feat: signed webhooks with retry support

[sungdark]

Summary

Implements signed webhook delivery for key events with HMAC-SHA256 signatures and retry support, addressing issue #77.

Features

Signed Delivery

• HMAC-SHA256 signatures via X-Webhook-Signature header
• Replay attack protection via timestamp validation (5-minute window)
• Secret rotation endpoint provided

Retry Support

• Automatic retry on failure (non-2xx response or timeout)
• Exponential backoff: 1 min → 5 min → 15 min
• Up to 3 delivery attempts

Event Types

• expense.created - fired when an expense is created
• expense.updated - fired when an expense is modified
• expense.deleted - fired when an expense is deleted
• bill.due - fired when a bill is created (indicating upcoming due)
• reminder.sent - fired when a reminder is sent

API Endpoints

Method	Endpoint	Description
GET	/webhooks	List subscriptions
POST	/webhooks	Create subscription
GET	/webhooks/:id	Get subscription
PATCH	/webhooks/:id	Update subscription
DELETE	/webhooks/:id	Delete subscription
POST	/webhooks/:id/rotate-secret	Rotate signing secret
GET	/webhooks/events	List supported event types

Webhook Payload Format

{
  "event": "expense.created",
  "timestamp": "2026-03-26T14:30:00+00:00",
  "data": {
    "id": 1,
    "amount": 100.00,
    "currency": "INR",
    "description": "Lunch",
    "date": "2026-03-26"
  }
}

Signature Verification

Receivers should verify:

1. Timestamp is within 5 minutes of current time
2. X-Webhook-Signature matches sha256=HMAC(timestamp + "." + body, secret)

# Python verification example
import hmac, hashlib, time

def verify(payload: str, timestamp: str, signature: str, secret: str) -> bool:
    ts = int(timestamp)
    if abs(time.time() - ts) > 300:
        return False
    expected = hmac.new(secret.encode(), f"{ts}.{payload}".encode(), hashlib.sha256).hexdigest()
    return hmac.compare_digest(f"sha256={expected}", signature)

Payment

Please send $50 via Wise/crypto to my payment details.

---

Closes #77