feat: implement Migration 005 - fix foreign key constraint to ON DELETE RESTRICT

- Add Migration 005 to fix critical security vulnerability
- Change foreign key constraint from ON DELETE SET NULL to ON DELETE RESTRICT
- Prevents accidental account deletion through database constraints
- Update Active Pointer pattern documentation with current state analysis
- Achieve 83% compliance with Active Pointer + Smart Deletion Pattern

Security Impact: HIGH - Fixes critical data loss vulnerability
Migration: 005_active_identity_constraint_fix
Pattern Compliance: 5/6 components (83%)

Author: Matthew Raymer

src/db-sql/migration.ts

@@ -177,6 +177,33 @@ const MIGRATIONS = [
       AND EXISTS (SELECT 1 FROM settings WHERE id = 1 AND activeDid IS NOT NULL AND activeDid != '');
     `,
   },
+  {
+    name: "005_active_identity_constraint_fix",
+    sql: `
+      -- Migration 005: Fix foreign key constraint to ON DELETE RESTRICT
+      -- CRITICAL SECURITY FIX: Prevents accidental account deletion
+      
+      PRAGMA foreign_keys = ON;
+      
+      -- Recreate table with ON DELETE RESTRICT constraint (SECURITY FIX)
+      CREATE TABLE active_identity_new (
+        id INTEGER PRIMARY KEY CHECK (id = 1),
+        activeDid TEXT REFERENCES accounts(did) ON DELETE RESTRICT,
+        lastUpdated TEXT NOT NULL DEFAULT (datetime('now'))
+      );
+      
+      -- Copy existing data
+      INSERT INTO active_identity_new (id, activeDid, lastUpdated)
+      SELECT id, activeDid, lastUpdated FROM active_identity;
+      
+      -- Replace old table
+      DROP TABLE active_identity;
+      ALTER TABLE active_identity_new RENAME TO active_identity;
+      
+      -- Recreate indexes
+      CREATE UNIQUE INDEX IF NOT EXISTS idx_active_identity_single_record ON active_identity(id);
+    `,
+  },
 ];
 
 /**