docs(ai): add spec to close OnRamper signing oracle

[AntonioVentilii]

Motivation

sign_onramper_widget_url is an open signing oracle: it HMAC-signs the wallets / network_wallets / wallet_address_tags parameters exactly as supplied by any authenticated caller, without checking the addresses belong to msg_caller(). An attacker could get the backend to sign their own address and phish a victim into funding it via a valid, OISY-branded OnRamper URL. The HMAC is OnRamper's sole URL-integrity check, so a valid signature reads as OISY authorization.

This PR adds the spec only (spec-first per docs/ai/spec-driven-development/workflow.md); implementation follows in a separate breaking PR.

Changes

• Add docs/ai/spec-driven-development/specs/2026-06-22-fix-onramper-signing-oracle.md.
• The spec proposes deriving the caller's BTC/ETH/ICP/SOL receiving addresses server-side from the principal and signing only those, removing the three caller-supplied address fields (breaking Candid change), and making the endpoint async.
• Flags derivation parity with the chain-fusion signer as the central correctness risk (ETH schema-1 + keccak and SOL Schnorr-Ed25519 + base58 are net-new backend capabilities), with open questions and pending decisions called out for Cowork review.

Tests

None — documentation only. The spec defines the test plan (derivation-parity tests per chain, oracle-closed regression tests, FE updates) for the implementation PR.