Check if key is part of multisig before signing

[ebuchman]

This is ultimately an issue for the SDK but maybe there's something we can do in the meantime in multisig: cosmos/cosmos-sdk#12328

[andynog]

possibly use the keys show [multisig address] cli command and parse it

[oldremez]

I have a little concern regarding using the keys show command. The thing is that if the keyring (or several of its elements) is password-protected (which might be a case for at least some users), even reading information about multisig might require password typing. Requiring typing passwords more times than it really necessary just for additional checks can bother users.
My proposal is to try getting data on-chain (via query account [multisig address]) by default. For multisig accounts this command returns the list of pubkeys so one can check if a specific address belongs to multisig.
Pros:

1. Doesn't require keyring access
2. Reliable way of getting data

Cons:

1. Requires having an access to an RPC
2. Requires multisig to have at least one transaction

So, my idea is that multisig tool can try to access data from the chain and if it fails (because of lack of RPC access or present transactions) then use data from the keyring.