- Add integration test `token_rotate_authority_then_new_authority_can_mint`:
create with self-authority, rotate to external key, verify new authority
mints as rest account, verify old authority is rejected (RFP-001 end-to-end)
- Fix README error table: 'must sign' -> 'must authorize' (matches mint.rs:36)
- Fix guest doc comments for mint/set_authority to describe the 0-or-1
external authority model correctly
- Fix example scripts: new-fungible-definition-with-authority -> new-fungible-definition,
--initial-supply -> --total-supply (align to token-idl.json and demo-full-flow.sh)
- replace unverified 'lgs wallet -- token' subcommands with the same spel
invocations as demo-full-flow.sh (correct flags, base58->hex authority)
- use the new --authority-account signer model
- remove misleading || true error-swallowing and false 'verified' claims;
point to the unit/integration tests that actually prove the guarantees