TODO - our view etc functions don't have our shared key, find a good way
to get this. A possible solution is just to lazily store it so that we
don't need to call lnd/create a session every time we want to restore
it.
This commit fixes a possible exploit by the loop server, where
- in a loop out - the server could claim money off-chain, without
publishing an on-chain swap htlc.
The server could do this by responding with a regular invoice, whose hash
is different than the hash in the NewLoopOutSwap request. To prevent
the exploit, we validate that the hash of the swap invoice is equal to the
hash the client generated.
This commit fixes the generation of the htlc address. This bug didn't
affect the swap execution, because the htlc address is only used for
display to the user/caller.