fix: harden bridge, consensus, and tee verifier safety paths

[ramtamilselvan]

Summary

• persist Rust bridge relayer state across restarts and round bridge quorum thresholds up instead of down
• reject invalid attestation challenge responses and make WASM host verification stubs fail closed
• bind PoUW TEE verification to work-result hashes and enforce configured measurement allowlists
• make incomplete SGX, SEV-SNP, and Nitro verifier backends fail closed in both the worker SDK and mirrored public SDK instead of returning placeholder success
• harden bridge relayer authority paths so proposal creation requires a configured relayer identity, automatic voting fails closed without a signing backend, placeholder vote verification no longer accepts non-empty bytes, and withdrawal proposals are marked submitted only after transaction submission succeeds

Verification

• cargo test -p aethelred-bridge
• cargo test -p aethelred-vm test_invalid_attestation_response_does_not_satisfy_challenge
• cargo test -p aethelred-vm test_valid_sgx_attestation_satisfies_challenge
• cargo check -p aethelred-vm
• cargo test -p aethelred-consensus test_verification_engine
• cargo test -p aethelred-consensus test_verification_engine_tee_attestation
• cargo test -p aethelred-consensus test_verification_engine_rejects_sgx_measurement_not_in_allowlist
• cargo test -p aethelred-consensus test_verification_engine_rejects_tampered_sgx_binding
• cargo test --manifest-path services/tee-worker/nitro-sdk/Cargo.toml --features attestation-evidence fails_closed_when_backend_missing
• cargo check --manifest-path services/tee-worker/nitro-sdk/Cargo.toml --features attestation-evidence
• cargo check --manifest-path sdk/aethelred-sdk/Cargo.toml

Note

• sdk/aethelred-sdk full-sdk test coverage remains blocked by pre-existing crate issues outside this change set, so the mirrored SDK edits were validated by targeted formatting plus the default cargo check path rather than a full full-sdk build.