chore: rename project from idfoto to relicario

Sweeping rename across crates, CLI binary, WASM bindings, extension, docs,
and vault metadata paths. Git remote updated to relicario.git.

- crates/idfoto-{core,cli,wasm} -> crates/relicario-{core,cli,wasm}
- IdfotoError -> RelicarioError
- IDFOTO_IMAGE env var -> RELICARIO_IMAGE
- ~/.config/idfoto -> ~/.config/relicario
- .idfoto/ vault metadata dir -> .relicario/ (breaking; pre-release)
- Binary name idfoto -> relicario
- Extension wasm module idfoto_wasm -> relicario_wasm
- Storage key idfotoSettings -> relicarioSettings
- All doc filenames and content references updated

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

CLAUDE.md

@@ -1,15 +1,15 @@
-# CLAUDE.md — idfoto
+# CLAUDE.md — relicario
 
 ## What is this
 
-idfoto is a git-backed, self-hostable password manager with a Rust core. Two-factor vault decryption: passphrase + a reference JPEG carrying a 256-bit secret embedded via DCT steganography. The server only ever sees opaque ciphertext.
+relicario is a git-backed, self-hostable password manager with a Rust core. Two-factor vault decryption: passphrase + a reference JPEG carrying a 256-bit secret embedded via DCT steganography. The server only ever sees opaque ciphertext.
 
 ## Build and test
 
 ```bash
 cargo build                    # build everything
 cargo test                     # run all tests (unit + integration)
-cargo test -p idfoto-core      # core library tests only
+cargo test -p relicario-core      # core library tests only
 cargo run -- --help            # CLI help
 cargo run -- generate -l 32   # quick smoke test
 ```
@@ -18,24 +18,24 @@ cargo run -- generate -l 32   # quick smoke test
 
 ```
 crates/
-├── idfoto-core/        # Platform-agnostic library (no filesystem, no git, no network)
+├── relicario-core/        # Platform-agnostic library (no filesystem, no git, no network)
 │   ├── src/
 │   │   ├── lib.rs      # Re-exports public API
-│   │   ├── error.rs    # IdfotoError enum (thiserror)
+│   │   ├── error.rs    # RelicarioError enum (thiserror)
 │   │   ├── crypto.rs   # Argon2id KDF + XChaCha20-Poly1305 encrypt/decrypt
 │   │   ├── entry.rs    # Entry, ManifestEntry, Manifest structs (serde)
 │   │   ├── vault.rs    # encrypt_entry, decrypt_entry, encrypt_manifest, decrypt_manifest
 │   │   └── imgsecret.rs # DCT-based 256-bit secret embedding in JPEGs
 │   └── tests/
 │       └── integration.rs  # Full-workflow and two-factor independence tests
-└── idfoto-cli/         # CLI binary
+└── relicario-cli/         # CLI binary
     └── src/
         └── main.rs     # clap CLI: init, add, get, list, edit, rm, sync, generate, device
 ```
 
 ## Key design decisions
 
-- **idfoto-core is bytes-in/bytes-out.** No filesystem, no network, no git operations. Makes it portable to WASM, Android, iOS.
+- **relicario-core is bytes-in/bytes-out.** No filesystem, no network, no git operations. Makes it portable to WASM, Android, iOS.
 - **XChaCha20-Poly1305** over AES-GCM — 192-bit nonce eliminates collision risk, fast in WASM/ARM without AES-NI.
 - **Single master_key** (no per-entry subkeys) — simpler, sufficient for family vault sizes.
 - **imgsecret uses central-embed DCT** — embeds only in the middle 70% of the image (15% crumple zone for crop tolerance), with majority voting across 5-50 redundant copies.
@@ -62,11 +62,11 @@ passphrase (UTF-8 bytes) || image_secret (32 bytes from reference JPEG)
 
 ## Remote
 
-Source code: `ssh://git@git.adlee.work:2222/alee/idfoto.git`
+Source code: `ssh://git@git.adlee.work:2222/alee/relicario.git`
 
 ## Design spec
 
-Full threat model, entropy analysis, and architecture: `docs/superpowers/specs/2026-04-11-idfoto-design.md`
+Full threat model, entropy analysis, and architecture: `docs/superpowers/specs/2026-04-11-relicario-design.md`
 
 ## Roadmap