Falcon verification inside Miden VM

[Al-Kindi-0]

Describe your changes

The following PR implements the Falcon DSA verification procedure inside Miden VM. The integration test is fully dynamic and relies on a naive C implementation of RPO, in order to do the hash-to-point with RPO instead of SHAKE256, and the reference C implementation for the rest.
The current cycle count is approximately 100k cycles. There are at least 3 optimization ideas that can hopefully half this number and these will be elaborated in a separate issue.

Edit: An improvement using the segment polynomial decomposition applied to the product polynomial in order to half the number of exponentiations of the random challenge $\tau$ as well as the number of memory addresses initialized to zero. This brings the cycle count to 89k cycles.

Checklist before requesting a review

• Repo forked and branch created from next according to naming convention.
• Commit messages and codestyle follow conventions.
• Relevant issues are linked in the PR description.
• Tests added for new functionality.
• Documentation/comments updated according to changes.

[bobbinth]

Looks great! Thank you! I left a few comments inline. Most of them are about optimization ideas which we could do in the future. For these, we could create an issue summarizing these ideas and implement them in future PRs. Overall, with all optimizations applied, I think we might be able to reduce the cycle count to about 60K - 50K.

For this PR, let's:

• Rebase from the latest next.
• Add more tests (specifically for failure cases).
• Address any other comments which are relatively simple to do.

Lastly, we should probably do the above after we merge 0xPolygonMiden/crypto#179.

[bobbinth]

All looks good! Thank you! I left a couple of non-blocking comments inline.