feat: implement milestone proof hash verification (closes #78)

[harleyakoh]

Summary

Resolves #78

Implements on-chain structured proof hash storage and format validation for milestone submissions, as described in the issue.

Changes

\ ypes.rs\

• Added \proof_hash: Option<BytesN<32>>\ field to \Milestone\ struct for mandatory CID/commit hash storage
• Added \proof_hash: Option<BytesN<32>>\ field to \MilestoneSubmission\ for batch submissions
• Added \InvalidProofHash = 37\ to \ContractError\ enum

\lib.rs\

• Updated \milestone_submit\ signature to accept \proof_hash: Option<BytesN<32>>\
• Updated \�pply_milestone_submission\ to validate and store the hash rejects all-zero hashes ([0u8; 32]) as malformed/unset
• Updated \milestone_submit_batch\ to forward \proof_hash\ from each \MilestoneSubmission\

\events.rs\

• Added \MilestoneProofHashSubmitted\ event struct
• Added \emit_milestone_proof_hash_submitted\ emitted alongside \MilestoneSubmitted\ when a valid hash is provided

\ est.rs\ + integration tests + fuzz targets

• Updated all \Milestone\ struct constructions with \proof_hash: None\
• Updated all \milestone_submit\ / \ ry_milestone_submit\ call sites with the new parameter
• Added 3 new unit tests:
  • \ est_milestone_submit_with_valid_proof_hash\ valid 32-byte hash is stored correctly
  • \ est_milestone_submit_all_zero_proof_hash_rejected\ all-zero hash returns \InvalidProofHash\
  • \ est_milestone_submit_without_proof_hash_succeeds\ \None\ is accepted (hash is optional)

Notes

• The \proof_hash\ field is optional existing flows that don't provide a hash continue to work unchanged
• Oracle integration (future issue) can build on top of the stored \proof_hash\ field