[TEST-03] `relay` crate thinly tested for a network-exposed component

[intendednull]

Audit finding from #300 (commit 679f9fe)

Severity: medium
Category: test coverage
File: crates/relay
Obvious fix: yes

Description

The relay crate is 994 SLOC with 16 tests (ratio 0.0161). 9 of those live in tests/bootstrap_endpoint.rs and only 7 are inline in src/lib.rs. Because a relay is publicly reachable infrastructure, the low coverage here translates directly into operational risk (malformed input, eviction, auth boundaries).

Impact / Threat

Operational risk on a network-exposed component — malformed-input regressions, eviction policy bugs, and auth-boundary regressions can land undetected.

Suggested fix

Add tests for these named behaviors:

1. Reject malformed bootstrap request: send a frame with a truncated header / invalid varint and assert the relay closes the connection with a specific error code, never panics, and does not allocate unboundedly.
2. Per-peer connection cap: open more concurrent connections from a single source than the configured limit and assert excess connections are refused with the documented status while existing connections remain healthy.
3. Topic registry eviction: register topics until the relay's eviction threshold, then assert the LRU/aging policy actually drops the oldest entries and that a re-registration after eviction succeeds.

Verify

rg -c '#\[(tokio::|wasm_bindgen_)?test\]' crates/relay/