Fix/issue 119 cryptographic ledger hash

[afnan0304]

📝 PR Description

This PR resolves the critical vulnerability identified in Issue #119 regarding predictable, non-bound hash generation in the trust ledger and ESG reporting pipelines.

1. Cryptographic Immutability: Replaced the previous nonce-based hashing (which allowed for local data tampering without invalidation) with a deterministic SHA-256 digest via the Web Crypto API.
2. Canonicalization: Implemented a key-sorting logic (canonicalizeHashPayload) to ensure that JSON payload key order cannot induce hash mismatches.
3. Integrity Enforcement: Updated the entire trust lifecycle, including the write-path (ensuring ledger entries are sealed asynchronously before storage) and the read-path (implementing a verification loop in openIntegrityScan that recomputes and compares the digest against stored hashes).
4. Tamper Detection: The UI now explicitly surfaces "Cryptographic Tampering Detected" when the recomputed digest fails to match the stored record hash.

Related Issue

Fixes #119

🎯 GSSoC Points Target

• Difficulty: level:critical
• Quality: quality:exceptional
• Labels Requested: gssoc:approved, level:critical, quality:exceptional,type:security,type:bug`

💎 Quality Checklist

• Aesthetics: Glassmorphism applied?(N/A — Logic-only security refactor).
• Animations: Micro-animations or transitions added?(Yes — retained existing modal-based scan animations).
• Performance: Optimized assets and no unnecessary re-renders?(Yes — moved hashing to asynchronous crypto API).
• PWA: Manifest and Service Worker updated (if needed)?(N/A)
• Code Quality: JSDoc added, variables well-named, no console logs?

🧪 Testing Done

1. Hash Verification: Verified that computeSecureHash consistently produces identical hex strings for identical JSON payloads regardless of key order.
2. Asynchronous Integrity: Confirmed that recordTrustEvent correctly awaits the hash generation, preventing the race condition where records were saved before the hash was computed.
3. Tamper Simulation: Manually modified the trust-ledger in browser localStorage. Ran the Integrity Scan modal, which successfully flagged the entry as "Cryptographic Tampering Detected."
4. Integration Validation: Verified that the AuditPortal and ESGReporter correctly output the new SHA-256 signatures in all generated ESG PDF reports.

[Shruti070107]

@afnan0304 resolve conflicts

[afnan0304]

Don't merge now
The AI messed up resolving the conflictes. I will correct and commit again