Check for correct contract when importing proxy implementation

[ericglau]

Currently the forceImport function does not check whether the user provided contract source code matches with the contract deployed at the implementation address.

Perform some checks when importing (perhaps in a separate function which does not "force" the import). This can include trying to compare the metadata hash, and if that fails, falling back to contract bytecode comparison (which does not work for cases where immutable variables or constructors are used).

[frangio]

The key part here is the metadata hash as it enables us to check even in the presence of immutable variables. See Contract Metadata.