[#1924] Add Android voting snapshot wallet notes and note witnesses

[greg0x]

Part of zodl-inc/zodl-android#2193.
Slice of #1924 (umbrella draft PR being split into reviewable pieces).
Stacked on #1950 (PR 5 — delegation proof + submission).
Resolves MOB-1109

Why

Sixth slice of the Android shielded-voting integration. PR 5 (#1950) finishes
the delegation half (PIR precompute, proof + progress callback, submission).
This PR introduces the snapshot input-prep path that vote construction will
consume in PR 7: extracting wallet notes at a historical snapshot height,
storing the matching tree state in the voting DB, and generating per-bundle
note witnesses against that snapshot.

No public Synchronizer voting API is added. Wallet DB access from the voting
backend goes through a new internal SdkSynchronizer.getWalletDbPathForVoting()
rather than a public getWalletDbPath() accessor (one of the open decisions in
the split plan).

Not included

• Vote tree sync / VAN witnesses / vote commitment / cast-vote payloads (PR 7).
• Recovery records and share tracking (PR 8).
• Any new submission or proof-generation behavior.

Review focus

Primary review track: core-dev. Secondary: mobile-app-dev.

• getWalletDbPathForVoting() as internal suspend on SdkSynchronizer —
  whether this is the right shape, or whether voting note extraction should go
  through a narrower SDK API instead.
• Read-only wallet DB access from the voting backend, including account UUID,
  UFVK, and network binding for getWalletNotes.
• Historical note selection / snapshot anchor correctness in
  voting/notes.rs.
• TreeState frontier parsing and root consistency in extractNcRoot.
• Witness generation against a stored snapshot, including bundle-specific note
  filtering and stale cached witness replacement behavior.
• JNI byte-boundary validation via the shared helpers in voting/helpers.rs
  (Orchard FVK bytes, TreeState bytes, account UUID, witness payload sizes).
• Typed FFI models (JniNoteInfo, JniWitnessData) and how the typesafe layer
  enforces size/count invariants before handing data back to the SDK.

Validation

• cargo check --manifest-path backend-lib/Cargo.toml --locked
• cargo fmt --manifest-path backend-lib/Cargo.toml --check
• ./gradlew :backend-lib:compileReleaseKotlin :sdk-lib:compileReleaseKotlin
• ./gradlew ktlint detektAll
• ./gradlew checkProperties
• git diff --check

Author

• Self-review your own code in GitHub web interface
• Add automated tests as appropriate
• Update the manual tests as appropriate
• Check the code coverage report for the automated tests
• Update documentation as appropriate
• Run the demo app and try the changes
• Pull in the latest changes from the main branch and squash your commits before assigning a reviewer

Reviewer

• Check the code with the Code Review Guidelines checklist
• Perform an ad hoc review
• Review the automated tests
• Review the manual tests
• Review the documentation as appropriate
• Run the demo app and try the changes

[nullcopy]

Reviewed up to 97925a9

[nullcopy]

utACK a2c049e

[nullcopy]

utACK de35143

[linear]

MOB-1109