Enhance Groth16 verifier and part_stark_vk handling with versioning

[blake-pro]

Summary

Replace the per-graph zkm_version field with an attestation-based part_stark_vk verification system. Instead of tying each BitVM2 graph to a specific ZKM circuit version, part_stark_vk values are now attested via a Merkle tree signed by a multi-sig publisher set, enabling transparent and upgradeable verifier key management without breaking existing graphs.

Changes

New: part_stark_vk Attestation System (bitcoin-light-client-circuit)

• attestation.rs : Merkle-tree-based attestation for part_stark_vk values, including tree construction, multi-sig root signing with threshold publisher set, attestation bundle loading/snapshot persistence, and in-circuit witness verification.
• lib.rs: Updated watch_longest_chain and operator_prove to accept attestation inputs, verify sub-proof part_stark_vk against attested witnesses, and use verify_proof_with_part_stark_vk. Defined new WatchtowerPublicOutputs and OperatorPublicOutputs structs. Added part_stark_vk to watchtower commitment format.

Publisher Set Rotation (commit-chain)

• Added next_publisher_public_keys / next_threshold fields to CommitInfo and CircuitCommit with active_publisher_set() helper.
• Updated CommitChainState::apply to verify spending witness against the previous publisher set and assert the next update connector locks to the new set.
• Added prevout script_pubkey mismatch check in verify_p2wsh_multisig_witness.

zkm_version Removal from Graph

• Removed zkm_version from Graph struct, INSERT/SELECT queries, and build_graph_params / convert_graph.
• Migration: ALTER TABLE graph DROP COLUMN zkm_version.
• Removed zkm_version from RPC API doc examples; added backward-compat serde test.

Immutable Groth16 VK Transition (node/src/vk.rs)

• get_vk() and artifact installation no longer take a zkm_version parameter.
• Uses fixed groth16-imm-wrap-vk.tar.gz URL and IMM_GROTH16_VK_BYTES.

Operator & Watchtower Proof Handling (node/src/utils.rs)

• gen_watchtower_commitment now includes proof_part_stark_vk.
• Added load_part_stark_vk_for_zkm_version with catch_unwind for graceful error handling.
• Operator proof flow uses convert_ark_imm_wrap_vk with explicit part_stark_vk.

Circuit Hosts (operator, watchtower, header-chain, state-chain, commit-chain)

• Read zkm_version from .zkm_version.bin sidecar files.
• Added collect_requested_part_stark_vks to gather required part_stark_vk values.
• Watchtower and operator hosts load attestation witnesses and pass them to guest programs.

New Binary: part_stark_vk_attest

• CLI tool with build-tree and sign-root subcommands for managing part_stark_vk attestation trees offline.

Proof Builder RPC

• Added graph existence validation before creating watchtower proof tasks.
• Improved error handling for commit-chain proof data reading.
• Fixed typo: "Inconsistant" → "Inconsistent".

Dependencies

• Updated all Ziren dependencies (zkm-sdk, zkm-verifier, zkm-primitives, etc.) to v1.2.5.

Database Migration

⚠️ Breaking: Drops the zkm_version column from the graph table. Ensure all nodes are upgraded together.

Testing

• test_load_part_stark_vk_for_zkm_version_accepts_known_version
• test_load_part_stark_vk_for_zkm_version_rejects_unknown_version_without_panic
• test_verify_p2wsh_multisig_witness_rejects_prevout_script_mismatch
• dbg_serde_ignores_legacy_graph_zkm_version
• Attestation module includes ~500 lines of unit tests covering Merkle tree, signing, witness verification, and snapshot persistence.