feat: support custom app secret in the `setup()` call + EVM signTypedData fixes

[refi93]

Motivation: We'd like to be able to use the setup method with the same flow that Metamask/Rabby wallets do (i.e. redirection through lattice connector which takes care of the pairing instead of custom logic within the wallet app) and for that we need to create the same app secret which is however not the case for the implementation of the setup() method (notice the different order of parameters passed to the hashing function which generates the app secret) :

Metamask/Rabby app secret: https://github.com/GridPlus/eth-lattice-keyring/blob/c22352bd35c895d25700f19d50ff932d680ec66a/index.js#L683-L686

gridplus-sdk setup implementation: https://github.com/GridPlus/gridplus-sdk/blob/68a8242fc55451fd61af9438ba7ddefdff4dba1a/src/util.ts#L666-L670

This PR solves our problem by exposing an optional appSecret parameter which allows to override the default appSecret generated in the setup() call

additionally, this PR addresses an issue we came across with bignumber.js being possibly encoded correctly, which happened if package manager chose to supply a different version of bignumber.js to gridplus-sdk vs the borc lib which is internally used to encode payloads. This should be prevented by making sure the version of bignumber.js required by gridplus-sdk matches exactly the one required by borc