fix: use wallet-substituted account in returned spend permission

[Snowmanzx]

requestSpendPermission sends mutableData: { fields: ['message.account'] } so the wallet may replace the account (for example swapping an EOA for a smart wallet). It computes permissionHash from the wallet-returned signedData.message, but built the returned SpendPermission.permission from the original typedData.message.

When the wallet actually substitutes the account the two disagree: permissionHash is over the new account while permission.account still holds the original. Anything downstream that reads result.permission.account (display, storage, prepareSpendCallData, fetchPermissions) then sees the wrong address.

Carry the signed message through a variable and use it for both the hash and the returned permission. The eth_signTypedData_v4 branch has no substitution so it is unchanged.

Added a test where signedData.message.account differs from the request account and checks the returned permission matches the substituted message, not the original.

Closes #324

[cb-heimdall]

🟡 Heimdall Review Status

Requirement	Status	More Info
Reviews	🟡 0/1	Denominator calculation Show calculation 1 if user is bot 0 1 if user is external 0 2 if repo is sensitive 0 From .codeflow.yml 1 Additional review requirements Show calculation Max 0 0 From CODEOWNERS 0 Global minimum 0 Max 1 1 1 if commit is unverified 0 Sum 1

[albertoblue87-netizen]

Hecho