#12077: Matrix: stabilize E2EE verification and modularize SDK

## Summary - migrate the Matrix extension from `@vector-im/matrix-bot-sdk` to the official `matrix-js-sdk` via a compatibility adapter - preserve existing Matrix plugin behavior (DMs, rooms, threads, media, reactions, polls, location, E2EE) while removing deprecated `request`-based dependency paths - replace mixin-based auto-join with explicit invite handling and add allowlist normalization - update Matrix docs/onboarding/dependency checks to reference `matrix-js-sdk` ## Security hardening - add redirect hardening in the Matrix HTTP helper to block cross-protocol redirects (`http` <-> `https`) - drop `Authorization` headers on cross-origin redirects - route Matrix password login through the hardened Matrix request helper (instead of direct `fetch`) ## Behavior and typing improvements - fix encrypted event bridge behavior so inbound encrypted messages are delivered only after successful decrypt - emit failed decryption events explicitly and avoid duplicate pre-decrypt message handling - add typed event overloads for Matrix client event handlers ## Current improvements - stabilize Matrix E2EE flows with matrix-js-sdk by hardening verification/cross-signing behavior and decrypt retry wiring - modularize Matrix SDK internals so crypto, transport, logging, persistence, and verification logic are separated and easier to maintain - add Matrix verification operations and configuration wiring, and document the updated Matrix encryption/verification flow ## What changed - extracted SDK concerns into dedicated modules under `extensions/matrix/src/matrix/sdk/`: - `verification-manager.ts` - `decrypt-bridge.ts` - `idb-persistence.ts` - `transport.ts` - `logger.ts` - rewired `extensions/matrix/src/matrix/sdk.ts` to delegate verification lifecycle operations to `MatrixVerificationManager` - improved Matrix client config/auth handling and storage paths for encrypted state/recovery key persistence - expanded Matrix channel/tool actions for verification and encryption status operations - updated Matrix docs with setup, E2EE behavior, verification operations, and troubleshooting notes ## Validation - `pnpm check` (run by operator) - focused Matrix test suite(s) including `extensions/matrix/src/matrix/sdk.test.ts` (run by operator)