Add support for building transactions with a different signer to the source account

[leighmcculloch]

What

The CLI needs to support for adding a different signer to a transaction without the signer being the source account.

Why

The CLI today assumes that the signer of a transaction is the master key of the source account. This is fine for development and for simpler user key setups, but doesn't support slightly more complex setups or where people have their key stored on a hardware device.

Note that there are even more complex setups that might require signatures by multiple keys, or multiple parties and this issue isn't intended to address those more complex scenarios. Those scenarios will be address by the addition of the tx sign command in:

• Add a tx sign command #1490

How

Add a new option --sign-with-* that is supported anywhere that --source is supported.

When a --sign-with-* is not present, the --source is the signer.

When a --sign-with-* is present, the --source is not a signer, the signer is looked up separately and signs the transaction.

Initially this issue captures the need for --sign-with-key which can accept any of the key types currently passed to --source.

Examples

For example, today the CLI supports, and it would continue to support:

soroban contract deploy --wasm ... --source me

And for example, a user should be able to sign the tx with a different key than the source:

soroban contract deploy --wasm ... --source me --sign-with-key myotherkey

This change makes the first example in the issue above shorthand for:

soroban contract deploy --wasm ... --source me --sign-with-key me

[tomerweller]

What if the user doesn't want to sign with any key? they just want to go through the build->simulate flow and then take the tx XDR and sign elsewhere?

[leighmcculloch]

I think we should capture that in a separate issue. I'm hoping once #1180 gets broken up into two issues that the issue that comes out of that for skipping signing on any tx built will involve adding a --no-sign or --sign false.

[leighmcculloch]

@tomerweller A separate issue now captures supporting that scenario: #1265

[leighmcculloch]

After reading through #1490 I think we can probably keep this the same as tx sign and only ever sign by one device/key at a time, with more complex multi-signature flows using the tx sign command multiple times.

I'm updating this issue to remove the intent to make for multiple signers, but keeping the issue open because I think from a usability pov it's important we support signing with other devices natively on commands so that users can run commands like:

soroban contract deploy --wasm ... --source me --sign-with-key mykey

or

soroban contract deploy --wasm ... --source me --sign-with-wallet-kit

cc @janewang @Ifropc @willemneal @fnando

[Ifropc]

+1
Been thinking a bit more on it: if we keep --sign-with-* options on every command that currently sings, we can be consistent over commands with simple sign. For complex signing, user can pipe output to another sign command.
I think --source-account could be a bit confusing though (as it also signs). I think we should:

1. Use it as a source account always anyway.
2. Use it to auto-sign, unless --sign-with is passed
3. Add --no-sign flag that doesn't auto-sign with source account (as suggested in this issue)
   Thoughts?