Cardano Updates

* Add ToJSON/FromJSON and NFData as EraTxAuxData superclass constraints
* Add ToJSON/FromJSON for Metadatum
* Add ToJSON/FromJSON for Data era and PlutusBinary
* Add FromJSON for PoolCert, ConwayGovCert, DijkstraDelegCert, DijkstraTxCert era
* Add ToJSON/FromJSON for ShelleyTxAuxData, AllegraTxAuxData, AlonzoTxAuxData
* Add round-trip JSON property test for TxAuxData era

* Add ToJSON/FromJSON as superclass constraints to EraScript
* Add ToJSON/FromJSON instances for MultiSig, Timelock and DijkstraNativeScript
* Add structured JSON serialisation for native scripts across all eras (Shelley, Allegra, Dijkstra)
* Add ToJSON/FromJSON instances for AlonzoScript with structured JSON format
* Rename kindObject (returning Value) to kindObjectValue; add new kindObject returning Aeson.Object
* Fix shelleyBasedEraNativeScriptToJSON and sizedNativeScriptGens to accept a child continuation to correctly handle nested scripts across eras
* Add round-trip JSON property tests for NativeScript and Script to the shared era spec

* Add ToJSON, FromJSON and NFData as EraTxWits superclass constraints
* Add ToJSON/FromJSON for WitVKey, BootstrapWitness
* Add ToJSONKey/FromJSONKey for AccountId
* Add ToJSON/FromJSON for Inclusive and Exclusive
* Add FromJSON for TxIn; fix txInToText to use unTxIx
* Add FromJSON for PoolCert
* Add ToJSON/FromJSON for ShelleyTxWits era
* Add FromJSON for AsIx, AlonzoPlutusPurpose AsIx, TxDats, Redeemers, AlonzoTxWits
* Add FromJSON for ConwayDelegCert, ConwayGovCert, ConwayTxCert era, ConwayPlutusPurpose
* Add FromJSON for GovActionId, Voter, Vote, VotingProcedure, ProposalProcedure, GovAction, GovPurposeId
* Add ToJSON/FromJSON for AccountBalanceInterval, DijkstraScript
* Add FromJSON for DijkstraDelegCert, DijkstraTxCert era
* Add round-trip JSON property test for TxWits era

* Add FromJSON (TxOut era) as EraTxOut superclass constraint
* Add FromJSON t as Val t superclass constraint
* Add ToJSON/FromJSON for Datum era
* Add FromJSON for ShelleyTxOut, AlonzoTxOut, BabbageTxOut
* Add FromJSON for MaryValue; fix FromJSON/FromJSONKey for AssetName to hex-decode
* Add round-trip JSON property test for TxOut era

Two paired fixes flagged in PR review:

- `vote_threshold()`: `(τ × expected_total_weight) as u64` truncated,
  so a non-exact product like 2.25 became 2 and a τ = 75% quorum
  accepted 2/3 = 67% of weight.  Switched to `.ceil() as u64`; with
  integer weights, the strict-less `voted_weight < threshold` check
  now enforces `Σ weight ≥ τ × total` exactly.  Mirrors the same fix
  in shared-consensus aggregation.

- `expected_total_weight` for `WfaLs`: built from `(persistent_voters
  + non_persistent_voters) as u64`, which truncated f64 sums.  A
  configured 600.7 quietly became 600, and any fractional sub-1
  configuration zeroed the denominator and trivialised the threshold.
  Switched to `.round() as u64` — closest integer matches the
  "expected committee size" semantic.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>

`record_vote`'s doc says `Σ weight ≥ τ × expected_total_weight`,
but the integer threshold was computed via `as u64` truncation,
which accepts quorum at less than τ when the product isn't an exact
integer (e.g. total=3, τ=0.75 → 2.25 truncates to 2, so 2/3 = 67%
passes a 75% quorum).

Switch to `.ceil() as u64`. With integer weights and the strict-less
`voted_weight < threshold` check this enforces the documented
inequality exactly.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>

The YAML knob `vote-threshold: u64` (absolute count, mode-dependent
in meaning) is replaced by `quorum-weight-fraction: f64` (always a
fraction). The absolute threshold is derived at config build from
`quorum_weight_fraction × expected_total_weight`, with the
denominator per mode: PV+NPV seats (WfaLs), node count (Everyone),
total active stake (TopStakeFraction).

Default kept at 0.6 (legacy 300/500) in config.default.yaml to
preserve existing-experiment numerics; code default 0.75 (CIP-0164).

For TopStakeFraction, `try_vote_for_endorser_block` emits the
voter's own stake as the per-EB weight (rather than 1). The quorum
check is unchanged in form — `Σ weight ≥ vote_threshold()` — because
the threshold method now returns stake-denominated values.

`SimConfiguration::build` enforces σ_c > τ for TopStakeFraction and
bails with a clear error referencing the PR. Two new tests:
`top_stake_fraction_uses_stake_weighted_quorum` (per-voter weight =
stake, low-stake majority does NOT certify) and
`sim_config_rejects_top_stake_fraction_when_sigma_c_le_tau`.

