Qurrency implementation

[jimthematrix]

This is the initial implementation for the Qurrency protocol (details to be announced soon).

Circuits

• new circom code to perform Kyber (NIST approved, post-quantum safe) encryption of a 256-bit message, in a KEM flow
  • based on https://github.com/zkFHE/circomlib-fhe
  • the message is meant to be the AES encryption key, which should be used to encrypt arbitrary messages such as those for the auditor authority
• the ciphertext is hashed with sha256 in the circuit, which reduces the number of input signals for proof verification
• test code including a tooling snippet to locate the cipher text from the witness object

Token Implementation

• new token anon_nullifier_qurrency.sol. It includes the transfer() method enhanced to include the ciphertext and using the new proof verifier for the new circuit above, including the regular 2x2 circuit and the batch circuit
• hardhat tests

TODO: see #133

[MatthewGregoire42]

I've reviewed this PR: all tests pass. In addition to the tests, there are a few more compelling indicators of correctness:

• Since we model SHAKE256 as a random oracle to achieve our security properties in Qurrency, passing tests (+ inspection of the source code) imply with high probability a correct implementation of the portions of the protocol related to ML-KEM.
• Every single-arrow assignment in circom files has a valid corresponding === constraint applied.

Following this PR, it'd be good to (1) accompany these implementations with additions to the documentation describing the security properties achieved, and (2) write integration tests for the Qurrency tokens. Since these tokens only have unit tests, they aren't yet tested in this repo's GitHub workflow.

[EnriqueL8]

looks good - just a few code sanity comments

[Chengxuan]

I did a quick scan.

There are some TODO comments worth validating, and the copyright headers of new files should be 2025.