fix: address review feedback on snapshot-isolation docs (#1083)

- Use anvil_snapshot/anvil_revert RPC methods instead of vm.snapshot()/vm.revertTo()
- Remove incorrect claim about top-level lm_eth_after reflecting worst-case attack

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

evidence/README.md

@@ -274,10 +274,10 @@ state, rather than against a cumulative balance modified by prior attacks.
 **How it works:**
 
 1. Before the first attack, the test runner records the initial `lm_eth_before`
-   value and takes an Anvil snapshot via `vm.snapshot()`.
+   value and takes an Anvil snapshot via the `anvil_snapshot` RPC method.
 2. Each attack executes against this snapshot: run the attack, measure
    `lm_eth_after`, compute `delta_bps`, then revert to the snapshot via
-   `vm.revertTo()`.
+   the `anvil_revert` RPC method.
 3. The next attack begins from the exact same chain state as the previous one.
 
 **Field semantics under snapshot isolation:**
@@ -294,8 +294,6 @@ state, rather than against a cumulative balance modified by prior attacks.
   cumulative historical balance. Each attack sees the same starting ETH.
 - Attack results are independent and order-insensitive — reordering attacks does
   not change any individual `delta_bps` value.
-- The top-level `lm_eth_after` and `eth_extracted` fields reflect the
-  worst-case single attack, not a sum of all attacks.
 
 ---