Add contract codehash verification to `Add exisiting contract`

Currently it is possible to imperceptibly forge contract, i.e. add existing contract with `codeHash` other than that one specified in ABI 


## Context
We have two contracts: 

1. normal *candle_ok.contract* ([src](https://github.com/agryaznov/candle-auction-ink/blob/v0.2.3/src/lib.rs))
2. malicious modified *candle_mal.contract* ([src](https://github.com/agryaznov/candle-auction-ink/commit/d840120b12ba687c6b5af3be87935e1c0d1cc4f5)) 

*(both contract builds [are attached](https://github.com/polkadot-js/apps/files/7726758/contracts.tar.gz) to this issue)*

## Steps to reproduce:
1. Upload & Instantiate malicious contract
2. (*better in other browser session*) Click on `Add existing contract`, upload ABI of normal contract, but specify the address of the malicious contract instance

**Preferred behavior**:  
Compare the `codeHash` of contract at specified address with the one specified in ABI, and since it differs, return an error 

**Actual behavior**:  
UI shows everything is fine 

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add contract codehash verification to `Add exisiting contract` #6692

Context

Steps to reproduce:

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add contract codehash verification to Add exisiting contract #6692

Description

Context

Steps to reproduce:

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

Add contract codehash verification to `Add exisiting contract` #6692