Fix/revert pr390 jwt downgrade (#404)

This pull request introduces a new resource leak test for the block
lifecycle and updates a wide range of dependencies in both the main and
integration test `go.mod` files. The changes are primarily focused on
improving test coverage for resource leaks and keeping the project
up-to-date with the latest upstream libraries.

### Testing improvements

* Added `app/vulnerability_test.go` with a new
`TestBlockLifecycleResourceLeak` test to detect goroutine and memory
leaks during block lifecycle operations. The test runs multiple
iterations, tracks resource usage, and outputs stack traces when leaks
are detected.

### Dependency updates (main `go.mod`)

* Updated many direct and indirect dependencies, including major
upgrades for `github.com/CosmWasm/wasmd`,
`github.com/CosmWasm/wasmvm/v3`, `github.com/cosmos/rosetta`,
`github.com/dvsekhvalnov/jose2go`, `github.com/go-webauthn/webauthn`,
`github.com/lestrrat-go/jwx/v2`, `github.com/prometheus/client_golang`,
and others to their latest versions. This helps ensure compatibility,
security, and access to new features.
[[1]](diffhunk://#diff-33ef32bf6c23acb95f5902d7097b7a1d5128ca061167ec0716715b0b9eeaa5f6L32-R47)
[[2]](diffhunk://#diff-33ef32bf6c23acb95f5902d7097b7a1d5128ca061167ec0716715b0b9eeaa5f6L55-R201)
[[3]](diffhunk://#diff-33ef32bf6c23acb95f5902d7097b7a1d5128ca061167ec0716715b0b9eeaa5f6L196-R294)

### Dependency updates (integration tests)

* Updated integration test dependencies to match the latest versions,
including `github.com/CosmWasm/wasmd`,
`github.com/go-webauthn/webauthn`, `cloud.google.com/go`, and AWS SDK
modules. This keeps integration tests consistent with the main codebase
and upstream changes.
[[1]](diffhunk://#diff-fb3953e4f94de3c0f24c3b70b3b9717472d12038e578ce7834d24572120c3ea7L30-R30)
[[2]](diffhunk://#diff-fb3953e4f94de3c0f24c3b70b3b9717472d12038e578ce7834d24572120c3ea7L40-R40)
[[3]](diffhunk://#diff-fb3953e4f94de3c0f24c3b70b3b9717472d12038e578ce7834d24572120c3ea7L53-R56)
[[4]](diffhunk://#diff-fb3953e4f94de3c0f24c3b70b3b9717472d12038e578ce7834d24572120c3ea7L85-R86)

Author: 2xburnt

app/vulnerability_test.go

@@ -0,0 +1,121 @@
+package app
+
+import (
+	"fmt"
+	"os"
+	"runtime"
+	"runtime/pprof"
+	"testing"
+	"time"
+
+	tmproto "github.com/cometbft/cometbft/proto/tendermint/types"
+)
+
+// TestBlockLifecycleResourceLeak repeatedly runs the failing input to reproduce resource leaks
+func TestBlockLifecycleResourceLeak(t *testing.T) {
+	// The failing input from fuzzing
+	failingTimestamp := int64(1750678259)
+
+	fmt.Printf("Starting resource leak test with timestamp %d (%s)\n", failingTimestamp, time.Unix(failingTimestamp, 0))
+
+	// Track initial resources
+	var m runtime.MemStats
+	runtime.ReadMemStats(&m)
+	initialGoroutines := runtime.NumGoroutine()
+	fmt.Printf("Initial - Memory: %d MB, Goroutines: %d\n", m.Alloc/1024/1024, initialGoroutines)
+
+	// Run the test multiple times to see if resources accumulate
+	for i := 0; i < 3; i++ { // Reduced to 3 iterations for debugging
+		fmt.Printf("\n--- Iteration %d ---\n", i+1)
+
+		// Force GC before each iteration
+		runtime.GC()
+
+		// Track resources before iteration
+		runtime.ReadMemStats(&m)
+		beforeGoroutines := runtime.NumGoroutine()
+		fmt.Printf("Before iteration - Memory: %d MB, Goroutines: %d\n", m.Alloc/1024/1024, beforeGoroutines)
+
+		// Run the test
+		func() {
+			chain := Setup(t)
+			ctx := chain.NewContext(false)
+			ctx = ctx.WithBlockHeader(tmproto.Header{Time: time.Unix(failingTimestamp, 0)})
+
+			// Cleanup
+			defer func() {
+				_, _ = chain.Commit()
+				runtime.GC()
+				if err := chain.Close(); err != nil {
+					fmt.Printf("DEBUG: chain.Close() error: %v\n", err)
+				}
+			}()
+
+			// Run BeginBlocker with timeout
+			beginDone := make(chan error, 1)
+			go func() {
+				if _, err := chain.BeginBlocker(ctx); err != nil {
+					beginDone <- err
+					return
+				}
+				beginDone <- nil
+			}()
+
+			select {
+			case err := <-beginDone:
+				if err != nil {
+					t.Fatalf("BeginBlocker failed: %v", err)
+				}
+			case <-time.After(2 * time.Second):
+				t.Fatalf("BeginBlocker timed out")
+			}
+
+			// Run EndBlocker with timeout
+			endDone := make(chan error, 1)
+			go func() {
+				if _, err := chain.EndBlocker(ctx); err != nil {
+					endDone <- err
+					return
+				}
+				endDone <- nil
+			}()
+
+			select {
+			case err := <-endDone:
+				if err != nil {
+					t.Fatalf("EndBlocker failed: %v", err)
+				}
+			case <-time.After(2 * time.Second):
+				t.Fatalf("EndBlocker timed out")
+			}
+		}()
+
+		// Track resources after iteration
+		runtime.ReadMemStats(&m)
+		afterGoroutines := runtime.NumGoroutine()
+		fmt.Printf("After iteration - Memory: %d MB, Goroutines: %d\n", m.Alloc/1024/1024, afterGoroutines)
+
+		// Check for resource leaks
+		if afterGoroutines > beforeGoroutines {
+			fmt.Printf("WARNING: Goroutine leak detected! +%d goroutines\n", afterGoroutines-beforeGoroutines)
+
+			// Dump goroutine stack traces to see what's leaking
+			fmt.Printf("=== GOROUTINE STACK TRACES ===\n")
+			pprof.Lookup("goroutine").WriteTo(os.Stdout, 1)
+			fmt.Printf("=== END STACK TRACES ===\n")
+		}
+
+		// Small delay to allow cleanup
+		time.Sleep(100 * time.Millisecond)
+	}
+
+	// Final resource check
+	runtime.ReadMemStats(&m)
+	finalGoroutines := runtime.NumGoroutine()
+	fmt.Printf("\nFinal - Memory: %d MB, Goroutines: %d\n", m.Alloc/1024/1024, finalGoroutines)
+
+	// TODO: Uncomment to fail on leaks once stable
+	// if finalGoroutines > initialGoroutines {
+	// 	t.Errorf("Resource leak detected: +%d goroutines", finalGoroutines-initialGoroutines)
+	// }
+}