fix(card/kyc): redirect to /card/activate on Didit Declined and render structured warnings

[MusabShakeel576]

Cherry-pick of #2044 (already on qa) onto master.

Summary

• CardStatusResponse.kycWarnings is now KycWarning[] (objects shaped {risk, log_type, short_description, long_description, ...}) to match the backend's structured shape.
• Step-1 description formatter on /card/activate falls through DIDIT_WARNING_DESCRIPTIONS[risk] → short_description → long_description → formatted risk tag, so warnings we haven't enumerated (e.g. BARCODE_NOT_DETECTED) display human-readable copy from Didit instead of [object Object].
• New onVerificationDeclined in useDiditSession toasts and redirects to /card/activate?kycStatus=rejected. Wired into the Declined branches of the web SDK onComplete + status_updated event, the native SDK callback, and the polling loop. Previously Declined fell into onVerificationError, leaving the user on /kyc with a generic "Try again" button that just looped a fresh session against the same bad document.

Test plan

• On Didit Decline (custom DOB rule, expired doc, blocklisted doc), user is redirected to /card/activate?kycStatus=rejected.
• Step 1 description shows the specific warning text (e.g. "Date of birth could not be read from the document"), not the generic fallback.
• "Retry KYC" button creates a fresh Didit session.
• On Didit Approved → Rain forward fail (e.g. non-Latin name), user sees cardActivationFailureReason text alongside any Didit warnings.
• On Didit Approved → Rain Approved, flow continues to /card/ready.
• On Didit In Review / Resubmitted, flow goes to /card/pending (unchanged behavior).

https://claude.ai/code/session_01DAk1pR6NuGujs24TQ7TFwm

---

Generated by Claude Code

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

2 Skipped Deployments

Project	Deployment	Actions	Updated (UTC)
solid-app	Ignored		May 4, 2026 1:33pm
solid-app-staging	Ignored		May 4, 2026 1:33pm