Use `Signer` trait for server-side signing

[takasaki404]

Describe the feature

Problem

Server-side Tempo signing (close_signer in SessionMethod, fee_payer_signer in ChargeMethod) is hardcoded to alloy::signers::local::PrivateKeySigner. This forces operators to supply raw private keys directly, which is unacceptable for production deployments that use KMS (AWS KMS, GCP Cloud KMS), HSMs, or other managed signing infrastructure. For example, our own project uses MPC Vault.

Why the current implementation is insufficient

PrivateKeySigner is a concrete local signer — it holds an in-memory secret key. Every builder method, struct field, and internal call site is typed against it, making it impossible to plug in any alternative signer without forking the crate. The synchronous sign_hash_sync calls further restrict compatibility, since most KMS-backed signers are inherently async.

Additional context

Proposed solution: #159