docs(security): enhance security documentation and attack scenarios

- Added comprehensive 'Attack Scenarios' section to README.md
- Expanded docs/SECURITY.md with detailed 'Time-Lock Security' section and updated mitigations
- Updated app/security/page.tsx to detail rate limiting, CAPTCHA, and server-side time enforcement
- Marked completion of critical security enhancements in docs/TODO.md
- Removed obsolete README-TESTING.md

These changes improve security awareness and documentation completeness for TimeSeal's threat model and mitigations.

Author: teycir

README.md

@@ -233,9 +233,11 @@ wrangler secret put MASTER_ENCRYPTION_KEY
 
 ## 📚 Documentation
 
+- [API Reference](docs/API.md) - Complete REST API documentation
 - [Architecture Guide](docs/ARCHITECTURE.md) - Design patterns and abstractions
 - [Deployment Guide](docs/DEPLOYMENT.md) - Cloudflare setup instructions
 - [Security Documentation](docs/SECURITY.md) - Threat model and security controls
+- [Trust Assumptions](docs/TRUST-ASSUMPTIONS.md) - What you must trust to use TimeSeal
 - [Security Enhancements](docs/SECURITY-ENHANCEMENTS.md) - Key rotation, upload limits, integrity
 - [Key Rotation Guide](docs/KEY-ROTATION.md) - Master key rotation procedures
 - [Security Testing](docs/SECURITY-TESTING.md) - Penetration testing guide