Add support for Zero Amount Invoices

[louneskmt]

This PR add support for Zero Amount Invoices like invoices from Tippin.me.

Resolves https://github.com/getumbrel/umbrel-lightning/issues/12

@mayankchhabra @lukechilds I was not able to reproduce the strange "timeout" issue since the update to v0.2.12, but I don't know if it has something to do with it.

[meeDamian]

I've been a huge proponent of zero-amount invoices, unfortunately there exists a fundamental problem with them (especially for nodes that are known to accept donations) namely: since the recipient doesn't know the amount, an intermediate node is able to replace the payment with their own that uses the same payment hash, but pays out much less. Then, as the preimage is revealed from the recipient, payment can be claimed from the payer, and the intermediate node is able to pocket the difference.

While I don't think that vulnerability is currently exploited in the wild, it's perhaps better to go the --keysend path, which is immune to this attack, and already quite widely supported by wallets.

Alternatively, a warning would probably be in order.

edit: a more detailed write-up: https://ottosuess.github.io/zero-amount-payments.html

[louneskmt]

Thanks for your report @meeDamian (and very sorry for the late reply, it completely got out of my mind). We talked about it with @mayankchhabra @lukechilds, and it appears that there is not yet known cases of this vulnerability being exploited. It has been decided to include this feature anyway, but to add a warning as soon as a case is reported. What do you think? Btw, thanks for the details you provided to me, I learnt something 😁

And I take this comment as an opportunity to up this PR to @mayankchhabra and @lukechilds 😉

[2pac1]

Most def. something like sending a payment without receiver knowing the amount in advance, is needed. I read that keysend is being deprecated in favour of AMP. Also, there need to be a proof to show that payment was sent.