6.0 Explicit Genesis

• Whole new approach to group genesis: instead of inferring it from the TX, it will be explicitly declared as an input prefix that can use the same byte because it will be exclusive to input context.
• One more introspection opcode to access the genesis input's generated groupID preimage.
• Change group amount format from VarInt to fixed width uint.

Instead of inferring genesis from orphan outputs and allowing orphans only if the groupID matches the hash, we require the genesis to be declared on the inputs, conceptually similar to a coinbase input. A new introspection opcode is added to access the input's genesis preimage. Advantages:

• enables flexibility in deciding which input will be a genesis input
• enables flexibility in deciding which input's prevout will be committed to for later use in smart contracts
• enables better interaction with contracts requiring or verifying the genesis operation
• removes malleability from group genesis (outputs are signed, and orphans disallowed)
• more consistent with Bitcoin design (coinbase input)
• enables versioning the genesis preimage construction without having to spend scarce group type bits which will be reserved for potential "super-contract" optimizations in the future
• opens the path to a future upgrade where user-defined parts of the genesis TX could be appended to the preimage
• enables a dedicated genesis nonce field which simplifies grinding the group type, making the group type encoding time-space trade-off more convenient
• opens the path to synergies with detached proofs and signatures, where hash of the real unlocking script could be appended to the groupID preimage