feat(midnight-sdk): ratify Ecrecover trees with client signing

[Rubilmax]

Summary

• Update EcrecoverRatifierUtils.ratify/sign to accept a viem Client plus explicit account for local Ecrecover signing.
• Derive the EIP-712 domain chain id from client.chain.id; callers no longer pass chainId to ratify.
• Support delegated signer accounts and mixed-maker trees, while still rejecting mixed-ratifier trees.
• Verify the returned signature via viem verifyTypedData without wrapping viem/noble errors in an SDK-specific error.
• Update README/TIB docs, tests, errors, and changeset language.

Protocol Check

• Confirmed morpho-org/midnight EcrecoverRatifier accepts _signer == offer.maker || IMidnight(MIDNIGHT).isAuthorized(offer.maker, _signer).
• Checked local viem source: utility verifyTypedData returns isAddressEqual(getAddress(address), await recoverTypedDataAddress(...)); malformed signatures throw from the underlying recovery path.

Validation

• pnpm --filter @morpho-org/midnight-sdk build
• pnpm --filter @morpho-org/midnight-sdk test
• pnpm exec biome check packages/midnight-sdk/src/signatures/EcrecoverRatifierUtils.ts packages/midnight-sdk/src/signatures/EcrecoverRatifierUtils.test.ts packages/midnight-sdk/src/errors.ts .changeset/add-midnight-sdk.md

[devin-ai-integration]

✅ Devin Review: No Issues Found

Devin Review analyzed this PR and found no bugs or issues to report.

[yum0e]

One compatibility caveat with router/onchain behavior: the new walletClient convenience path only supports direct maker signing, while router/onchain Ecrecover also supports delegated signers authorized by the maker.

In this PR, sign({ tree, walletClient }) rejects walletClient.account !== tree.offers[0].maker and verifies the returned signature against maker, so an authorized delegate wallet cannot use:

await EcrecoverRatifierUtils.ratify({ tree, walletClient: delegateWallet });

Delegated signing is still possible through the precomputed-signature path:

const typedData = EcrecoverRatifierUtils.typedData({ tree, chainId });
const signature = await delegateWallet.signTypedData({
  account: delegateAccount,
  ...typedData,
});
const items = await EcrecoverRatifierUtils.ratify({ tree, signature });

Could we document that distinction explicitly (or rename the error/docs to say this wallet-client overload is maker-only)? Otherwise SDK users may think delegated signing is unsupported, even though it remains compatible with router/onchain when using the manual signature path.