Nonce and replay handling options - Session-scoped nonces (…

Nonce and replay handling options
- Session-scoped nonces (cheap): Maintain a per-session monotonic nonce off-chain (in the agent) and include it in the signed payload. Because the session key itself is on-chain and time-bound, replay outside the session is prevented, and within-session replay is blocked by the agent storing lastSeen nonces. For higher assurance across restarts, persist the highest nonce or an HMAC’d used-set.
- On-chain nonces (strongest, more gas): Keep a per-agent counter in the registry; prompts must include the current counter value and the agent increments it with a low-cost tx upon acceptance. Best for critical paths where replays must be provably impossible even if the agent’s local state is compromised.