Implement identity canon alignment

docs/scenarios.md

@@ -14,6 +14,7 @@ projection, audit, and event behavior testable without a UI.
 | two_applications | Catalog ownership and projections prevent application data leakage. |
 | sensitive_redaction | Sensitive values are redacted in runtime and claims-enrichment projections. |
 | audit_event_replay | Mutations carry audit records, outbox events, and correlation ids. |
+| identity_canon_context | Actor, user, account, authenticated subject, authorization principal, tenant, membership, grant-like facts, and evidence references stay distinguishable. |
 
 ## Fixture Actors