Add Dusk contract standards and Forge reference contracts

[HDauven]

Adds a Dusk-native standards layer inspired by OpenZeppelin, but shaped around Dusk contract semantics instead of EVM compatibility.

This includes:

• reusable standards primitives for principals, nonces, replay protection, signed authorization, ownership, roles, pausing, reentrancy, proxy admin, timelock and multisig control
• DRC20 and DRC721 primitives with Dusk-native authorization and event semantics
• Forge reference contracts for:
  • authorization counter
  • DRC20 roles/pausable token
  • DRC721 collection
  • proxy counter
  • multisig controller
• client-side signing examples for Phoenix and Moonlight authorization
• Forge data-driver builds and ABI/data-driver fuzz coverage
• local-node/testnet smoke script covering positive and negative flows
• security, hardening, audit-readiness, and multisig review docs

Security Model

The standards layer explicitly distinguishes between:

• Moonlight callers, which can be observed directly or authorized by signed action
• contract callers, which can be observed directly
• Phoenix principals, which cannot cleanly act as msg.sender and therefore use explicit signed authorizations

Signed actions bind:

• contract ID
• domain
• action ID
• payload hash
• nonce
• expiry

The higher-level authorization helpers verify the full action envelope before consuming nonces, so failed authorization paths should not advance replay state.

Validation

The PR includes a large number of invariant tests, as well as fuzz/smoke tests for data-drivers and VM deploy/query tests.

Passed locally:

• cargo fmt --check
• git diff --check
• bash -n scripts/dusk-contract-standards-local-smoke.sh scripts/dusk-contract-standards-audit-grade.sh
• cargo clippy -p dusk-contract-standards --all-targets -- -D warnings
• cargo test -p dusk-contract-standards
• reference contract Wasm build
• Forge data-driver build
• VM deploy/query test
• data-driver fuzz smoke

Additional validation done outside of the test suite:

• full local-node smoke completed successfully
• full Dusk testnet deploy/action smoke completed twice successfully against https://testnet.nodes.dusk.network

The testnet smoke covered deploys plus positive and negative action flows for Phoenix auth, Moonlight auth, DRC20, DRC721, proxy admin and 2-of-3 multisig-governed proxy execution.

Prerelease Dependency Note

This is an early review PR before all supporting Aegis/Forge packages are published.

The branch currently depends on local prerelease checkouts:

• ../rusk-private

  • dusk-core
  • dusk-data-driver
  • dusk-vm
  • dusk-wallet-core
  • rusk-profile
  • rusk-prover

• ../forge-explicit-emits

  • Forge contract macro support for explicit event annotations via #[contract(emits = ...)]

Once those packages are released, this PR should be updated to published versions before final merge/release.

Review Focus

Please review especially:

• signed authorization envelope semantics
• nonce consumption and replay boundaries
• Phoenix vs Moonlight vs contract principal handling
• ownership and role authorization helpers
• pause semantics for token balance-changing operations
• multisig operation lifecycle and tombstone/replay behavior
• proxy admin and timelock safety assumptions
• data-driver ABI shape and client ergonomics

Auditor facing documentation can be found here to help in the process of conducting a full security review: https://github.com/dusk-network/contracts/blob/d2ca6e48e3af233d6610437dc89216b5ecf9ae3b/docs/dusk-contract-standards-audit.md