Enforce and user guards as read-only

[jmcardon]

cc @CryptoPascal31

Implements KIP 0027, and loosens the restriction that enforce should be sys-only as well. This was probably the for FV's sake, but considering we need to revamp FV as well, I think it makes sense to loosen this restriction.

It also adds regression tests for this behaviour as well.

As a bit of historical background note: pact did not used to always have runtime recursion checking, but now that we do, I think it's probably fair to consider this as a straight enhancement. We are still not vulnerable to any sort of reentrant attacks due to the mode being set to read-only.

PR checklist:

• Test coverage for the proposed changes
• PR description contains example output from repl interaction or a snippet from unit test output
• (If Relevant) Documentation has been (manually) updated at https://docs.kadena.io/pact

Additionally, please justify why you should or should not do the following:

• Benchmark regressions
• Confirm replay/back compat (Ignore until core release)
• (For Kadena engineers) Run integration-tests against a Chainweb built with this version of Pact (Ignore until core release)

[CryptoPascal31]

Ty