Authenticate Bolt12Invoice using OfferContext

When a Bolt12Invoice is handled with an OfferContext, use the
containing payment_id to verify that it is for a pending outbound
payment. Only invoices for refunds without any blinded paths can be
verified without an OfferContext.

Author: jkczyz

lightning/src/ln/channelmanager.rs

@@ -10804,8 +10804,20 @@ where
 				}
 			},
 			OffersMessage::Invoice(invoice) => {
+				let expected_payment_id = match context {
+					OffersContext::Unknown {} if invoice.is_for_refund_without_paths() => None,
+					OffersContext::OutboundPayment { payment_id } => Some(payment_id),
+					_ => return ResponseInstruction::NoResponse,
+				};
+
 				let result = match invoice.verify(expanded_key, secp_ctx) {
 					Ok(payment_id) => {
+						if let Some(expected_payment_id) = expected_payment_id {
+							if payment_id != expected_payment_id {
+								return ResponseInstruction::NoResponse;
+							}
+						}
+
 						let features = self.bolt12_invoice_features();
 						if invoice.invoice_features().requires_unknown_bits_from(&features) {
 							Err(InvoiceError::from(Bolt12SemanticError::UnknownRequiredFeatures))

lightning/src/offers/invoice.rs

@@ -787,6 +787,13 @@ impl Bolt12Invoice {
 		(payer_tlv_stream, offer_tlv_stream, invoice_request_tlv_stream, invoice_tlv_stream,
 		 signature_tlv_stream)
 	}
+
+	pub(crate) fn is_for_refund_without_paths(&self) -> bool {
+		match self.contents {
+			InvoiceContents::ForOffer { .. } => false,
+			InvoiceContents::ForRefund { .. } => self.message_paths().is_empty(),
+		}
+	}
 }
 
 impl PartialEq for Bolt12Invoice {