fix: security hardening + performance refactoring (code review batch 1)

- IDOR fix: deliberation vote now verifies juryMemberId === ctx.user.id
- Rate limiting: tRPC middleware (100/min), AI endpoints (5/hr), auth IP-based (10/15min)
- 6 compound indexes added to Prisma schema
- N+1 eliminated in processRoundClose (batch updateMany/createMany)
- N+1 eliminated in batchCheckRequirementsAndTransition (3 batch queries)
- Service extraction: juror-reassignment.ts (578 lines)
- Dead code removed: award.ts, cohort.ts, decision.ts (680 lines)
- 35 bare catch blocks replaced across 16 files
- Fire-and-forget async calls fixed
- Notification false positive bug fixed

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

src/server/routers/message.ts

@@ -145,7 +145,9 @@ export const messageRouter = router({
             scheduled: isScheduled,
           },
         })
-      } catch {}
+      } catch (err) {
+        console.error('[Message] Audit log failed:', err)
+      }
 
       return {
         ...message,
@@ -334,7 +336,9 @@ export const messageRouter = router({
           entityId: template.id,
           detailsJson: { name: input.name, category: input.category },
         })
-      } catch {}
+      } catch (err) {
+        console.error('[Message] Audit log failed:', err)
+      }
 
       return template
     }),
@@ -378,7 +382,9 @@ export const messageRouter = router({
           entityId: id,
           detailsJson: { updatedFields: Object.keys(data) },
         })
-      } catch {}
+      } catch (err) {
+        console.error('[Message] Audit log failed:', err)
+      }
 
       return template
     }),
@@ -402,7 +408,9 @@ export const messageRouter = router({
           entityType: 'MessageTemplate',
           entityId: input.id,
         })
-      } catch {}
+      } catch (err) {
+        console.error('[Message] Audit log failed:', err)
+      }
 
       return template
     }),