[TON-366] Add antiscam domain filtering feature

[g3co]

Summary

Add antiscam domain filtering to the bridge to protect users from known malicious dApps.

When enabled, the bridge checks the Origin header of incoming requests against a periodically refreshed blocklist of scam domains. Blocked origins are handled silently to avoid tipping off attackers:

• SSE connections (/bridge/events): instead of rejecting, the bridge feeds a poison stream of random garbage data, wasting the scam dApp's resources
• Message pushes (/bridge/message): returns 200 OK without actually delivering the message

Why

Scam dApps abuse the bridge to send phishing transaction requests to wallets. Blocking at the bridge level stops these messages before they reach users, without requiring wallet-side changes.

[github-actions]

📊 Performance Metrics

Performance Metrics (memory storage)

• CPU: 0.75s (4 cores) • Goroutines: 8 • Threads: 8
• Memory: 7.3MB heap • 33.0MB RAM • 34.7MB total • 238783 allocs
• GC: 11 cycles (0.42ms avg)
• FDs: 9/65536 (0.0%)

[github-actions]

📊 Performance Metrics

Performance Metrics (postgres storage)

• CPU: 0.88s (4 cores) • Goroutines: 10 • Threads: 10
• Memory: 16.7MB heap • 52.8MB RAM • 38.5MB total • 264180 allocs
• GC: 10 cycles (0.49ms avg)
• FDs: 35/65536 (0.1%)

[github-actions]

📊 Performance Metrics

Performance Metrics (cluster-valkey storage)

• CPU: 0.68s (4 cores) • Goroutines: 11 • Threads: 10
• Memory: 20.0MB heap • 52.7MB RAM • 33.5MB total • 293234 allocs
• GC: 8 cycles (1.27ms avg)
• FDs: 71/65536 (0.1%)

[github-actions]

📊 Performance Metrics

Performance Metrics (dnsmasq storage)

• CPU: 0.26s (4 cores) • Goroutines: 11 • Threads: 8
• Memory: 7.8MB heap • 29.7MB RAM • 14.4MB total • 69339 allocs
• GC: 6 cycles (0.11ms avg)
• FDs: 71/65536 (0.1%)

[github-actions]

📊 Performance Metrics

Performance Metrics (nginx storage)

• CPU: 0.10s (4 cores) • Goroutines: 6 • Threads: 6
• Memory: 1.1MB heap • 21.3MB RAM • 1.1MB total • 6123 allocs
• GC: 0 cycles (0ms avg)
• FDs: 13/65536 (0.0%)