Validate `attachment_kind` and `account_id` in metadata extraction helpers

[mmagician]

We should validate attachment_kind as well here, i.e.:

https://github.com/0xMiden/miden-base/blob/fda68e1008f8b7b7633b8c3dfc6a0fe4e150dd32/crates/miden-protocol/asm/kernels/transaction/lib/output_note.masm#L375-L378

And looking at the neighboring extract_sender_from_metadata, it doesn't validate the account ID which it probably should also do. Would you mind adding a account_id::validate line there and add a Panics if section? If not, lmk and I'll open an issue or address it.

In general, I think the procedures we provide should provide as much safety as they can and if users want to work with potentially invalid metadata, they likely know what they're doing and can write their own procedures. But for 95% of users, validation should be the safer option.

Originally posted by @PhilippGackstatter in #2338 (comment)

TODOs:

• add account_id::validate check to extract_sender_from_metadata
• check that attachment kind is valid, like output_note.masm does it
• add Panics section to the docs of both procedures