Remove per-signer PCR0 from registry, validate against AggregateVerifier's TEE_IMAGE_HASH

[leopoldjoy]

The TEEProverRegistry previously stored a PCR0 hash per signer and validated it against a manually-managed allowlist (validPCR0s). The TEEVerifier then checked it again on every proof verification against the AggregateVerifier's TEE_IMAGE_HASH. This was redundant and required manual PCR0 pre-registration.

This PR replaces both mechanisms with a single approach: at signer registration time, the attestation's PCR0 is validated against the TEE_IMAGE_HASH read live from the current AggregateVerifier implementation via the DisputeGameFactory. This keeps the registration-time gate (only signers from the correct enclave image can register) while eliminating the per-signer PCR0 storage and the manual allowlist.

Changes:

• Replace signerPCR0 mapping with isRegisteredSigner boolean mapping
• Remove validPCR0s, registerPCR0(), deregisterPCR0() from registry
• Add disputeGameFactory and gameType to registry (owner-settable, also passable via initialize())
• registerSigner() now reads TEE_IMAGE_HASH from the factory's AggregateVerifier and compares against the attestation's PCR0
• Simplify TEEVerifier to check isValidSigner() instead of comparing PCR0 values; remove ImageIdMismatch error
• Simplify addDevSigner(address) — no longer takes a pcr0Hash parameter
• Bump TEEProverRegistry to 0.3.0, TEEVerifier to 0.2.0

[cb-heimdall]

✅ Heimdall Review Status

Requirement	Status	More Info
Reviews	✅ 1/1	Denominator calculation Show calculation 1 if user is bot 0 1 if user is external 0 2 if repo is sensitive 0 From .codeflow.yml 1 Additional review requirements Show calculation Max 0 0 From CODEOWNERS 0 Global minimum 0 Max 1 1 1 if commit is unverified 0 Sum 1