[AZ-197] Remove hardware ID binding from resource flow

Sealed-Jetson + SaaS architecture eliminates the credential-reuse-across-
machines threat that motivated hardware fingerprint binding. The binding's
only remaining effect was a real production failure mode on legitimate
hardware events.

Production:
- Drop PUT /users/hardware/set and POST /resources/check.
- Simplify POST /resources/get/{dataFolder?} (no Hardware field).
- Remove CheckHardwareHash, UpdateHardware, Security.GetHWHash.
- GetApiEncryptionKey signature: (email, password) — no hardwareHash.
- Drop SetHWRequest DTO and Hardware property from GetResourceRequest.
- Remove HardwareIdMismatch (40) and BadHardware (45) ExceptionEnum
  entries; numeric codes left as a gap, not for reuse.

Wire-compat policy: drop entirely (no Loader; no in-flight legacy
clients). Stale callers will see 404s, which is the right loud failure.

Tombstones:
- User.Hardware DB column kept (nullable, unused) — separate cleanup
  ticket for the migration per workspace "no rename without confirmation".
- User.LastLogin is now never written by app code (only writer was inside
  the deleted CheckHardwareHash); flagged in batch_06_review for a future
  ticket.

Tests:
- Delete e2e HardwareBindingTests (165 lines) and Azaion.Test
  UserServiceTest (sole test was CheckHardwareHashTest).
- Drop Hardware payloads + /resources/check preconditions from e2e
  ResourceTests, SecurityTests, ResilienceTests; drop hardwareId arg
  from Azaion.Test SecurityTest.
- Add SecurityTests.Hardware_endpoints_are_removed_AZ_197 (AC-2 regression
  asserting both removed routes return 404).

Docs:
- architecture.md: System Context note, ADR-003 new key formula, ADR-004
  retired with rationale.
- diagrams/flows/flow_hardware_check.md: tombstoned.

Also archives the four batch-1+batch-2 task files into _docs/02_tasks/done/
(file moves were missed by the batch_05 commit).

Code review: PASS — see _docs/03_implementation/reviews/batch_06_review.md.

Co-authored-by: Cursor <cursoragent@cursor.com>

_docs/02_document/diagrams/flows/flow_hardware_check.md

@@ -1,17 +1,14 @@
-# Flow: Hardware Check
+# Flow: Hardware Check — OBSOLETE
+
+> **Removed in AZ-197 (2026-05-13).**
+>
+> The `POST /resources/check` endpoint, the `UserService.CheckHardwareHash` method, the `HardwareIdMismatch` (40) and `BadHardware` (45) error codes, and the hardware-hash component of `Security.GetApiEncryptionKey` no longer exist. Resource downloads no longer require a hardware fingerprint.
+>
+> See `_docs/03_implementation/batch_06_report.md` and the AZ-197 task spec for context. Devices ship as fTPM-secured Jetsons or via SaaS; per-machine credential binding is no longer the relevant threat model.
+>
+> This file is retained as a tombstone so historical references resolve. Do not link to it from new docs.
 
 ```mermaid
 flowchart TD
-    Start([POST /resources/check]) --> GetUser[AuthService.GetCurrentUser]
-    GetUser --> CheckNull{User null?}
-    CheckNull -->|Yes| Unauth[401 Unauthorized]
-    CheckNull -->|No| CheckHW[UserService.CheckHardwareHash]
-    CheckHW --> HasHW{User has stored hardware?}
-    HasHW -->|No - first time| StoreHW[Store hardware string in DB]
-    StoreHW --> UpdateLogin[Update last_login]
-    UpdateLogin --> ReturnHash([Return hwHash])
-    HasHW -->|Yes| CompareHash{Hashes match?}
-    CompareHash -->|Yes| UpdateLogin2[Update last_login]
-    UpdateLogin2 --> ReturnHash2([Return hwHash])
-    CompareHash -->|No| Mismatch([409: HardwareIdMismatch])
+    Start([POST /resources/check — REMOVED]) --> Removed[Endpoint deleted in AZ-197]
 ```