fix(test-app): remove aud claim from JWT to resolve server validation error

Remove the aud (audience) claim from JWT payloads. The server's did-jwt
verification requires an audience option when aud is present, but the server
isn't configured to validate it, causing "JWT audience is required but your
app address has not been configured" errors.

Changes:
- Removed aud claim from JWT payload in generateEndorserJWT()
- Updated key derivation to User Zero's specific path (m/84737769'/0'/0'/0')
- Added public key verification against expected User Zero key
- Enhanced JWT diagnostics logging throughout
- Added alarm deduplication optimization (prevent duplicate alarms for same time)

Verified: JWT validation now passes (token length 360→333 chars, no audience
error). New error is API parameter validation (afterId required - separate issue).

test-apps/daily-notification-test/scripts/find-user-zero-key.js

@@ -0,0 +1,66 @@
+/**
+ * Script to find the correct derivation path for User Zero's DID
+ * 
+ * User Zero DID: did:ethr:0x0000694B58C2cC69658993A90D3840C560f2F51F
+ * Target address: 0x0000694B58C2cC69658993A90D3840C560f2F51F
+ */
+
+import { HDNodeWallet, Mnemonic } from 'ethers';
+
+const seedPhrase = "rigid shrug mobile smart veteran half all pond toilet brave review universe ship congress found yard skate elite apology jar uniform subway slender luggage";
+const targetAddress = "0x0000694B58C2cC69658993A90D3840C560f2F51F".toLowerCase();
+
+console.log('Target address:', targetAddress);
+console.log('Searching for matching derivation path...\n');
+
+const mnemonic = Mnemonic.fromPhrase(seedPhrase);
+let found = false;
+
+// Try standard Ethereum derivation paths
+for (let account = 0; account < 50; account++) {
+  try {
+    const path = `m/44'/60'/0'/0/${account}`;
+    const wallet = HDNodeWallet.fromPhrase(mnemonic.phrase, path);
+    const address = wallet.address.toLowerCase();
+    
+    if (address === targetAddress) {
+      console.log(`✅✅✅ MATCH FOUND: ${path}`);
+      console.log('Address:', wallet.address);
+      console.log('Private key (hex, no 0x prefix):', wallet.privateKey.slice(2));
+      console.log('\nUse this path in generateEndorserJWT():');
+      console.log(`const wallet = HDNodeWallet.fromPhrase(mnemonic.phrase, "${path}");`);
+      found = true;
+      break;
+    }
+    
+    if (account < 10) {
+      console.log(`Path ${path}: ${address}`);
+    }
+  } catch (e) {
+    console.error(`Error with path m/44'/60'/0'/0/${account}:`, e.message);
+  }
+}
+
+// Also try default path (no account index specified)
+if (!found) {
+  try {
+    const wallet = HDNodeWallet.fromMnemonic(mnemonic);
+    const address = wallet.address.toLowerCase();
+    console.log(`\nDefault path (fromMnemonic): ${address}`);
+    if (address === targetAddress) {
+      console.log('✅✅✅ MATCH FOUND: Default path (fromMnemonic)');
+      found = true;
+    }
+  } catch (e) {
+    console.error('Error with default path:', e.message);
+  }
+}
+
+if (!found) {
+  console.log('\n❌ No match found in first 50 account indices');
+  console.log('Possible causes:');
+  console.log('1. Different derivation path (not m/44\'/60\'/0\'/0/X)');
+  console.log('2. Wrong seed phrase');
+  console.log('3. User Zero registered with different key source');
+}
+