e2e: add outbound and inbound probing to geoprobe E2E test

[ben-dz]

Summary of Changes

• Extend TestE2E_GeoprobeDiscovery to verify the full geoprobe pipeline beyond DZD→agent discovery: outbound offset forwarding to a target (agent → target with signature chain), and inbound signed TWAMP probing (target-sender → agent with DZD offset embedding in replies), using CLI flags for probe identification.
• Build geoprobe-target and geoprobe-target-sender binaries into the geoprobe Docker image so the test can run both processes
• Refactor startGeoprobeAgent to externalize keypair generation (new generateKeypair helper) and accept allowedPubkeys for inbound probe authorization

Diff Breakdown

Category	Files	Lines (+/-)	Net
Tests	1	+259 / -15	+244
Config/build	2	+12 / -0	+12
Docs	1	+1 / -0	+1

Test-only change with supporting Docker image build steps.

Key files (click to expand)

• e2e/geoprobe_test.go — add target container setup, inbound probing flow (target-sender → agent), generateKeypair/runTargetSender/waitForInboundProbeSuccess helpers, refactor startGeoprobeAgent to accept keypair path and allowedPubkeys
• e2e/docker/base.dockerfile — build doublezero-geoprobe-target and doublezero-geoprobe-target-sender binaries
• e2e/docker/geoprobe/Dockerfile — copy target and target-sender binaries into geoprobe image

Testing Verification

• TestE2E_GeoprobeDiscovery passes end-to-end (204.91s), exercising: onchain probe creation → DZD discovery → TWAMP measurement → offset delivery → outbound composite offset to target with valid signature chain → inbound signed TWAMP probes with DZD offsets embedded in replies
• Outbound assertion: target log contains received LocationOffset with signature_valid=true
• Inbound assertion: target-sender JSON log contains a probe pair with reply1_sig_valid:true and at least one offset with sig_valid:true