Message deletion / retraction (`delete_message`) with tombstones

Support sender-initiated retraction: set `messages.deletedAt`, null out `ciphertext` and delete envelopes, broadcast `message_deleted { messageId }`. Server cannot read content so deletion is purely by id + ownership. Only the sender (or admin) can delete.

**Acceptance criteria:**
- Retraction removes ciphertext + envelopes, keeps a tombstone row
- `message_deleted` broadcast to the room
- Only sender/authorized role can delete (`403` otherwise)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Message deletion / retraction (`delete_message`) with tombstones #189

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Message deletion / retraction (delete_message) with tombstones #189

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions

Message deletion / retraction (`delete_message`) with tombstones #189