refactor(policy): mirror Rust write_builtins design in MockPolicyRegistry

[amiecorso]

Summary

Aligns MockPolicyRegistry storage behavior with the Rust precompile
(base/base origin/main commit 460972cc9) so the fork-test suite
no longer surfaces a counter / sentinel-slot divergence.

What changed

• Replace the lazy INITIAL_CUSTOM_COUNTER = 2 floor with an
  explicit writeBuiltins() that writes ALWAYS_ALLOW_ID and
  ALWAYS_BLOCK_ID into the policies mapping (renounced admin,
  exists bit set) and advances nextCounter to
  BUILTIN_POLICY_COUNT = 2. Idempotent; called lazily on every
  createPolicy entry to mirror Rust's is_initialized → write_builtins
  flow.
• Drop the redundant built-in fast paths from policyAdmin and
  pendingPolicyAdmin. After writeBuiltins, the normal storage
  read returns address(0) for the sentinels just like for any
  renounced or uncreated policy — matching the Rust impl.
• Keep the built-in fast paths in isAuthorized and policyExists:
  B-20 tokens may query the sentinel IDs (and especially
  ALWAYS_ALLOW_ID = 0, the EVM default for unset policy slots)
  before any createPolicy triggers init.
• Update _predictNextPolicyId to read the canonical floor from
  the now-public BUILTIN_POLICY_COUNT getter.
• Refresh stale comments referencing the "floor" logic in storage tests.
• Extend PolicyRegistryFullLayoutTest to assert both sentinel
  slots are populated post-init.
• Add writeBuiltins.t.sol covering: explicit init, lazy init on
  first create, idempotence, sentinel slot encoding,
  policyAdmin reading zero from storage post-init, and the
  policyExists pre-init fast path.

Observable behavior

The output of the very first createPolicy is unchanged (still
counter == 2). The storage layout now matches the Rust impl
byte-for-byte: policies[0] and policies[ALWAYS_BLOCK_ID] carry
packed(address(0)) after the first create, instead of being empty.

Tests

446 passed / 0 failed (440 prior + 6 new).

[linear]

BOP-145