[security] prevent locking the finalisation

[YBadiss]

If a smart contract creates or rates a note, but has a failing receive function, the finalisation of notes will always fail.

This is a cheap way for blocking our finalisation process that can be mitigated by:

• not reverting on failure to reward/slash
• keep track of funds that were not returned to users
• allow owners of these funds to retrieve them by calling into the contract (careful re-entrancy)

We could also remove the auto-send of funds on finalisation and force people to call us to get their funds, but that is costly for users and slows down the rewards.