Reject sign exact solana tx in sign msg request

[0xh3rman]

Summary

• Reject Solana signMessage payloads that decode as serialized transactions or bare transaction messages.
• Route Gemstone Base58 message signing through SolanaChainSigner so WalletConnect Solana message signing uses the same guard.
• Keep transaction payload detection internal to gem_solana instead of expanding the public API surface.

Root Cause

Solana signMessage could receive bytes that are actually a transaction or transaction message. Signing those bytes through the message path can produce a signature suitable for transaction signing, so the signer now rejects those payloads and points callers to signTransaction.

Validation

• cargo check -p gemstone
• just format
• cargo clippy -p gem_solana --features signer -- -D warnings
• cargo clippy -p gemstone -- -D warnings
• just test gem_solana
• just test gemstone

[gemini-code-assist]

Code Review

This pull request introduces a safeguard in the Solana signer to prevent signing serialized transactions through the sign_message interface, ensuring stricter validation via new is_transaction_bytes and try_decode_transaction_bytes functions. It also refactors the MessageSigner to utilize GemChainSigner for Base58 signing. Feedback was provided regarding a security risk where calling .to_vec() on private keys creates non-zeroized copies in memory, potentially exposing sensitive data.