fix: throw instead of return in sendRequestToSubAccountSigner and harden spend-permission production guard

[erhnysr]

Fixes #326. Fixes #325.

Changes

1. sendRequestToSubAccountSigner: return → throw (#326)

Signer.ts:795 used return standardErrors.provider.unauthorized() inside a catch block. Since standardErrors.provider.unauthorized() is a factory that returns an EthereumProviderError object, the async function's Promise resolved successfully with the error object as its value instead of rejecting. The caller's catch block never fired, so the error was silently swallowed and returned to the dApp as if it were a valid RPC result.

Changed to throw so the Promise rejects and the caller handles the error correctly.

2. createSpendPermissionTypedDataWithSeconds: console.warn → throw (#325)

The production guard in utils.ts:126 used console.warn, which is invisible in production logging pipelines and does not prevent the function from returning valid typed data. A developer who accidentally ships a call to this test-only function in production receives a fully-formed SpendPermissionTypedData that can be signed and submitted on-chain.

Changed to throw new Error() so production callers fail fast and loudly.

[cb-heimdall]

🟡 Heimdall Review Status

Requirement	Status	More Info
Reviews	🟡 0/1	Denominator calculation Show calculation 1 if user is bot 0 1 if user is external 0 2 if repo is sensitive 0 From .codeflow.yml 1 Additional review requirements Show calculation Max 0 0 From CODEOWNERS 0 Global minimum 0 Max 1 1 1 if commit is unverified 0 Sum 1