Subtle wallet drain related to TxParams

[csralvall]

Description of the bug
I discovered that if you create a transaction with no recipient,
drain_wallet set to false, drain_to set with some scriptpubkey, left all
the other TxParams as they are and finish the psbt, you still make a
transaction paying the fees for the fixed parts of the transaction and the fees
generated through coin selection.

It doesn't seem to be intentional and it drains funds from your wallet for free
as result.

To Reproduce
I crafted a proof of concept.

Expected behavior
I expect that a psbt without recipients and not used to sweep a descriptor shouldn't be allowed to finalize.

Build environment

• BDK tag/commit: fbd98b4
• OS+version: 5.10.105-1-MANJARO
• Rust version: rustc 1.58.1 (db9d1b20b 2022-01-20)
• Cargo version: cargo 1.58.0 (f01b232bc 2022-01-19)
• Rust/Cargo target: x86_64-unknown-linux-gnu

Additional context
I also attempted a fix in this commit
but there're conflicts with RBF policies.

It seems that bump_fee sets drain_wallet to false through the use of
Default values to create the new psbt with the bumped fee.

I'm not familiar enough with RBF to know what I can and can't do, so I
would like to hear other ideas.

[danielabrozzoni]

I discovered that if you create a transaction with no recipient,
drain_wallet set to false, left all the other TxParams as they are and
finish the psbt,

Note: you are also setting drain_to

It looks like the problem is that if you set drain_to without a recipient, bdk spends one random input and sends it to drain_to, which is really weird.
I agree that the builder shouldn't finish in this case.