fix(x/staking): validate bond_denom exists before updating params

[bit2swaz]

Description

Closes #25724

Adds validation to prevent governance from setting bond_denom to a non-existent denom via MsgUpdateParams.

Problem

The staking module currently allows governance to update bond_denom without validating that the denom exists on-chain. This creates a governance footgun where:

• Setting bond_denom to a non-existent denom places the chain in an unsafe state
• New staking operations reference a denom with no backing supply
• Core staking assumptions are violated

Solution

Add validation in the UpdateParams handler to check that the new bond_denom has non-zero supply in the bank module before allowing the update.

Changes

• Add supply check in UpdateParams handler using bankKeeper.GetSupply
• Return ErrInvalidDenom if bond_denom has zero supply
• Add test case for non-existent denom validation scenario
• Add ErrInvalidDenom error constant (code 46)
• Fix unrelated autocli help message golden file

Testing

• Added unit test for non-existent bond denom validation
• All existing tests pass
• Verified error message is clear and actionable

[bit2swaz]

@aljo242 this PR is updated with signed commits (DCO + Verified). Hope it helps :)

[bit2swaz]

@aljo242 thanks for the feedback :)

1. Errors: Removed the custom error and switched to sdkerrors.ErrInvalidRequest as requested.
2. Tests: I refactored the test coverage to be an integration test (added msg_server_params_test.go).Instead of mocking the bank keeper, I now use the real keeper to mint coins and verify the supply check against actual chain state. I also updated the mocks in the existing unit tests to accommodate the new call.

All tests are passing and commits are signed. Ready and waiting for re-review :)

[aljo242]

We need a changelog entry for this indicating that it is a breaking change

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 68.23%. Comparing base (7ec1f2d) to head (3b04ad4).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main   #25739   +/-   ##
=======================================
  Coverage   68.22%   68.23%           
=======================================
  Files         894      894           
  Lines       58146    58149    +3     
=======================================
+ Hits        39671    39677    +6     
+ Misses      18475    18472    -3     

Files with missing lines	Coverage Δ
x/staking/keeper/msg_server.go	88.21% <100.00%> (+0.09%)	⬆️

... and 3 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[bit2swaz]

@aljo242 updated based on the latest feedback:

1. changelog: added the breaking change entry to CHANGELOG.md (state machine breaking).
2. tests: switched all assertions in the integration test to use testify/require strictly, replacing the previous assertions.

commit is fully signed (-s) and verified (-S). Again ready for re-review :)

[bit2swaz]

@aljo242 thanks for the merge from main. looks like the CI workflows are currently "awaiting approval" to run. could you trigger those when you have a moment?

also, please feel free to let me know if there's anything else needed from me to get this landed :)

[bit2swaz]

@technicallyty ive removed the extra integration test file and moved the test case into TestMsgUpdateParams in x/staking/keeper/msg_server_test.go using mocks.

Validated with: go test -v ./x/staking/keeper -> Passed including the invalid_bond_denom_-_zero_supply case.

[technicallyty]

LGTM, thanks for the PR.