[Intermediate]: Add `setTransportSecurity()` and `isTransportSecurity()` methods to Client

[rwalworth]

🧩 Intermediate Friendly

This issue is a good fit for contributors who are already familiar with the Hiero Swift SDK and feel comfortable navigating the codebase.

Intermediate Issues often involve:

• Exploring existing implementations
• Understanding how different components work together
• Making thoughtful changes that follow established patterns

The goal is to support deeper problem-solving while keeping the task clear, focused, and enjoyable to work on.

🐞 Problem Description

The Client class currently has a _plaintextOnly flag that's set during initialization, but there's no public way to:

1. Query whether transport security (TLS) is enabled
2. Change the transport security setting after the client is created

Other Hiero SDKs (Java, Go, JavaScript, C++, Python) provide:

• setTransportSecurity(bool) - Enable or disable TLS
• isTransportSecurity() - Check current TLS status

This is useful for:

• Local development and testing against non-TLS endpoints
• Debugging connection issues
• Runtime configuration changes

Relevant files:

• Sources/Hiero/Client/Client.swift - Has _plaintextOnly flag
• Sources/Hiero/Client/ConsensusNetwork.swift - Creates gRPC channels
• Sources/Hiero/Client/MirrorNetwork.swift - Creates mirror gRPC channel
• Sources/Hiero/Client/HostAndPort.swift - Has transportSecurity() method

💡 Expected Outcome

Add transport security configuration methods:

1. isTransportSecurity() -> Bool - Returns true if TLS is enabled
2. setTransportSecurity(_ enabled: Bool) - Enable or disable TLS

The implementation should:

• The getter should return the inverse of _plaintextOnly (security = NOT plaintext)
• The setter needs to update the flag AND potentially recreate gRPC channels
• Handle the complexity of updating existing connections gracefully
• Match the behavior of other Hiero SDKs

🧠 Implementation Notes

Suggested approach:

This is more complex than other settings because gRPC channels may need to be recreated when the security setting changes.

Option A: Simple flag change (channels recreated on next use)

1. Make _plaintextOnly mutable (use ManagedAtomic<Bool>)
2. Add getter/setter that read/write the flag
3. Let existing channels continue until they fail or are replaced

Option B: Immediate channel recreation

1. Same as Option A
2. When setTransportSecurity() is called, trigger channel recreation
3. This requires coordination with ConsensusNetwork and MirrorNetwork

Getter implementation:

/// Returns `true` if transport security (TLS) is enabled for connections.
public func isTransportSecurity() -> Bool {
    !plaintextOnly
}

Setter considerations:

• The ConsensusNetwork and MirrorNetwork create channels with transport security settings
• Changing security mid-flight may require closing and recreating channels
• Look at how Python SDK handles this in Network.set_transport_security()

Key considerations:

• The HostAndPort.transportSecurity() method returns the appropriate GRPCChannelPool.Configuration.TransportSecurity
• When plaintextOnly is true, connections use .plaintext; otherwise .tls
• The forMirrorNetwork() factory already sets plaintextOnly: true
• Consider whether changing security should be a no-op if already in the desired state

Reference implementations:

• Java: Client.setTransportSecurity(boolean) - triggers network reconfiguration
• Python: Client.set_transport_security(enabled) - calls Network.set_transport_security()
• JavaScript: Client.setTransportSecurity(bool) - updates network

✅ Acceptance Criteria

To help get this change merged smoothly:

• isTransportSecurity() method returns current TLS status
• setTransportSecurity(bool) method changes TLS configuration
• Connections properly use TLS or plaintext based on setting
• Behavior matches other Hiero SDKs
• Follow existing project conventions
• Avoid breaking public APIs
• Include tests where appropriate
• Pass all CI checks

📋 Contribution Guide

To help your contribution go as smoothly as possible, we recommend following these steps:

• Comment /assign to request the issue
• Wait for assignment
• Fork the repository and create a branch
• Set up the project using the instructions in README.md
• Make the requested changes
• Sign each commit using -s -S
• Push your branch and open a pull request

Read Workflow Guide for step-by-step workflow guidance.
Read README.md for setup instructions.

❗ Pull requests cannot be merged without S and s signed commits.
See the Signing Guide.

📚 Additional Context or Resources

If you have questions, the community is happy to help:

https://discord.com/channels/905194001349627914/1337424839761465364

Useful files to review:

• Sources/Hiero/Client/HostAndPort.swift - transportSecurity() method
• Sources/Hiero/Client/NodeConnection.swift - Uses transport security
• Sources/Hiero/Client/MirrorNetwork.swift - Mirror channel creation
• Python SDK client.py and network.py - Reference for how channel recreation works