Don't use sig_hash for select signing subgroup

[jakehemmerle]

Using the message-to-be-signed hash as the source of entropy to use for randomly selecting a signing group is unsafe, as a user can intentionally overwhelm a specific subset of validators.

[ameba23]

Would it be an improvement if we used create_unique_tx_id - meaning both the signature request id and the message hash?

I'm not sure it really helps as essentially the user can still try a bunch of messages until they get particular validators.

For registering, we use the current block number to choose validators for DKG, which you could also argue allows an attack like this, although you only get so much time to send requests.

We could also include that here, (eg: message hash + block number + account id), but then you get into problems when a request is sent just as a block is published.

I think the simplest solution would be that sign_tx responds with an error when we already have a certain number of pending Listeners from this signature request account (by checking keys of ListenerState).

[HCastano]

This is going to be dealt with was part of the message passing flow in #1033.