Give withdraw function a callback to check for failures, reverting state changes if needed

[mikedotexe]

Fixes #13

We saw an issue here: https://explorer.mainnet.near.org/transactions/9Fr2fnp5DtQedsYfboovk3u8L4SEtmpHT6RUjuUr1wDv

as well as the one mentioned in the issue by Ryan.

Here is how I imagine this function can malfunction. I should note it's not an attack vector, but something to patch.

1. A user transfers all their fungible tokens from FTContractA into Ref Exchange.
2. User decides to unregister with FTContractA.
3. User tries to withdraw, but their account is no longer registered, so the transfer fails silently. What's more, the amount has been deducted.

This PR:

• Adds the (private) callback exchange_callback_post_withdraw
• Adds a simulation test running through the steps above, ensuring the balance is returned to normal if a promise failure occurs.
• Minor typos