fix(wallet): return error instead of panicking on invalid current_height

[none34829]

Description

Closes #49.

TxBuilder::current_height and the fallback to chain.tip().height() in create_tx both called absolute::LockTime::from_height(h).expect(...), which panics whenever h >= 500_000_000. The Wizardsardine audit flagged this because it lets a remote Electrum/Esplora server crash the wallet by reporting a tip height at or above that threshold — panics on externally-provided input are unsafe for a library.

This PR replaces the panics with a typed error:

• TxParams.current_height now stores a raw u32 instead of an already-validated absolute::LockTime, so the builder setter no longer has to validate in a position where it can't return a Result.
• Wallet::create_tx performs the u32 -> LockTime conversion in one place, mapping the ConversionError to a new CreateTxError::InvalidCurrentHeight(u32) variant via ?.
• Both the explicit-caller path (TxBuilder::current_height) and the implicit-fallback path (chain tip) now flow through the same validation and surface the same error.

Notes to the reviewers

• The change to TxParams.current_height is crate-private (pub(crate)) so there's no external API break there. The TxBuilder::current_height public signature is unchanged.
• Adding a new variant to CreateTxError is technically an additive change, but it is an enum so downstream exhaustive matches would need to be updated. CreateTxError is not marked #[non_exhaustive], which is tracked separately in Consider making all error enum variants #[non_exhaustive] #239.
• Follows the audit recommendation: "it's safer to only panic on inconsistent internal state and not on externally provided inputs."

Changelog notice

• Fixed: Wallet::create_tx now returns CreateTxError::InvalidCurrentHeight instead of panicking when TxBuilder::current_height or the fallback chain tip height is >= 500_000_000.

Checklists

All Submissions:

• I've signed all my commits
• I followed the contribution guidelines
• I ran just p before pushing (140 lib tests + 118 wallet + 22 fee_bump + 10 persisted + 13 descriptor_macro + 54 doctests all pass; clippy clean; fmt clean; cargo doc clean)

Bugfixes:

• This pull request breaks the existing API
• I've added tests to reproduce the issue which are now passing
• I'm linking the issue being fixed by this PR

[codecov]

Codecov Report

❌ Patch coverage is 57.14286% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 80.16%. Comparing base (fbf803a) to head (3b457b3).

Files with missing lines	Patch %	Lines
src/wallet/error.rs	0.00%	3 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #449      +/-   ##
==========================================
- Coverage   80.21%   80.16%   -0.05%     
==========================================
  Files          24       24              
  Lines        5347     5350       +3     
  Branches      242      242              
==========================================
  Hits         4289     4289              
- Misses        980      983       +3     
  Partials       78       78              

Flag	Coverage Δ
rust	80.16% <57.14%> (-0.05%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.