Withdrawal event could be reused by bridge admin
Description
In astria-bridge-withdrawer, bridge address and withdrawer address have permissions to withdraw assets from the bridge.
Both bridge address and withdrawer address could execute CollectWithdrawals and SubmitWithdrawals using astria-cli to withdraw assets from the bridge.
But there is no marking or validation to check that the withdrawal has already been spent. This means that the withdrawal event could potentially be reused by the bridge admin to withdraw assets from the bridge multiple times.
Impact
If the private key of the bridge address or withdrawer address is compromised, an attacker could unlock and withdraw assets from the bridge repeatedly using the same withdrawal event. This may lead to a loss of user funds.
Recommendations
Ensure that the withdrawal event is marked or validated to prevent the reuse of the withdrawal event in the bridge withdrawer.