feat: accept optional walletProvider to unblock third-party OPNet wallets

[bitbragi]

Closes #127.

Summary

TransactionFactory and MessageSigner currently auto-detect window.opnet.web3 as the sole browser signing provider. This blocks any third-party OPNet-compatible wallet (injected at other window globals, such as window.myscribe) from being used through the documented signer: null browser flow — even when the caller has explicitly connected a different wallet via @btc-vision/walletconnect.

This PR adds an optional walletProvider?: Web3Provider parameter to every public signing entry point. When provided, it is used directly instead of auto-detecting window.opnet.web3. When omitted, all methods fall through to the existing auto-detect path — preserving full backward compatibility.

Changes

src/transaction/TransactionFactory.ts

• New optional walletProvider?: Web3Provider parameter on the four public signing entry points:
  • createCancellableTransaction(params, walletProvider?)
  • signInteraction(params, walletProvider?)
  • signDeployment(params, walletProvider?)
  • createBTCTransfer(params, walletProvider?)
• The four private detect*OPWallet helpers now accept and use the same parameter.
• Introduced a private helper getDefaultBrowserWallet(): Web3Provider | null that wraps the existing window.opnet.web3 auto-detect logic. Replaces the four duplicated null-check blocks.

src/keypair/MessageSigner.ts

• Same parameter added to:
  • signMessageAuto(message, keypair?, walletProvider?)
  • tweakAndSignMessageAuto(message, keypair?, network?, walletProvider?)
  • signMLDSAMessageAuto(message, mldsaKeypair?, walletProvider?)
  • trySignSchnorrWithOPWallet(message, walletProvider?)
  • trySignMLDSAWithOPWallet(message, walletProvider?)
  • verifyMLDSAWithOPWallet(message, signature, walletProvider?)
  • getMLDSAPublicKeyFromOPWallet(walletProvider?)
• trySignSchnorrWithOPWallet: when an explicit Web3Provider is passed, it uses walletProvider.signSchnorr(messageHex) (part of the Web3Provider interface). The legacy auto-detect path continues to use OPWallet.signData(...), unchanged.

Not modified:

• signMessageECDSAAuto / trySignECDSAWithOPWallet — Web3Provider has no ECDSA method, so these remain OP_WALLET-only. Can be extended later if Web3Provider ever adds an ECDSA method.
• signConsolidatedInteraction — does not call any detect*OPWallet path; requires an explicit signer already.

Backward compatibility

• All existing callers continue to work unchanged. The new parameter is optional everywhere.
• When no walletProvider is passed, behavior is identical to today (auto-detect window.opnet.web3).
• No changes to return types, error messages remain semantically equivalent (slight wording tweak: "OP_WALLET is not available" → "no browser wallet is available for signing" — happy to revert if preferred).
• No changes to WindowWithWallets interface, the OPWallet type, or any exported public types.

Testing

• ✅ npm run build — clean, no ESLint or TypeScript errors
• ✅ npm run check:circular — no circular dependencies
• ✅ npm test — 838 tests pass, 6 skipped, 0 failed (verified no regressions)

How this unblocks multi-wallet OPNet dApps

With this change + the companion PR btc-vision/walletconnect#23, a dApp can route signing through the currently-connected wallet regardless of which OPNet-compatible wallet the user selected:

// dApp code using @btc-vision/walletconnect (after #23 lands)
const { walletInstance } = useWalletConnect();
const web3 = (walletInstance as any)?.web3 as Web3Provider | undefined;
// The cast goes away once @btc-vision/walletconnect exposes `web3` typed
// on the hook return — happy to follow up with that small PR after this lands.

const factory = new TransactionFactory();
const result = await factory.signDeployment(
    { ...params, signer: null, mldsaSigner: null },
    web3,  // routes to whichever wallet the user connected (or undefined → today's auto-detect)
);

If the dApp doesn't care about multi-wallet support, omitting the second argument preserves today's OP_WALLET auto-detect behavior exactly.

Documentation

A handful of documentation/**/*.md files reference window.opnet.web3 as the sole signing path. Happy to follow up with a docs PR once this API shape is locked in — kept it out of this diff to keep the change surgical and easy to review.

[bitbragi]

End-to-end testing setup is ready if helpful for review.

The dApp-side change is one line — passing walletInstance.web3 (the connected wallet's Web3Provider reference, as returned by useWalletConnect()) as the second argument to factory.signDeployment():

const { walletInstance } = useWalletConnect();
const web3 = (walletInstance as any)?.web3 as Web3Provider | undefined;
const result = await factory.signDeployment(
    { ...params, signer: null, mldsaSigner: null },
    web3,  // routes to the connected wallet instead of window.opnet auto-detect
);

(The cast goes away once @btc-vision/walletconnect exposes web3 typed on the hook — happy to open that follow-up PR too.)

Happy to stand up a public demo on testnet.myscribe.org or answer any questions about the API shape. If you'd prefer a different approach (constructor injection, a registry pattern, something else), just say the word — the implementation is small enough that redesign is cheap.

[bitbragi]

End-to-end demo is live at https://testnet.myscribe.org with this PR + companion fixes (walletconnect #23, walletconnect #25, and the matching opnet #158 which closes the same gap in CallResult.signTransaction).

Re-verified end-to-end on rebuilt testnet (commit 5f6ae71, 2026-04-26) with OP_WALLET + MyScribe installed side-by-side:

MyScribe connected (mswallet_test_1):

• Deploy: https://opscan.org/transactions/f3f0eba6201320b45688e6fddb0ccd30d1bcf03ae9b3a63696a24adcb30e4628?network=op_testnet
• Register: https://opscan.org/transactions/702bc90a0372d1ca76d7d0792c0d43c8199628bc8f585212261c301f28b016f1?network=op_testnet

OP_WALLET connected (opwallet_test_1):

• Deploy: https://opscan.org/transactions/86d784c978102610563b966189a1825d5055b73d377cb9d21e842a67590b13be?network=op_testnet
• Register: https://opscan.org/transactions/3a0af55cfd3e21764b59ff26aedcd2954beafecdb6f7e415ef2c39ad58d72fa9?network=op_testnet

No cross-wallet interception in either direction. All four txs signed via the correct wallet's extension popup.