Deploy & document a secure payjoin-relay subdirectory naming scheme

[DanGould]

Right now payjoin-relay assigns per-session subdirectories by taking the first few characters of an arbitrary receiver specified base64 encoded pubkey. I'm not sure if these are as unique as the characters if for example base64 or the underlying pubkey has a header. Ensure we have unique keys and few collisions, which would be an annoying DoS. Perhaps a hash of the pubkey would be suitable.