🪲squads multisig set send receive libs

[ryandgoulding]

This change does the following:

• removes actual unused methods in oft-devtools-solana. They were actual dead code.
• changes protocol-devtools-solana to rely on @layerzerolabs/oft-v2-solana-sdk. This may seem non-intuitive, but the existing solita setSendLibrary(...) is broken. Essentially, it would always fail in a squads multisig use case as the provided signer would fail to be Authorized (it wasn't the oapp, nor the delegate). The updated implementation carefully takes care of this bug.
• bumps protocol-devtools-solana to target es2020, required to use BigInt nomenclature 0n.
• Changes ua-devtools-solana to use the appropriate delegate or admin, depending on the access control requirements. This is something that has been broken since day one.

All of this was tested thoroughly on mainnet:

• Optimism gnosis safe: https://app.safe.global/transactions/queue?safe=oeth:0xb9fe286eFC3dd86e46dc33fE0966E96f7Dfa3d43
• Solana squads safe: https://app.squads.so/squads/ET1xBw5JBwpyJVWZFoGYXwjPh1bxFn4XNTBEfKCMQdqR/transactions

First, optimism was added. Then, arbitrum:

https://layerzeroscan.com/address/3CS8Q4k4TcCHn1E6cYvBD6HTAgDFg29zqdyaA7ih2jpW

[socket-security]

New dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@layerzerolabs/oft-v2-solana-sdk@3.0.38	Transitive: environment, eval, filesystem, network, shell, unsafe	+232	88.6 MB	layerzero-bot

View full report↗︎

[socket-security]

🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎

To accept the risk, merge this PR and you will not be notified again.

Alert	Package	Note	Source	CI
Unpopular package	npm/@layerzerolabs/lz-serdes@3.0.38	Location: Package overview	packages/protocol-devtools-solana/package.json pnpm-lock.yaml	⚠︎
Unpopular package	npm/@initia/initia.js@0.2.24	Location: Package overview	packages/protocol-devtools-solana/package.json pnpm-lock.yaml	⚠︎

View full report↗︎

Next steps

What are unpopular packages?

This package is not very popular.

Unpopular packages may have less maintenance and contain other problems.

Take a deeper look at the dependency

Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev.

Remove the package

If you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency.

Mark a package as acceptable risk

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of ecosystem/package-name@version specifiers. e.g. @SocketSecurity ignore npm/foo@1.0.0 or ignore all packages with @SocketSecurity ignore-all

• @SocketSecurity ignore npm/@layerzerolabs/lz-serdes@3.0.38
• @SocketSecurity ignore npm/@initia/initia.js@0.2.24

[ravinagill15]

LGTM 🚀