sqrt-via-dlog: cleanup and 20% accel for vartime Bandersnatch/Banderwagon deserialization

[mratsim]

This builds on top of #354 and #356 to bring a further 20% perf improvement to Bandersnatch/Banderwagon square root and point deserialization.

The technique was hinted at in this comment: #354 (comment)

This is the first part of a larger refactoring to make the square root via discrete log constant-time (#358) and introduce a sage script for constant generation (#359)

Note: as this is only tested in verkle trees test, and those are not in nimble yet (pending #330), the local test must be:

nim c -r --outdir:build tests/t_ethereum_verkle_primitives.nim

[mratsim]

Benches:

[mratsim]

Now Tonelli-Shanks vartime is not much slower for sqrt than a simple prime p ≡ 5 (mod 8). Note that Edwards25519 curve uses Montgomery representation at the moment and does not use fast reduction techniques from it's Pseudo-Mersenne Prime properties.

[advaita-saha]

This builds on top of #354 and #356 to bring a further 20% perf improvement to Bandersnatch/Banderwagon square root and point deserialization.

The technique was hinted at in this comment: #354 (comment)

This is the first part of a larger refactoring to make the square root via discrete log constant-time (#358) and introduce a sage script for constant generation (#359)

Note: as this is only tested in verkle trees test, and those are not in nimble yet (pending #330), the local test must be:

nim c -r --outdir:build tests/t_ethereum_verkle_primitives.nim

Tests for SerDe and Banderwagon operations are added in constantine.nimble, which was added along with the PR #278. Only IPA tests are not yet added in the nimble mentioned here #330

[advaita-saha]

LGTM 🔥