feat(lite): startup unlock prompt + real-backend encryption verification

Startup lock screen (soft): once the first refresh reveals the auto-opened wallet
is encrypted+locked, show the unlock modal on launch (reusing renderLiteUnlockPrompt,
one-shot per session). Soft by design — balances stay viewable via viewing keys
while locked, so the user may dismiss and browse read-only; only spending needs
the passphrase.

Real-backend verification: add `lite_smoke --encrypt` (create -> encryptionstatus
-> encrypt -> lock -> unlock, checking flags; passphrase never printed). Running it
against the real SDXL backend showed encrypt LOCKS immediately
(after encrypt: encrypted=1, locked=1) — the backend removes spending keys right
after encrypting. The controller already relays encryptionstatus faithfully (UI is
state-driven, so unaffected), but the fake modeled encrypt->unlocked; corrected the
fake (encrypt -> encrypted+locked) and the test sequence (encrypt -> unlock -> lock
-> decrypt) to match real behavior.

Builds clean, tests pass, hygiene clean.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>

src/app.h

@@ -431,6 +431,8 @@ private:
     bool lite_firstrun_dismissed_ = false;
     // Lite send-time unlock: set to show the unlock modal when a spend is attempted while locked.
     bool lite_unlock_prompt_ = false;
+    // One-shot: prompt to unlock on startup once we learn the auto-opened wallet is encrypted+locked.
+    bool lite_startup_lock_checked_ = false;
     std::unique_ptr<daemon::DaemonController> daemon_controller_;
     std::unique_ptr<daemon::XmrigManager> xmrig_manager_;
     util::AsyncTaskManager async_tasks_;