`shared_consensus.rs` adapter: `derive_quorum_fraction` collapses to
a passthrough; expected_total_weight uses the new helper.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>

Quorum is now `Σ voter_stake ≥ τ × total_active_stake` under
StakeCentile committee selection. WfaLs and EveryoneVotes keep their
head-count semantics. The aggregator's per-voter weight unit is now
mode-polymorphic — seats for WfaLs, 1 for Everyone, voter stake for
StakeCentile — and the denominator returned by
`committee::expected_total_weight` matches.

`wfa.rs` is renamed to `committee.rs` since wFA^LS is one of three
schemes now, not the only one. `voter_weights` and the `weight`
parameter widen from u32 to u64 so stake values fit; quorum
comparisons follow.

`ElectionsConfig::validate()` enforces σ_c > τ at startup for
StakeCentile (PR #1196 §"Quorum as a stake threshold"); both the
sim-rs adapter and net-rs net-node panic on a misconfigured set.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>

shared-consensus: let RB body and EB announcement coexist on overflow

The function-level doc still described the pre-BodyPath behaviour
("the RB body is empty" on overflow).  Under shared-consensus's
`production::BodyPath::decide` the RB body and a fresh EB
announcement can coexist: inline txs fill the RB body up to its
cap and the residual is announced via the EB.  Rewrite the doc
to cover the three actual outcomes (pure-RB, overflow split,
empty-for-safety).

Also drop the stale "(RB path only)" parenthetical on
`ProducedRb::included_tx_count` — the field counts inline txs in
both the pure-RB and overflow-split cases.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>

CIP-0164 §Step 1: "EBs should only be announced if a transaction
cannot be included in the base RB."  The spec's intent is to fill
the RB body first and announce an EB for what doesn't fit; only
cert + inline body is mutually exclusive (§Step 5 rule 1).
shared-consensus had been treating the overflow case as XOR — when
mempool > rb_body_max_bytes the body went empty and the manifest
went to a new EB — so a lazy-voter quorum miss left the next RB with
no inline txs and no Praos liveness.

Reshape `BodyPath` from a 3-variant enum (Empty | Inline | Eb) into
a single struct `{ inline: Vec<PendingTx>, manifest: Vec<TxId> }`.
The four legal CIP-0164 combinations all encode directly via which
fields are empty.  The overflow branch of `decide` drains
rb_body_max_bytes into `inline` (skipped when a cert ships, per
cert-XOR-inline-body) and then collects the FIFO residual into
`manifest`.  When a single oversize tx exhausts the mempool, the
manifest falls out empty and no EB is announced — the struct shape
expresses that without a defensive branch.

Consumers updated:
- net-node mempool wrapper mirrors the struct shape; production
  emits the EB iff manifest_hashes is non-empty.
- sim-rs shared_consensus adapter does the same.

Verified end-to-end with a 30-node cluster + lazy-voter behaviour
(fraction 0.5, quorum threshold 75%): every produced RB shows
tx_count=7-9 has_eb=true, matching the inline-body-fills-cap +
EB-carries-residual shape.  Quorum never reaches, EB certs never
form, but Praos liveness via inline body is preserved.

Co-Authored-By: Claude Opus 4.7 (1M context) <[email protected]>

Adds `Spec.Data.Value.Budget` with the lookup matrix for `valueOf` across
S1 / S3 / S8 / S100 value shapes at ada / middle / last / miss positions,
plus the standalone `unsafeDataAsValue` baseline per shape. Generated 96
golden files (eval / pir / uplc per bundle, 32 bundles total) capture CPU
and Memory cost evidence.

Companion to the merge PR for `valueOf` rewrite. This branch is kept
separate so the goldens — which only regenerate on upstream plugin or
cost-model changes, not on actual regressions — don't bloat the main
PR's diff or CI.

For IntersectMBO/plutus-private#2242.

Rewrites `PlutusLedgerApi.V1.Data.Value.valueOf` so the non-builtin lookup
path walks the underlying `BuiltinList` directly via `unsafeDataAsMap` /
`unsafeDataAsB` / `unsafeDataAsI`, compares keys with `equalsByteString`,
and short-circuits on the first match. No `Maybe` is materialised: the
"absent" answer is `0`, returned in-place by the `nilCase` of each
traversal. Avoids `withCurrencySymbol`'s continuation + `Map.lookup`'s
`Maybe`-wrapping, and bypasses the `ToData k`/`UnsafeFromData a` dictionary
work that `AssocMap.lookup` does per element. Semantics preserved.

Adds `Spec.Data.Value.test_valueOf`: a QuickCheck property that compiles
`valueOf` via TH, evaluates it on the CEK machine, and compares the result
against the host-Haskell `valueOf` for the same inputs. Differential test
against the Plinth compiler — any divergence is a compilation bug, not a
semantics bug.

Budget evidence (lookup matrix, `unsafeDataAsValue` baseline) lives on the
companion experimental branch `yura/issue-2242-valueof-evidence`, kept out
of this PR to avoid carrying ~96 golden files that would only ever regenerate
on upstream plugin/cost-model changes.

For IntersectMBO/plutus-private#2242.