security: Implement strict balance invariant checks pre- and post-swap

[AlAfiz]

Description

To absolutely guarantee that our swap math doesn't result in missing funds due to rounding errors, we need invariant assertions.
Before a swap executes, we should record the pool's balance. After the swap and token transfers, we check the balance again.
The new balance must be exactly equal to or greater than the expected constant product math output.
If this invariant is violated, the contract must panic and revert the entire transaction immediately.

Requirements

• In the swap function, capture token_a.balance() and token_b.balance() before any transfers occur.
• Execute the internal math and cross-contract token transfers.
• Capture the balances again at the very end of the function.
• Assert that the new balance matches the mathematical expectation; return Error::InvariantViolated if it fails.