encrypted get_state and set_state

[guyz]

This should overlay the existing implementation of CosmWasm as much as possible. The complexity lies with actually navigating between doing this inside of the enclave, and actually storing/fetching data that lives outside of the enclave (in the untrusted part of the validator).
We can make the following simplifying assumptions for encrypted state:

• keys are unencrypted - this allows searching in plaintext outside of the enclave. If someone wants to fully encrypt the state, they can have a single key that maps to a single encrypted dictionary
• Decrypting the existing state value with the previous tx_hash. Note: the unencrypted latest tx_hash (or whatever nonce we decide on) needs to be serialized and included with the stored value.

In set_state, need to do the opposite:

• Derive a new state encryption key using the master key and current tx_hash.
• Encrypt the data and serialize it, alongside the tx_hash
• Pass the unencrypted key in the key value store, alongside the encrypted bytes outside of the enclave for CosmWasm to store natively.