Shouldn't `Bolt12Offer/RefundContext` be HMAC'd?

[TheBlueMatt]

Anyone can create a blinded path to us with whatever data they want in it, including the Bolt12OfferContext. While they have to have a payment_secret that matches the amount we expected to receive, this may be extracted from a BOLT 11 invoice. Then someone can forge a payment for an OfferId even if it doesn't match the amount we expected for that offer.

[jkczyz]

Yeah, while it's primarily informational, we would generate forged PaymentClaimable and PaymentClaimable events. We'll need to HMAC InvoiceRequestFields in addition to the OfferId.

For Bolt12RefundContext, I suppose we'll need to include the invoice's payment_hash so that it can be used in the HMAC? We don't have a RefundId -- they didn't create the Refund in this case anyway -- but we do return a PaymentHash to the user when creating a Bolt12Invoice for the Refund.

[TheBlueMatt]

Yea, including the payment_hash (and/or maybe payment_secret?) makes sense, I think.