Internalize factory layer and remove crossmintService from public API

[tomas-martins-crossmint]

CrossmintClient, ClientSDK, and CrossmintClientSDK were public but created a confusing second entry point into the SDK: a developer reading the public API could reasonably wonder whether to use CrossmintClient.sdk() or CrossmintSDK.shared(), and what the difference was. crossmintService: CrossmintService also leaked the raw HTTP client publicly, letting callers bypass auth and error handling entirely. No other Crossmint SDK exposes anything like it.

This pull request makes those types internal and removes the service leak, without changing any observable behavior.

Changes

• Made CrossmintClient, ClientSDK, and CrossmintClientSDK internal so CrossmintSDK is the only public entry point
• Removed crossmintService: CrossmintService from the public API; isProductionEnvironment is now a stored Bool derived at init time
• Dropped @_exported import CrossmintService so consumers no longer get all CrossmintService types injected into their namespace
• Made crossmintService private inside CrossmintClientSDK
• Removed async throws from logout() since the implementation was never async or throwing
• Removed nonisolated(unsafe) from CrossmintSDK._shared since the class is @MainActor and the compiler already enforces single actor access

[greptile-apps]

Prompt To Fix All With AI

Fix the following 1 code review issue. Work through them one at a time, proposing concise fixes.

---

### Issue 1 of 1
Sources/CrossmintClient/SwiftUI/CrossmintSDK.swift:41
**Dead stored property after `init`**

`sdk` is used exclusively during initialization to copy out `authManager`, `crossmintWallets()`, and `isProductionEnvironment`. After `init`, no method in this class ever reads `sdk` again, yet the stored reference keeps the entire `CrossmintClientSDK` instance — with its `crossmintService`, `secureStorage`, etc. — alive for the singleton's lifetime. Since all necessary values are now stored individually, `sdk` itself serves no purpose. It could be a local `let` inside `init` rather than a stored property, letting the `CrossmintClientSDK` instance be freed (its retained sub-objects like `authManager` survive through the other stored properties regardless).

_{Reviews (1): Last reviewed commit: "Remove nonisolated(unsafe) from _shared ..." | Re-trigger Greptile}

[greptile-apps]

_{Reviews (2): Last reviewed commit: "Remove nonisolated(unsafe) from _shared ..." | Re-trigger Greptile}

[greptile-apps]

_{Reviews (3): Last reviewed commit: "Remove nonisolated(unsafe) from _shared ..." | Re-trigger Greptile}