Environment & Bootstrap Stability: Fix Ghost Account and Modernize PWA Manifest

- Resolved 'Ghost Account' warning by updating layout hydration to align with V3 ID Vision (account_id vs account_id_random).
- Improved site lookup reliability using Agent API Key and structured EQ filters for exact FQDN matching (including ports).
- Modernized PWA manifest with maskable icons (PNG/WebP), app shortcuts, and unique installation IDs.
- Implemented automatic Electron 'Native' mode detection in root layout.
- Fixed stale API URLs in Launcher native file download logic.
- Added V3 migration documentation and JWT verification test scripts.

tests/verify_jwt_logic.js

@@ -0,0 +1,64 @@
+
+const api_cfg_missing_jwt = {
+    headers: {
+        'x-aether-api-key': 'secret-key',
+    }
+};
+
+const api_cfg_with_jwt = {
+    headers: {
+        'x-aether-api-key': 'secret-key',
+    },
+    jwt: 'valid-jwt-token'
+};
+
+const api_cfg_with_header_jwt = {
+    headers: {
+        'x-aether-api-key': 'secret-key',
+        'jwt': 'valid-jwt-token-in-header'
+    }
+};
+
+function simulate_get_object(api_cfg, headers = {}) {
+    // Logic from api_get_object.ts
+    const headers_cleaned = {};
+    const merged_headers = { ...api_cfg['headers'], ...headers };
+
+    for (const prop in merged_headers) {
+        const prop_cleaned = prop.replaceAll('_', '-');
+        let value = merged_headers[prop];
+        if (value === null || value === undefined) continue;
+        headers_cleaned[prop_cleaned] = value;
+    }
+
+    const jwt = headers_cleaned['jwt'] || headers_cleaned['JWT'] || api_cfg['jwt'];
+    if (jwt && !headers_cleaned['Authorization'] && !headers_cleaned['authorization']) {
+        headers_cleaned['Authorization'] = `Bearer ${jwt}`;
+    }
+    
+    return headers_cleaned;
+}
+
+console.log("--- Test 1: Missing JWT in Config ---");
+const headers1 = simulate_get_object(api_cfg_missing_jwt);
+if (headers1['Authorization']) {
+    console.error("FAIL: Authorization header present when it should be missing.");
+} else {
+    console.log("PASS: Authorization header missing as expected.");
+}
+
+console.log("\n--- Test 2: JWT in Config Root ---");
+const headers2 = simulate_get_object(api_cfg_with_jwt);
+if (headers2['Authorization'] === 'Bearer valid-jwt-token') {
+    console.log("PASS: Authorization header present and correct.");
+} else {
+    console.error(`FAIL: Authorization header incorrect or missing. Got: ${headers2['Authorization']}`);
+}
+
+console.log("\n--- Test 3: JWT in Config Headers ---");
+const headers3 = simulate_get_object(api_cfg_with_header_jwt);
+if (headers3['Authorization'] === 'Bearer valid-jwt-token-in-header') {
+    console.log("PASS: Authorization header present and correct.");
+} else {
+    console.error(`FAIL: Authorization header incorrect or missing. Got: ${headers3['Authorization']}`);
+}

tests/verify_jwt_sync.js

@@ -0,0 +1,24 @@
+
+let ae_loc_mock = { jwt: 'valid-jwt-token' };
+let ae_api_mock = { headers: {} };
+
+function simulate_effect() {
+    if (ae_api_mock.jwt !== ae_loc_mock.jwt) {
+        console.log('Syncing JWT to API config');
+        ae_api_mock = {
+            ...ae_api_mock,
+            jwt: ae_loc_mock.jwt
+        };
+    }
+}
+
+console.log("--- Test: Sync JWT Effect ---");
+console.log("Before:", ae_api_mock);
+simulate_effect();
+console.log("After:", ae_api_mock);
+
+if (ae_api_mock.jwt === 'valid-jwt-token') {
+    console.log("PASS: JWT synced correctly.");
+} else {
+    console.error("FAIL: JWT not synced.");
+}