TEE audit fixes (findings 2, 3, 5, 7, 8, 9, 10, 11)

Summary

Addresses security audit findings in NitroEnclaveVerifier by reducing contract surface area and tightening security properties.

Changes

• Remove multi-version program ID sets (findings 3, 11): Drop EnumerableSet-backed _verifierIdSet/_aggregatorIdSet and all associated read/write functions. The contract now tracks only the single active program ID per coprocessor.
• Remove NotImplemented error (finding 2): Eliminated placeholder error for disabled upstream functions.
• Guard against FROZEN sentinel in addVerifyRoute (finding 8): Reject address(0xdead) with a new InvalidVerifierAddress error to prevent route map corruption.
• Tighten timestamp bounds (findings 9, 10): Change </> to <=/>= so both edges of the validity window are exclusive.
• Hardcode keccak256 length (finding 5) and document MAX_AGE allowance (finding 7).