fix(asset-ft): validate full extension transfer cost against spendable balance

[metalarm10]

Closes: https://app.clickup.com/t/868jpxvyf

Description

On the asset/ft extension transfer path, the spendable check validated only the bare send amount, but the sender is actually debited amount + commission + burn. When freezing is enabled, that surcharge gap is silently drawn from the holder's frozen balance (the raw bank keeper has no frozen-store awareness) - draining compliance-locked tokens, leaving balance < frozen, and bricking the account.

Trigger: token has freezing + extension, burn and/or commission rate > 0, admin froze part of the holder's balance, holder is not the admin.

Attack flow:
holder sends exactly their unfrozen quota → spendable check passes on the bare amount → extension is debited amount+commission+burn via raw bank → the commission+burn portion comes out of frozen funds → balance < frozen, freeze defeated

Fix

On the extension path, validate spendability against the full debit (amount + commission + burn) instead of the bare amount. The non-extension path is unchanged - it already pre-debits commission and burn before validation, so its bare-amount check is correct.

Test

• Unit (x/asset/ft/keeper): with a wasm extension contract and 0.5 burn / 0.5 commission, an over-debit transfer into frozen funds is rejected, the frozen reserve stays intact, and a within-budget transfer still succeeds.
• Integration (integration-tests/modules): same scenario end-to-end on znet.

Both fail without the fix (the over-debit succeeds and drains the frozen reserve) and pass with it.

Reviewers checklist:

• Try to write more meaningful comments with clear actions to be taken.
• Nit-picking should be unblocking. Focus on core issues.

Authors checklist

• Provide a concise and meaningful description
• Review the code yourself first, before making the PR.
• Annotate your PR in places that require explanation.
• Think and try to split the PR to smaller PR if it is big.

---

This change is