L2: AgentEscrow access control formal review + Foundry tests

[JirA44]

Fixes #63

Closes #63

[abhicris]

Welcome to kcolbchain, @JirA44 — glad you're here. 🌱

Here's what happens from this PR:

1. Our automated review looks for obvious issues (tests, secrets, size) within a couple of hours.
2. If it's clean and CI passes, we merge without back-and-forth.
3. If we need changes, we'll leave a specific comment — not a generic nit. Push another commit and we re-review.

While you wait:

• Run the repo's tests locally (see the repo README.md).
• Keep the PR scoped to one concern — bigger PRs land slower.
• Don't commit tokens or .env contents.

What happens after your first merge

• You're listed on https://kcolbchain.com/contributors/ (opt-out anytime via data/contributors-optout.txt).
• At 2+ merged PRs you're a Regular; at 5+ you're a Fellow — Fellows are the pool we invite first for paid research, partner-org gigs, and grant-funded work. Details: https://kcolbchain.com/docs/org-contribution-policy.html
• Looking for what to pick up next? https://kcolbchain.com/invitations/ lists open help-wanted / good-first-issue across every kcolbchain repo.

Thanks for writing the code. We're building this to last.