Harden shred reconstruction: dedup, bounded recovery queue, and robust deshred/FEC handling

[esemeniuc]

This PR hardens the shred forward/reconstruct path to improve correctness under duplicate/conflicting traffic and reduce backlog/memory risk. Added ~2k lines of tests to match shred spec.

Changes

• Reworked deshred into explicit ingest -> recover -> decode -> evict phases, with FEC state keyed by (fec_set_index, version, leader_signature) so conflicting variants are isolated.
• Added ingress guards: dominant-version filtering, median-slot anchor with configurable slot window (--reconstruct-slot-lookback, --reconstruct-slot-future), and canonical payload-prefix parsing that ignores trailing packet bytes.
• Improved conflict handling for data/coding duplicates, recovery retry gating based on FEC state changes, and unknown-start decode flow (emit best-effort once, commit later when real boundary arrives).
• Added reconstruction backpressure/observability: larger bounded queue, batch draining, drop-on-full accounting, queue high-watermark metrics, and richer deshred/FEC metrics (including invalid Merkle root and entry sanity errors).
• Updated forwarding dedup to hash canonical shred bytes (including ignoring retransmitter signatures for resigned Merkle shreds), skip forwarding discarded packets, and fix partial-send success/failure accounting.
• Operational polish: heartbeat now advertises the actual bound UDP port, public IP parsing is safer, gRPC entry streaming handles lagged receivers, and examples/deshred.rs now decodes with fixint + trailing-byte-tolerant bincode options.
• Expanded regression/spec tests across forwarder and deshred for version filtering, slot-poisoning resilience, trailing-byte behavior, duplicate replacement, unknown-start handling, and recovery correctness.