feat(wallet): add keycard support for public accounts for public/privacy txs for program facades

[jonesmarvin8]

🎯 Purpose

Integration for Keycard. Add supports for shielded transactions for auth-transfers as well as public/shielded transactions for token program and amm. Additionally, adds a subcommand to Keycard to get private account secret keys from Keycard (demonstration that this feature can be used later).

⚙️ Approach

• Add python function, Rust wrapper and appropriate command for querying private account secret keys.
• Add logic (similar to auth-transfer) to support Keycard usage for public accounts for AMM, ATA and Token Program.

Updated:

• Use SigningGroup to support mixture of local/keycard accounts.
• Abstract privacy transactions with send_privacy_preserving_tx_with_pre_check and send_privacy_preserving_tx.
• Private account secret keys can be retrieved; this is locked behind keycard-debug feature.

🧪 How to Test

Disclaimer: Keycard must be setup following these directions.

All previous tests should work. Additionally, keycard can be tested manually using the files keycard_tests_1.sh, keycard_tests_2.sh and keycard_test_3.sh.

For convenience, I have made additional test files keycard_tests_2_1.sh (Token), keycard_tests_2_2.sh (AMM) and keycard_tests_2_3.sh (ATA). These files consist of all of the same tests and key paths from keycard_tests_2.sh. These separate files may be easier to run in case of hardware issues with keycard. Each file must be ran consecutively as accounts used in keycard_tests_2_3.sh may have been initialized in keycard_tests_2_1.sh.

🔗 Dependencies

Builds off of PR 451

🔜 Future Work

Potentially, add logic to use Keycard for deshielded and private accounts. This is deferred till wallet logic is cleaned up as discussed on discord.

📋 PR Completion Checklist

Mark only completed items. A complete PR should have all boxes ticked.

• Complete PR description
• Implement the core functionality
• Add/update tests
• Add/update documentation and inline comments

[jonesmarvin8]

(keycard_wallet.py) This one didn't move this round. DEFAULT_PAIRING_PASSWORD is still a hardcoded module-level string used as the default in setup_communication, so any wallet (or card this wrapper has touched) can pair without a secret and PIN becomes the only moat. Easiest fix: drop the default and read from KEYCARD_PAIRING_PASSWORD env or a prompt, same shape as --pin now. Fine to defer.

[jonesmarvin8]

• (keycard_wallet/src/lib.rs) Still hitting the wedge I flagged earlier: card lands in 0x80100067 ("unpowered") after ~8 wallet ops in a row and only recovers on physical reseat. connect() has no retry/reconnect path, every error from setup_communication_with_pairing or setup_communication propagates straight up. A small reset-and-retry-once on a transport error here would smooth the test/dev loop a lot. Fine as a follow-up if you'd rather merge first.

I wasn't able to generate the unpowered issue locally. I added branching logic in case this is detected, and a test file keycard_wallet/tests/keycard_power_recovery_tests.sh that forces unpowered states.

[jonesmarvin8]

expect tautology issues (cli/keycard.rs)