[ rust-nostr/nostr ] nip46: fix nostrconnect:// secret handling per spec

Per NIP-46, nostrconnect:// URIs must include a 'secret' parameter to
prevent connection spoofing, and the remote signer must echo that secret
back as the result of the connect response. The client must validate it.

Previously:
- NostrConnectUri::Client had no secret field, so generated URIs never
  included a secret, violating the spec requirement
- get_remote_signer_public_key() only accepted 'ack' as a valid connect
https://github.com/rust-nostr/nostr/commit/9bcc6cd779a7c6eb41509b37aee4575fa5ae47b9