Add Protocol 27 (CAP-71) Soroban authorization support

[christian-rogobete]

Adds Protocol 27 (CAP-71) support: the new Soroban authorization credential types and delegated account authorization. All additions are additive and opt-in; the legacy SOROBAN_CREDENTIALS_ADDRESS credential remains the default and fully valid.

XDR

• New ADDRESS_V2 and ADDRESS_WITH_DELEGATES arms on SorobanCredentials, the recursive SorobanDelegateSignature, and SorobanAddressCredentialsWithDelegates.
• The address-bound ENVELOPE_TYPE_SOROBAN_AUTHORIZATION_WITH_ADDRESS preimage, which binds the signature payload to the top-level credential address.

Authorization

• SorobanCredentials.forAddressV2, SorobanCredentials.forAddressWithDelegates, and the innerAddressCredentials getter for arm-agnostic access to the inner credentials.
• SorobanAuthorizationEntry.withDelegates builder, SorobanDelegateDescriptor, and SorobanAuthorizationEntry.buildPreimage. Delegate arrays are sorted by XDR-encoded address bytes and within-array duplicates are rejected.
• SorobanAuthorizationEntry.sign gains a forAddress parameter that routes a signature into matching top-level or delegate nodes.
• signAuthEntries and needsNonInvokerSigningBy handle all credential arms; needsNonInvokerSigningBy reports every unsigned delegate node, and a delegates-only entry passes the send precheck with a void top-level signature.
• SEP-45 signing accepts all three credential arms transparently.

Hardening

• Recursive XDR decode is bounded (depth 128) to prevent stack exhaustion from a hostile, deeply nested delegate tree, with matching caps on the tree-walk helpers.

Defaults and protocol gating

• The legacy ADDRESS arm remains the default and stays valid on all protocol versions; the new arms are opt-in and only valid on Protocol 27+.

Source compatibility

• All additions are additive; existing code continues to compile. SorobanCredentials, XdrSorobanCredentialsType, XdrEnvelopeType, and XdrHashIDPreimage gain new cases, so code that branches on the credential arm should add handling for them.

[codecov]

Codecov Report

❌ Patch coverage is 93.46505% with 43 lines in your changes missing coverage. Please review.
✅ Project coverage is 90.03%. Comparing base (b44e138) to head (f926886).

Files with missing lines	Patch %	Lines
...src/smartaccount/oz/oz_transaction_operations.dart	27.58%	21 Missing ⚠️
lib/src/soroban/soroban_client.dart	92.15%	8 Missing ⚠️
...b/src/smartaccount/oz/oz_multi_signer_manager.dart	83.78%	6 Missing ⚠️
lib/src/smartaccount/oz/oz_smart_account_auth.dart	91.22%	5 Missing ⚠️
lib/src/soroban/soroban_auth.dart	98.65%	3 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #150      +/-   ##
==========================================
+ Coverage   89.42%   90.03%   +0.60%     
==========================================
  Files         662      665       +3     
  Lines       33301    33825     +524     
==========================================
+ Hits        29780    30453     +673     
+ Misses       3521     3372     -149     

Files with missing lines	Coverage Δ
lib/src/sep/0045/webauth_for_contracts.dart	85.18% <100.00%> (+36.15%)	⬆️
lib/src/soroban/soroban_server.dart	82.39% <100.00%> (+0.75%)	⬆️
lib/src/xdr/xdr_data_io.dart	93.87% <100.00%> (+0.22%)	⬆️
lib/src/xdr/xdr_envelope_type.dart	86.56% <100.00%> (+0.62%)	⬆️
lib/src/xdr/xdr_hash_id_preimage.dart	95.23% <100.00%> (+0.89%)	⬆️
...d_preimage_soroban_authorization_with_address.dart	100.00% <100.00%> (ø)
...dr_soroban_address_credentials_with_delegates.dart	100.00% <100.00%> (ø)
lib/src/xdr/xdr_soroban_credentials.dart	100.00% <100.00%> (ø)
lib/src/xdr/xdr_soroban_credentials_base.dart	98.61% <100.00%> (+0.88%)	⬆️
lib/src/xdr/xdr_soroban_credentials_type.dart	78.72% <100.00%> (+5.55%)	⬆️
... and 6 more

... and 1 file with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.