Summary

• Adds encryptWithSeed(), decryptWithSeed(), and getEncryptionPublicKeyWithSeed() to the MasterID class for friend-specific ECIES encryption
• Uses Type42 (BRC-42) key derivation in Type42 mode and hash-based path derivation in BIP32 mode, with a shared private #deriveKeyFromSeed() helper
• Each friend pair derives unique key pairs from each other's BAP IDs as seeds, enabling peer-to-peer encrypted messaging without transmitting private keys

Test plan

• 99 tests pass across 5 test files (no regressions)
• New tests/encrypted-dm.test.ts covers:
  • Public key derivation (determinism, uniqueness per seed/identity)
  • Alice-to-Bob and Bob-to-Alice round-trip encryption/decryption
  • Edge cases: empty string, unicode, CJK, large data, number array input
  • Base64 output format verification
  • Deterministic ciphertext behavior (expected with noKey ECIES)
  • Security: wrong seed, wrong counterparty key, third-party decryption, corrupted ciphertext all throw
  • BIP32 mode: key derivation, round-trip, determinism
  • Cross-mode: Type42 user communicating with BIP32 user