perf: subgroup membership

[yelhousni]

Description

• optimized addition chain for multiplication by the curve seed.
• curve membership test directly in affine coordinates.
• trading off 1 group addition for 1 point negation and 2 field elements equality.
• early abort if point not on the curve.

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)

How has this been tested?

All relevant tests pass.

How has this been benchmarked?

• BN254

BenchmarkG1AffineIsInSubGroup-2     118           56.7          -52.04%
BenchmarkG2AffineIsInSubGroup-2     48985         44711         -8.73%

• BLS12-381

benchmark                           old ns/op     new ns/op     delta
BenchmarkG1AffineIsInSubGroup-2     46572         45321         -2.69%
BenchmarkG2AffineIsInSubGroup-2     55583         53498         -3.75%

• BLS12-377

benchmark                           old ns/op     new ns/op     delta
BenchmarkG1AffineIsInSubGroup-2     47880         46757         -2.35%
BenchmarkG2AffineIsInSubGroup-2     77695         75535         -2.78%

• BW6-761

benchmark                           old ns/op     new ns/op     delta
BenchmarkG1AffineIsInSubGroup-2     321752        313964        -2.42%
BenchmarkG2AffineIsInSubGroup-2     322118        314562        -2.35%

Checklist:

• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have added tests that prove my fix is effective or that my feature works
• I did not modify files generated from templates
• golangci-lint does not output errors locally
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published in downstream modules