[zk-sdk] Add input validation to sigma proof generation functions

[samkim-crypto]

Summary of Changes

I added some extra sanity / safety checks on sigma proof logic.

1. Currently, the proof generation logic does not reject invalid inputs. For example, the zero ciphertext validity proof certifies that a ciphertext encrypts the value of 0. If a ciphertext that does not encrypt 0 is provided as input, it still goes ahead and generate a proof that is invalid. It is a better API if the function rejects these invalid inputs at the beginning, so I added these checks in the proof constructors (33c662a).

I added tests for this behavior, but I realized that it is difficult to test because the proof types actually don't derive some of the basic traits like Debug, PartialEq, and Eq. So I derived these for the proof types as well (b1c5982).

This change in behavior ended up breaking a unit test in the wasm crate, so I updated it in 89b5b87.

2. I also added a sanity check on the verification functions to reject identity point inputs. For example, in practice, one would never generate a zero ciphertext validity proof for an all zero ciphertext (i.e. ciphertext consisting of identity points). These identity points can sometimes cause some subtle behavior that prevents the proof algebraic conditions from being checked, so it is safer to just outright reject these points. So I added these checks.

The only proofs where we allow identity inputs is the ciphertext validity proofs. Here, a public key can be the auditor's ElGamal public key in token-2022, which can be zero (identity) when the auditor is set to None.