fix(audit): add non-witness-utxo validation for psbt

[muhahahmad68]

Description

This PR fixes a security vulnerability in get_utxo_for() within src/psbt/mod.rs where non_witness_utxo was being used without verifying that its txid matches the input's previous_output.txid.

Notes to the reviewers

• The validation silently returns None on txid mismatch rather than propagating an error, which is consistent with the existing behavior of this function.

Changelog notice

Fixed

• [psbt] Validate non_witness_utxo txid against previous_output.txid in
  get_utxo_for() to prevent fee calculation manipulation via substituted
  transactions (fixes [psbt] Validate non_witness_utxo txid with tx input previous output #468)

Checklists

All Submissions:

• I've signed all my commits
• I followed the contribution guidelines
• I ran just p before pushing

New Features:

• N/A

Bugfixes:

• This pull request breaks the existing API
• I've added tests to reproduce the issue which are now passing
• I'm linking the issue being fixed by this PR

[codecov]

Codecov Report

❌ Patch coverage is 75.00000% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 80.20%. Comparing base (db1eab4) to head (6b2f8ff).

Files with missing lines	Patch %	Lines
src/psbt/mod.rs	75.00%	1 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #471      +/-   ##
==========================================
- Coverage   80.21%   80.20%   -0.02%     
==========================================
  Files          24       24              
  Lines        5348     5354       +6     
  Branches      242      243       +1     
==========================================
+ Hits         4290     4294       +4     
- Misses        980      981       +1     
- Partials       78       79       +1     

Flag	Coverage Δ
rust	80.20% <75.00%> (-0.02%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[ValuedMammal]

ACK 6b2f8ff

It'd be nice to see a test to check

1. get_utxo_for returns None on txid mismatch
2. get_utxo_for returns None on previous_output.vout out of bounds

commit should say

fix(psbt): add non-witness-utxo validation for get_utxo_for

[ValuedMammal]

We need to drop the duplicate 081c3be commit from this branch that already exists on master with a different ID.