Generate SRI hash for our `realm-web` IIFE bundle

[kraenhansen]

To help developers secure themselves against code injection attacks through CDNs (https://unpkg.com/ in our case), I suggest we derive a hash of the IIFE bundle (following instructions on https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) and including this as the integrity on the script-tag in our README.md.