unusualbob
commented
5 years ago The reason this wasn't included is that we regularly found that address to either no longer being controlled by the sending party, or that it could be fake. If there is a MITM attack going on, the attacker cannot fake the payment request, as it is signed. However the refund address included in the client request is unsigned and therefore it can be faked. Because of these issues we have always had to re-verify if the address was still controlled by the user.
We have considered adding this by verifying if the key used to spend the utxo signs the refund address, however this adds additional complexity, and we still will have to verify if the user still controls that address at time of refund. At this time we do not have plans to do this.
One of the best features of Bip70 was to allow the buyer to include a refund address with the payment message. This seems to be missing from this spec. Not sure if the removal was intentional or an oversight.