Model deferred monitor persistence in chanmon fuzz

Replace the chanmon consistency harness' Watch wrapper with a
Persist implementation wired into the real ChainMonitor. This lets the
fuzzer observe the same persist_new_channel and
update_persisted_channel call shape as production, including
full-monitor writes from update_persisted_channel(None, ...).

Split the harness' monitor bookkeeping into two related queues. One
queue tracks serialized ChannelMonitor restart candidates. The other
tracks InProgress writes that still require a channel_monitor_updated
callback. A monitor can be unsafe as a restart candidate once a newer
baseline is durable, while its callback may still be needed to unblock
the live ChainMonitor. The two pieces of state must therefore be
represented separately.

Treat persist_new_channel and update_persisted_channel(Some(_)) as
writes that need completion callbacks when they return InProgress. Treat
the modeled update_persisted_channel(None, ...) path as a restart-only
full-monitor write from chain-sync or archive handling. Keep duplicate
same-id full-monitor restart candidates so reload can choose between
multiple full snapshots that were in flight together.

On reload, select either the durable baseline, the first pending restart
candidate, or the last pending restart candidate for each monitor. The
startup watch_channel calls complete immediately because the selected
monitors represent data loaded from simulated storage. After startup
registration, restore the node's configured persistence style for future
monitor writes.

Move monitor completion delivery through HarnessPersister helpers. The
fuzzer can complete all, first, second, or last pending completion
obligation without conflating that choice with the monitors available
for restart. Completion delivery calls ChainMonitor first and then
advances the harness' durable restart baseline.

Validation:

- cargo fmt --all
- git diff --cached --check
- fuzz Cargo.toml check with fuzzing cfgs
- chanmon_consistency corpus via run_fuzz_runner.sh

The corpus run completed 3535/3536 cases successfully. The single
remaining failure matched the known channel.rs:6268 unwrap signature.

Author: joostjager