed for Coves-side DID
generation and key management, which has been delegated to the PDS
in V2.0 architecture.

Changes:
- Remove unused crypto libraries
- Update go.mod and go.sum after dependency cleanup
- Simplify dependency tree

The PDS now handles all cryptographic operations for community DIDs,
reducing our dependency footprint and maintenance burden.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

Remove Coves-side DID generator in favor of PDS-managed DID generation.

Removed Files:
- internal/atproto/did/generator.go
- internal/atproto/did/generator_test.go

Rationale:
V2.0 architecture delegates all DID and key management to the PDS for:
- Bluesky PDS cannot handle record imports created outside the PDS.
- No complex cryptography
- Standard atProto compliance (PDS owns community identity)

The PDS now handles:
- DID generation (did:plc format)
- Signing key generation and storage
- Rotation key generation and storage
- PLC directory registration

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>