Network-wide announcements signed by the bootstrap anchor posting id

New primitive: `VisibilityIntent::Announcement`, a public post whose
author MUST be the hardcoded bootstrap anchor posting identity
(`DEFAULT_ANCHOR_POSTING_ID`) and whose content carries an ed25519
signature by that key. Forged announcements (any other author, or
bad signature) are rejected by `control::receive_post` before storage
— they never enter the DB and never propagate via neighbor-manifest
diffs. Only the real anchor can publish announcements, and it does so
sparingly as part of the release deploy flow.

Uses release announcements to drive an in-app upgrade banner:
- Anchor publishes a signed `{category:release, version, channel,
  download_url, ...}` post during every deploy.
- Clients receive it via the normal CDN; `apply_announcement_if_applicable`
  stores the latest-per-category/channel in the settings kv, keyed
  e.g. `announcement:release:stable`.
- Welcome screen checks storage on startup; if the stored release
  version > CARGO_PKG_VERSION on the user's selected channel, a banner
  appears with a Download button that opens the system browser.
- Settings gets "Updates" section with Stable / Beta radio + Check-now
  button + current status line.

Core:
- `DEFAULT_ANCHOR_POSTING_ID: NodeId` constant (32 bytes, the anchor's
  current posting id — `17af141956ae...`).
- New `VisibilityIntent::Announcement` variant; feed filters in all 6
  `get_feed*` / `list_posts*` query sites updated to also exclude the
  new intent AND the pre-existing `GroupKeyDistribute` intent.
- `types::AnnouncementContent` + `ReleaseAnnouncement` structs.
- `crypto::{sign,verify}_announcement` — length-prefixed field digest
  with a "has release" 1-byte flag.
- New `announcement` module with `verify_announcement_post`,
  `apply_announcement_if_applicable`, `latest_release`,
  `build_announcement_post`, and a `StoredAnnouncement` envelope saved
  to settings so the UI can render without a full post scan.
- `Node::publish_announcement` refuses to run unless the default posting
  id equals the anchor constant — accidental use on client installs
  fails loud.

Wire / receive:
- `control::receive_post` verifies announcement signatures upfront
  alongside Control and Profile. Same pattern; same guarantees.

CLI one-shots (no daemon):
- `itsgoin <data_dir> --print-identity` — prints network_id +
  default_posting_id, exits.
- `itsgoin <data_dir> --announce --ann-category release
  --ann-channel stable --ann-version X --ann-title ... --ann-body ...
  --ann-url https://itsgoin.com/download.html` — builds + stores +
  propagates the signed post, exits.

deploy.sh:
- Now runs the announce one-shot inside the anchor-restart window
  (after binary swap, before start). The DB is free during that gap,
  so the one-shot can write without conflicting with the running
  daemon. The restarted daemon loads all storage on boot and serves
  the new announcement to pulling peers.

Tauri IPC:
- `check_release_announcement(channel)` → Option<ReleaseAnnouncementDto>
  — returns None when up-to-date.
- `get_update_channel` / `set_update_channel(channel)` — persists in
  settings kv key `ui_update_channel`; defaults to stable.
- `open_url_external(url)` — desktop-only (xdg-open / open / cmd start);
  refuses non-http(s) URLs. Android needs the opener plugin — TODO.

Frontend:
- Upgrade banner on the welcome screen, populated by
  `loadUpgradeBanner()`. Hidden when no newer release is known.
- Settings → Updates section with Stable/Beta radio + Check-now button
  + current status line.

Tests: announcement signature roundtrip; non-anchor author rejection;
non-announcement intent is a no-op. 124 / 124 core tests pass.

crates/core/src/crypto.rs

@@ -411,6 +411,75 @@ pub fn verify_profile(
     vk.verify_strict(&profile_post_bytes(display_name, bio, avatar_cid, timestamp_ms), &sig).is_ok()
 }
 
+/// Canonical bytes for an announcement signature. Length-prefixed strings
+/// prevent extension/reordering attacks; the release subfields are all
+/// bundled after a 1-byte "has release" flag.
+fn announcement_bytes(
+    category: &str,
+    title: &str,
+    body: &str,
+    timestamp_ms: u64,
+    release: &Option<crate::types::ReleaseAnnouncement>,
+) -> Vec<u8> {
+    let cat = category.as_bytes();
+    let tit = title.as_bytes();
+    let bd = body.as_bytes();
+    let mut buf = Vec::with_capacity(128 + cat.len() + tit.len() + bd.len());
+    buf.extend_from_slice(b"annc:");
+    buf.extend_from_slice(&(cat.len() as u64).to_le_bytes());
+    buf.extend_from_slice(cat);
+    buf.extend_from_slice(&(tit.len() as u64).to_le_bytes());
+    buf.extend_from_slice(tit);
+    buf.extend_from_slice(&(bd.len() as u64).to_le_bytes());
+    buf.extend_from_slice(bd);
+    buf.extend_from_slice(&timestamp_ms.to_le_bytes());
+    match release {
+        Some(r) => {
+            buf.push(1u8);
+            let c = r.channel.as_bytes();
+            let v = r.version.as_bytes();
+            let u = r.download_url.as_bytes();
+            buf.extend_from_slice(&(c.len() as u64).to_le_bytes());
+            buf.extend_from_slice(c);
+            buf.extend_from_slice(&(v.len() as u64).to_le_bytes());
+            buf.extend_from_slice(v);
+            buf.extend_from_slice(&(u.len() as u64).to_le_bytes());
+            buf.extend_from_slice(u);
+        }
+        None => buf.push(0u8),
+    }
+    buf
+}
+
+pub fn sign_announcement(
+    seed: &[u8; 32],
+    category: &str,
+    title: &str,
+    body: &str,
+    timestamp_ms: u64,
+    release: &Option<crate::types::ReleaseAnnouncement>,
+) -> Vec<u8> {
+    let signing_key = SigningKey::from_bytes(seed);
+    let sig = signing_key.sign(&announcement_bytes(category, title, body, timestamp_ms, release));
+    sig.to_bytes().to_vec()
+}
+
+pub fn verify_announcement(
+    author: &NodeId,
+    category: &str,
+    title: &str,
+    body: &str,
+    timestamp_ms: u64,
+    release: &Option<crate::types::ReleaseAnnouncement>,
+    signature: &[u8],
+) -> bool {
+    if signature.len() != 64 { return false; }
+    let sig_bytes: [u8; 64] = match signature.try_into() { Ok(b) => b, Err(_) => return false };
+    let sig = ed25519_dalek::Signature::from_bytes(&sig_bytes);
+    let Ok(vk) = VerifyingKey::from_bytes(author) else { return false };
+    vk.verify_strict(&announcement_bytes(category, title, body, timestamp_ms, release), &sig).is_ok()
+}
+
 /// Verify an ed25519 delete signature: the author's public key signed the post_id.
 pub fn verify_delete_signature(author: &NodeId, post_id: &PostId, signature: &[u8]) -> bool {
     if signature.len() != 64 {