Update `pick_variable` with a dedicated branch for affine types.
Unlike data variables which use a probabilistic 75/15/10 strategy,
affine types use deterministic tip-tracking.

Update `Program::validate()` to enforce the single-use nature
of affine state variables, preventing mutators from generating
impossible state-machine sequences.

Add a validation rule:

An affine variable cannot be consumed as an input more than once.
This prevents mutators from reusing old state variables to bypass
protocol ordering.

Affine variables carry no data and act purely as state tokens,
so swapping them yields no practical fuzzing value.

While at it, add a test to verify the change.

Introduce a dedicated `OpenChannelMessage` variable, separating
it from the generic `Message` type. This strongly types the output
of `BuildOpenChannel`, and is used as an input to `SendOpenChannel`
in a subsequent commit.

This prevents `InputSwapMutator` from swapping it with a different
message type, possibly causing a timeout.

Introduce the strict topological link for channel initialization.

- Add `SendOpenChannel` operation: Consumes a composed
  `OpenChannelMessage` and outputs a `SentOpenChannel` affine
  variable.

- Modify `RecvAcceptChannel`: Now requires `SentOpenChannel` as an
  input, enforcing that the fuzzer cannot wait for an
  `accept_channel` unless it actually opened a channel first.

- Update unit tests to accommodate the new input requirements for
  `RecvAcceptChannel`.

Update `OpenChannelGenerator` to utilize the newly introduced
strict topological operations:

1. Replace `SendMessage` with `SendOpenChannel`, which consumes
   the `Message` payload and outputs a `SentOpenChannel`.

2. Update `RecvAcceptChannel` to consume the `SentOpenChannel`.

3. Update tests to accommodate the non-void output of
   `SendOpenChannel`.

Add tests to verify the data-flow rules introduced for
state tracking.