[perf] KZG verify

[yelhousni]

KZG verification algorithm consists in some scalar multiplications and then a pairing computation. The scalar multiplications are best implemented using Jacobian coordinates while the pairing is best implemented using mixed affine and projective coordinates. The ScalarMul() API makes unnecessary conversions between affine and Jacobians which costs some unnecessary inverses. Few solutions:

• This PR implements a ScalarMul() functions that takes an affine point and returns a Jacobian.
• [ ] Implementing the pairing with only projective coordinates and implementing the ScalarMul() in projective too (no conversions at all). This is implemented in perf/kzg-verify-proj branch but it is worth it only if the Hamming weight of the Miller loop size is less than 6 (perf threshold for mixed add/dbl vs. proj add/dbl). This is not the case for the curve in gnark-crypto. Also it duplicates the pairing code.
• we can also implement a custom BatchFromJacobian() functions that takes elements from both G1 (Fp) and G2 (Fp2 or Fp4).

[yelhousni]

On gnark side Consensys/gnark#342

[gbotrel]

Q: why the refactor ScalarMultiplication to ScalarMul ?

[yelhousni]

I added on gnark-crypto a function ScalarMulUnconverted that takes an affine point and outputs a Jacobian to get rid of an unnecessary conversion (inverse) in KZG verifier. So ScalarMultiplicationUnconverted is too long ^^ and also in std/ we use ScalarMul so that is coherent.

[gbotrel]

Mmhh accidentally merged too fast I think, not that the name change is big, but it impacts user of the lib for no big reasons.