[codex] Repair transfer flows in bundled templates

[cgdusek]

Summary

• require recipient authorization for direct transfers in the TokenTransfer and AssetOwner templates
• preserve the original stakeholders on transfer proposal contracts so proposal lifecycle actions can recreate the holding correctly
• stop double-archiving on accept and restore the original holding on reject and withdraw
• add regression scripts for the shipped setup flow, proposal accept/reject/withdraw, and the invariant that owner-only direct transfers fail without recipient authorization

Root cause

The bundled templates mixed a one-step transfer API with contract creations that required the recipient as a signatory, and the proposal contracts dropped the original stakeholders while also returning consumed contract ids on rejection and withdrawal.

Validation

• created fresh token and asset projects from this branch in a new temp directory
• ran dpm test in both generated projects with DPM 3.4.11 and OpenJDK 17
• confirmed setup, proposalAcceptFlow, proposalRejectRestoresOriginal, and proposalWithdrawRestoresOriginal all pass in both generated projects
• confirmed directTransferWithoutRecipientFails passes in both generated projects as the negative authorization check

Closes #5.