feat(sdk): support robust protocols

[ggutoski]

fix #188

Main changes in round.rs and executer.rs

• round.rs: In execute_next_round don't accuse msg_in_faulters until after you've executed the round, and only if you end in sad path. As discussed, delete all messages received from all msg_in_faulters before executing the round so that protocols are sure to know who's a faulter. (Otherwise it's possible to have msg_in_faulters that the protocol does not see and we don't want that.)
• executer.rs: Implementers of robust protocols cannot use the default implementation of execute_raw---they must roll their own. One imagines that lots of code in the default execute_raw would be useful in a hand-made execute_raw, so I refactored the common checks (timeout, deserialize) into convenient helpers with the intent to be used in custom implementations of execute_raw.

I also snuck in some tweaks to various collections objects: add missing map_result methods that I want in execute_raw, unify function arguments as FnMut and don't require Clone, add unset methods to Fill* collections.

[ggutoski]

Are new test cases required in tofnd to test robustness?

The only robust protocol we could test is interactive multisig. That's currently unused so I see no need to rush to write tests for it.