feat(attackers): XFF mismatch detection — attacker IP leak bounties

Attackers routinely front their scanners with VPNs/proxies, so the
TCP source we log is the proxy egress, not the real host. But a
surprising number of attacker setups are misconfigured: the proxy
forwards the real IP in an X-Forwarded-For (or Forwarded / X-Real-IP
/ CDN-variant) header. From our side that's a free attribution leak.

New _detect_ip_leak extractor in decnet/web/ingester.py fires at
ingest time per HTTP request. Logic:

1. Require service=http, source_ip present, headers present.
2. If source_ip ∈ DECNET_TRUSTED_PROXIES (comma-separated IPs or
   CIDRs) → legitimate reverse-proxy forwarding, skip.
3. Walk proxy-family headers in priority order: Forwarded (RFC 7239)
   → X-Forwarded-For → X-Real-IP → True-Client-IP → CF-Connecting-IP.
4. Extract the left-most parseable IP from the winning header.
5. If that IP differs from the TCP source → emit a bounty with
   bounty_type="ip_leak" carrying {source_ip, real_ip_claim,
   source_header, headers_seen, path, method}.

Storage is the existing Bounty table — no schema change; de-dup is
handled by Bounty's (attacker_ip, bounty_type, payload_hash) key, so
repeat requests with the same leaked IP don't spam.

AttackerDetail renders a warn-accent "LEAKED IPs:" row under ORIGIN
listing distinct real_ip_claim values; hover tooltip shows the source
header + path of the most recent leak. Only shown when at least one
ip_leak bounty exists.

RFC 7239 Forwarded parser handles the full vocabulary — bare IPv4,
IPv4:port, quoted, IPv6 in brackets, IPv6 with port — returning only
IPs that actually parse.

Closes DEVELOPMENT.md "Network Topology Leakage → X-Forwarded-For
mismatches". Phase 3 of the three-phase Attacker Intelligence series
(phases 1: scanned-vs-interacted, 2: PTR records already shipped).

DECNET_TRUSTED_PROXIES env shape matches THREAT_MODEL DA-08's
"revisit when verified-proxy config lands" note — same token set
future rate-limit work will consume.

tests/web/test_api_attackers.py

@@ -184,6 +184,7 @@ class TestGetAttackerDetail:
             mock_repo.get_attacker_by_uuid = AsyncMock(return_value=sample)
             mock_repo.get_attacker_behavior = AsyncMock(return_value=None)
             mock_repo.get_attacker_service_activity = AsyncMock(return_value=[])
+            mock_repo.get_attacker_ip_leaks = AsyncMock(return_value=[])
 
             result = await get_attacker_detail(uuid="att-uuid-1", user={"uuid": "test-user", "role": "viewer"})
 
@@ -213,6 +214,7 @@ class TestGetAttackerDetail:
             mock_repo.get_attacker_by_uuid = AsyncMock(return_value=sample)
             mock_repo.get_attacker_behavior = AsyncMock(return_value=None)
             mock_repo.get_attacker_service_activity = AsyncMock(return_value=[])
+            mock_repo.get_attacker_ip_leaks = AsyncMock(return_value=[])
 
             result = await get_attacker_detail(uuid="att-uuid-1", user={"uuid": "test-user", "role": "viewer"})
 
@@ -238,6 +240,7 @@ class TestGetAttackerDetail:
             mock_repo.get_attacker_by_uuid = AsyncMock(return_value=sample)
             mock_repo.get_attacker_behavior = AsyncMock(return_value=None)
             mock_repo.get_attacker_service_activity = AsyncMock(return_value=pairs)
+            mock_repo.get_attacker_ip_leaks = AsyncMock(return_value=[])
 
             result = await get_attacker_detail(
                 uuid="att-uuid-1",
@@ -249,6 +252,41 @@ class TestGetAttackerDetail:
             "scanned": ["http"],
         }
 
+    @pytest.mark.asyncio
+    async def test_ip_leaks_included_in_response(self):
+        """Attacker detail surfaces ip_leak bounty rows for the UI."""
+        from decnet.web.router.attackers.api_get_attacker_detail import get_attacker_detail
+
+        sample = _sample_attacker()
+        leaks = [
+            {
+                "timestamp": "2026-04-24T12:00:00+00:00",
+                "decky": "http-01",
+                "service": "http",
+                "bounty_type": "ip_leak",
+                "payload": {
+                    "source_ip": "203.0.113.42",
+                    "real_ip_claim": "198.51.100.7",
+                    "source_header": "X-Forwarded-For",
+                    "path": "/wp-admin/",
+                    "method": "GET",
+                },
+            },
+        ]
+        with patch("decnet.web.router.attackers.api_get_attacker_detail.repo") as mock_repo:
+            mock_repo.get_attacker_by_uuid = AsyncMock(return_value=sample)
+            mock_repo.get_attacker_behavior = AsyncMock(return_value=None)
+            mock_repo.get_attacker_service_activity = AsyncMock(return_value=[])
+            mock_repo.get_attacker_ip_leaks = AsyncMock(return_value=leaks)
+
+            result = await get_attacker_detail(
+                uuid="att-uuid-1",
+                user={"uuid": "test-user", "role": "viewer"},
+            )
+
+        assert result["ip_leaks"] == leaks
+        assert result["ip_leaks"][0]["payload"]["real_ip_claim"] == "198.51.100.7"
+
 
 # ─── GET /attackers/{uuid}/commands ──────────────────────────────────────────