fix: address review findings — CREATE2 guard, transition test, docs

- LiquidityManager.setFeeDestination: add CREATE2 bypass guard — also
  blocks re-assignment when the current feeDestination has since acquired
  bytecode (was a plain address when set, contract deployed to it later)
- LiquidityManager.setFeeDestination: expand NatSpec to document the
  EOA-mutability trade-off and the CREATE2 guard explicitly
- Test: add testSetFeeDestinationEOAToContract_Locks covering the
  realistic EOA→contract transition (the primary lock-activation path)
- red-team.sh: add comment that DEPLOYER_PK is Anvil account-0 and must
  only be used against a local ephemeral Anvil instance
- ARCHITECTURE.md: document feeDestination conditional-lock semantics and
  contrast with Kraiken's strictly set-once liquidityManager/stakingPool

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

scripts/harb-evaluator/red-team.sh

@@ -133,6 +133,8 @@ log "  recenterAccess granted"
 # ── 3b. Set feeDestination to LM itself (fees accrue as liquidity) ─────────────
 # setFeeDestination allows repeated EOA sets; setting to a contract locks it permanently.
 # The deployer (Anvil account 0) deployed LiquidityManager and may call setFeeDestination again.
+# DEPLOYER_PK is Anvil's deterministic account-0 key — valid ONLY against a local ephemeral
+# Anvil instance. Never run this script against a non-ephemeral or shared-state chain.
 DEPLOYER_PK=0xac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80
 log "Setting feeDestination to LM ($LM) ..."
 "$CAST" send --rpc-url "$RPC_URL" --private-key "$DEPLOYER_PK" \