Validate cosigner_commitments on configure #102
Description
/configure accepts auth.cosigner_commitments from the client and only verifies that the signer’s pubkey exists in the account state. The full list isn’t validated against the actual account storage, so incorrect or malicious auth config could be stored.
When configuring an account, extract signer commitments from initial_state and ensure they match auth.cosigner_commitments (same set/order as expected), otherwise reject