error handling for invalid curve25519 public keys

[pompon0]

The function DhSecret which computes a Diffie-Hellman shared secret key now panics on an error. This is an issue as a malicious node could send a low order point public key to intentionally cause the key generation to fail. As this panic doesn't seem to be recovered anywhere it will crash the node.

The fix adds back error handling for DH secret generation and a test.

[github-actions]

The latest Buf updates on your PR. Results from workflow Buf / buf (pull_request).

Build	Format	Lint	Breaking	Updated (UTC)
✅ passed	✅ passed	✅ passed	✅ passed	Jan 16, 2026, 8:59 PM

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 43.75%. Comparing base (91ef5cb) to head (a67029f).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2709      +/-   ##
==========================================
- Coverage   43.76%   43.75%   -0.01%     
==========================================
  Files        1914     1914              
  Lines      159504   159512       +8     
==========================================
- Hits        69801    69799       -2     
- Misses      83284    83293       +9     
- Partials     6419     6420       +1     

Flag	Coverage Δ
sei-chain	45.76% <ø> (-0.01%)	⬇️
sei-cosmos	38.21% <ø> (+<0.01%)	⬆️
sei-db	68.72% <ø> (ø)
sei-tendermint	47.26% <100.00%> (-0.02%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines	Coverage Δ
...-tendermint/internal/p2p/conn/secret_connection.go	82.91% <100.00%> (-0.43%)	⬇️

... and 15 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.