Cardano Updates

- Replace absorbed ouroboros packages with sublibrary syntax in all .cabal files
- Replace cardano-ledger-byron-test with cardano-ledger-byron:{testlib}
- Replace cardano-crypto-test with cardano-crypto-wrapper:{testlib}
- Add allow-newer for cardano-lmdb:base (CHaP revision not visible at index-state)
- Add lmdb and liburing system deps (ouroboros-consensus plan resolution)
- Disable withHoogle (GHC 9.12 haddock panic on ouroboros-network)
- Add transitive dep constraints from node 10.7.0 freeze
- Fix Tx era → Tx TopTx era (ledger-core 1.19 TxLevel kind)
- Fix CoinPerByte import (moved to Cardano.Ledger.Coin)
- Fix bppMinFeeA/B → bppTxFeePerByte/bppTxFeeFixed

Work in progress — more compilation fixes needed in cardano-wallet-read.

Part of #5247

Node 10.7.0 sets `cardanoProtocolVersion = ProtVer 10 8`, which exceeds
the Conway-era maximum derived from the shelley genesis `ProtVer 8 0`.
Every forged block in the local cluster was rejected with
`HeaderProtVerTooHigh`.

## Changes

- Bump shelley genesis protocol version from 8.0 to 10.0
- Enable `ExperimentalHardForksEnabled`
- Add `dijkstra-genesis.json` and wire through
`GenesisFiles`/`GenNodeConfig`
- Bump `cardano-node-runtime` flake input to 10.7.0
- Align CHaP and index-state with node 10.7.0

## Verification

`WALLETS_CREATE_01` passes with node 10.7.0 (was timing out before this
fix).

Node 10.7.0 sets cardanoProtocolVersion to ProtVer 10.8 (or 11.0 with
experimental), which exceeds the Conway-era maximum derived from the
shelley genesis ProtVer 8.0. Every forged block was rejected with
HeaderProtVerTooHigh.

Changes:
- Bump shelley genesis protocol version from 8.0 to 10.0
- Enable ExperimentalHardForksEnabled (required by node 10.7.0)
- Add dijkstra-genesis.json and wire it through GenesisFiles/GenNodeConfig
- Add DijkstraGenesisFile to node-config.json template

## Summary

Bump `cardano-balance-transaction` pin from `98e7f41` to `964e8a2`. The
upstream library removed its cardano-api dependency
(cardano-foundation/cardano-balance-transaction#32, #33).

## Breaking changes from upstream

- `CardanoApiEra` type family removed
- `RecentEraBabbage` removed (Babbage demoted to non-recent)
- `RecentEraDijkstra` added
- `toCardanoApiTx`/`fromCardanoApiTx` removed
- `cardanoEraFromRecentEra`/`shelleyBasedEraFromRecentEra` removed

## Wallet-side compatibility

A `Cardano.Api.Extra` shim module provides the removed functions locally
so the wallet can continue using cardano-api types at the balance-tx
boundary:

- `CardanoApiEra` type family (Conway only)
- `cardanoApiEraConstraints` to bring era constraints into scope
- `toCardanoApiTx`/`fromCardanoApiTx` for ledger↔cardano-api conversion
- `cardanoEraFromRecentEra`/`shelleyBasedEraFromRecentEra`

All `RecentEraBabbage` pattern matches replaced with
`InNonRecentEraBabbage`. `RecentEraDijkstra` branches added as error
stubs.

Depends on #5244 (TLS certs).

Related: #5237, #5243

## Summary

- Regenerate expired TLS test certificates (expired April 7)
- Bump mithril client from 2543.1-hotfix to 2603.1
- Target `high-memory` runner label for E2E tests (OOM at 8GB cgroup
limit, raised to 32GB on builder-new-1)

Split from #5236 for independent merge.

Related: #5242

The upstream library removed cardano-api dependency (PRs #32, #33).
Breaking changes: CardanoApiEra type family removed, Babbage demoted
from RecentEra to non-recent, Dijkstra promoted to RecentEra.

- Add CardanoApiEra shim in Cardano.Api.Extra (temporary, will be
  removed when cardano-api is fully eliminated)
- Replace all RecentEraBabbage patterns with InNonRecentEraBabbage
- Add RecentEraDijkstra error stubs (wallet doesn't support it yet)
- Update test files: remove Babbage-era delegation tests, update
  TransactionSpec imports and pattern matches

Replace mkUnsignedTx + mkByronWitness/mkShelleyWitness with
mkLedgerTx + mkByronWitnessLedger/mkShelleyWitnessLedger in
the duplicated test module.

All 8 golden hex string tests pass — ledger-native construction
produces byte-identical CBOR to the cardano-api construction.

Alternative to Transaction.hs that builds transactions using
mkLedgerTx (ledger lenses) instead of Cardano.Api.TxBodyContent.

Implements mkTransactionLedger and constructUnsignedTxLedger with
key-witnessed withdrawals and certificates. Minting, script
witnesses, and reference scripts are TODO.

Remaining cardano-api dependencies (with TODOs):
- signTransaction takes Cardano.NetworkId
- sealWriteTx roundtrips through cardano-api
- certificateFromDelegationAction returns Cardano.Certificate