[ARCH-04] Three catch-all `_ =>` arms in `materialize.rs` silently absorb new `EventKind` variants

[intendednull]

Commit: 2f26d91 · Finding: ARCH-04

Problem

crates/state/src/materialize.rs has three catch-all arms with inconsistent behaviour:

Line	Arm	Effect on unknown EventKind
materialize.rs:39	_ => panic!("genesis event must be CreateServer")	Hard panic
materialize.rs:99	_ => {}	Silent no-op
materialize.rs:167	_ => {}	Silent no-op
materialize.rs:300	_ => None (in required_permission)	No permission check

Adding a new EventKind variant will compile, apply cleanly to zero state on every peer, and silently diverge across peers that have different versions. Existing #201 tracks the required_permission arm; this issue is broader — three arms with three different policies in the same determinism-critical file.

The genesis-check policy diverges too: crates/state/src/dag.rs:140 returns Err(InsertError::NotGenesis) for the same condition that materialize.rs:39 panics on.

Fix

1. Replace every _ => arm in materialize.rs with an exhaustive match so new variants produce a compile error.
2. Align the genesis-check policy: either both dag.rs and materialize.rs return an error, or both panic — pick one.
3. Consider adding #[non_exhaustive] + #[deny(non_exhaustive_omitted_patterns)] on EventKind to force the compiler to flag missing arms at the crate boundary.

Supersedes/refines #201 — close #201 once this lands.

Obvious? No — touches every mutation handler and requires care to avoid breakage. Not auto-PR'able as a single batch.