SPIKE: Add ability to verify XDR's on mobile

[piyalbasu]

Consider a scenario where a user has malware on their computer that compromises their hardware wallet. If they go to sign a transaction in Freighter with their hardware wallet, the signed XDR that comes back from the wallet may not be what the user expects. The user is blindly trusting their hw wallet to give them back the correct XDR to send on to the network. In our send/swap flows, we do show the user the XDR with signatures before sending, but we don't provide a way for user's to verify it.

One idea is to verify the XDR with a mobile device. What are options for doing this?

• How can we leverage Freighter mobile as a way to view/verify XDR's quickly?
• What do we need to build in Freighter extension/web to share the XDR to a mobile device?
• What do we need to build in Freighter mobile in order to parse this data for the user?

Further context:
https://stellarfoundation.slack.com/archives/C03347FNAHK/p1729622611848269
https://medium.com/@RadiantCapital/radiant-post-mortem-fecd6cd38081

[MonsieurNicolas]

I think what we are probably more worried about in this context is to have the front end component of the signing flow to be compromised. In this specific case the mobile device running freighter