Cardano Updates

This commit implements property tests for the EveryoneVotes
implementation asserting that:

* votes cast by eligible voters are successfully verifiable under the
  same voting committee,
* fake (illegal) votes are successfully rejected, and
* certificates forged by multiple votes can be verifiable under the same
  voting committe

Co-authored-by: Nicolas BACQUEY <[email protected]>
Co-authored-by: Thomas BAGREL <[email protected]>
Co-authored-by: Agustin Mista <[email protected]>

* mithril-client-cli from `0.13.9` to `0.13.10`
* mithril-common from `0.6.70` to `0.6.71`
* mithril-end-to-end from `0.4.131` to `0.4.132`
* mithril-test-lab/mithril-devnet/VERSION from `0.4.31` to `0.4.32`

This is obviously a dirty hack, but works to drive the development right
now and side-steps key registration, while already exploring how to pass
the voting key into the right consensus components.

# Conflicts:
#	docs/get-started/client-sdks/typescript/evolution-sdk/get-started.md
#	docs/get-started/client-sdks/typescript/evolution-sdk/transactions.md

New `components/asteria-stub/` ships a tiny Debian image with
cardano-cli (+ liblmdb0 runtime), jq, and bash. Its only job is to
host composer scripts at `/opt/antithesis/test/v1/stub/`:

  - parallel_driver_heartbeat.sh — short tick, emits Sometimes
  - eventually_alive.sh         — post-fault: pings p1/p2/p3, Always
  - finally_alive.sh            — post-workload: pings p1/p2/p3, Always

The container itself just `sleep infinity`s. This is intentional:
the stub is the experimentation harness for evolving property checks
before touching the real asteria-player. Real game logic stays in
PR #67's `components/asteria-player/`.

Conventions adopted from the working sidecar template:
  - cardano-cli ping uses `-j --magic 42 --host X --port Y --tip
    --quiet -c1`. Without `-j --tip` the cli has no query target and
    exits non-zero.
  - SDK output goes to /tmp/sdk.jsonl (default path) on a tmpfs
    mount; Antithesis introspects that path. A named-volume
    convention (e.g. ANTITHESIS_OUTPUT_DIR=/sdk) is not picked up.
  - liblmdb0 must be apt-installed; cardano-cli loads liblmdb.so.0
    at start regardless of subcommand.

On failure, eventually_alive / finally_alive emit a self-classifying
JSON detail with the failing host, exit code, and the cardano-cli
stderr — so the next failure self-diagnoses without another round
trip.

Image referenced by content digest in
testnets/cardano_node_master/docker-compose.yaml; the publish-images
workflow builds and pushes both `:asteria-stub-v3` and
`:<full-commit>` on PR. Bootstrap relied on a paired git tag so the
script could resolve the friendly name back to a commit; once
merged, the digest pin is the only contract.

Updated canonized data handling to use JSON.stringify for escaping characters.

New `components/asteria-stub/` ships a tiny Debian image with
cardano-cli (+ liblmdb0 runtime), jq, and bash. Its only job is to
host composer scripts at `/opt/antithesis/test/v1/stub/`:

  - parallel_driver_heartbeat.sh — short tick, emits Sometimes
  - eventually_alive.sh         — post-fault: pings p1/p2/p3, Always
  - finally_alive.sh            — post-workload: pings p1/p2/p3, Always

The container itself just `sleep infinity`s. This is intentional:
the stub is the experimentation harness for evolving property checks
before touching the real asteria-player. Real game logic stays in
PR #67's `components/asteria-player/`.

Conventions adopted from the working sidecar template:
  - cardano-cli ping uses `-j --magic 42 --host X --port Y --tip
    --quiet -c1`. Without `-j --tip` the cli has no query target and
    exits non-zero.
  - SDK output goes to /tmp/sdk.jsonl (default path) on a tmpfs
    mount; Antithesis introspects that path. A named-volume
    convention (e.g. ANTITHESIS_OUTPUT_DIR=/sdk) is not picked up.
  - liblmdb0 must be apt-installed; cardano-cli loads liblmdb.so.0
    at start regardless of subcommand.

On failure, eventually_alive / finally_alive emit a self-classifying
JSON detail with the failing host, exit code, and the cardano-cli
stderr — so the next failure self-diagnoses without another round
trip.

Image referenced by content digest in
testnets/cardano_node_master/docker-compose.yaml; the publish-images
workflow builds and pushes both `:asteria-stub-v3` and
`:<full-commit>` on PR. Bootstrap relied on a paired git tag so the
script could resolve the friendly name back to a commit; once
merged, the digest pin is the only contract.

This changes the interface to provide the unticked chain dep state to
forgeBlock so we can determine whether and when the announcement was
made, but only check whether it's long enough ago in the
forgeShelleyBlock where we have access to pparams.

The decision on whether to produce an RB with txs or a certicate is not
used in the abstract code and thus can fully life in the concrete
Praos(+Leios) world.

Change genArrayTerm from Gen to MonadGen so it can be used in
CBORGen contexts (e.g. custom CBOR generators for Huddle specs).

Add plain DecCBOR instances for DijkstraBlockBodyRaw and
DijkstraBlockBody (needed for decoder equivalence tests), and a
custom ToExpr instance for DijkstraBlockBody. Add block_body to
the CddlSpec test suite.

Co-authored-by: Alexey Kuleshevich <[email protected]>

Replace the manual segmented-witness serialization with MemoBytes,
which simplifies the code significantly. The block body is now
serialized as a flat 3-element list [invalid_transactions, transactions,
peras_certificate] instead of 5 separate segments.

Also fix PerasCert to encode/decode as bytes (matching CDDL),
reimplement alignedValidFlags using IntSet, and expose
DijkstraBlockBodyRaw/MkDijkstraBlockBody from Internal module.

Co-authored-by: Alexey Kuleshevich <[email protected]>