sx-pub Phase 4: anchoring — Merkle trees, OpenTimestamps, verification

New endpoints:
- POST /pub/anchor — batch unanchored Publish activities into Merkle tree,
  pin tree to IPFS, submit root to OpenTimestamps, store OTS proof on IPFS
- GET /pub/verify/<cid> — verify a CID's Merkle proof against anchored tree

Uses existing shared/utils/anchoring.py infrastructure:
- build_merkle_tree (SHA256, deterministic sort)
- get_merkle_proof / verify_merkle_proof (inclusion proofs)
- submit_to_opentimestamps (3 calendar servers with fallback)

Tested: anchored 1 activity, Merkle tree + OTS proof pinned to IPFS,
verification returns :verified true with full proof chain.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

sx/sxc/pages/helpers.py

@@ -52,6 +52,8 @@ def _register_sx_helpers() -> None:
         "pub-process-inbox": _pub_process_inbox,
         "pub-deliver-to-followers": _pub_deliver_to_followers,
         "pub-request-body": _pub_request_body,
+        "pub-anchor-pending": _pub_anchor_pending,
+        "pub-verify-anchor": _pub_verify_anchor,
     })
 
 
@@ -1806,3 +1808,13 @@ async def _pub_deliver_to_followers(activity_sx):
 async def _pub_request_body():
     from .pub_helpers import get_request_body
     return await get_request_body()
+
+
+async def _pub_anchor_pending():
+    from .pub_helpers import anchor_pending
+    return await anchor_pending()
+
+
+async def _pub_verify_anchor(cid):
+    from .pub_helpers import verify_cid_anchor
+    return await verify_cid_anchor(cid)