Add comprehensive Poseidon/Poseidon2 support for BN254 and BLS12-381

[jayz22]

Summary

This PR provides comprehensive Poseidon and Poseidon2 hash function implementations for both BN254 and BLS12-381 curves, with extensive parameter coverage and test validation against external reference implementations.

Changes

Convenience Hash Methods

• Added poseidon_hash() - matches https://github.com/iden3/circomlib/blob/35e54ea21da3e8762557234298dbb553c175ea8d/circuits/poseidon.circom
• Added poseidon2_hash() - matches https://github.com/noir-lang/noir/blob/abfee1f54b20984172ba23482f4af160395cfba5/noir_stdlib/src/hash/poseidon2.nr

Poseidon Parameters (poseidon_params.rs)

• BN254: MDS matrix and round constants for t=2, t=3, t=4 (validated against circomlib)
• BLS12-381: MDS matrix and round constants for t=2, t=3, t=4 (validated against reference Sage script and poseidon-bls12381-circom)

Poseidon2 Parameters (poseidon2_params.rs)

• BN254: Diagonal matrix (MAT_DIAG) and round constants for t=2, t=3, t=4
• BLS12-381: Diagonal matrix and round constants for t=2, t=3, t=4
• Parameters generated using reference Sage script and validated against reference test vectors (generated by the script)

Sponge Implementations

• PoseidonSponge and Poseidon2Sponge with configurable parameters via PoseidonConfig and Poseidon2Config
• Proper capacity/rate handling matching reference implementations

Test Coverage

• Poseidon (BN254) - hash_n validated against circomlib
• Poseidon (BLS12-381) - hash_n validated against poseidon-bls12381-circom
• Poseidon2 (BN254) - hash validated against barretenberg, permutation validated against reference test vectors
• Poseidon2 (BLS12-381) - permutation validated against reference test vectors

[leighmcculloch]

Reviewing the top-level arrangement of the exported fns and that interface, it looks good, there's just one piece of feedback I mention inline to remove the generics that don't appear to be necessary.

Defer to @sisuresh for a review of the crypto internals.

[Copilot]

Pull request overview

This PR adds comprehensive Poseidon and Poseidon2 hash function support for BN254 and BLS12-381 elliptic curves, providing cryptographic primitives validated against multiple external reference implementations (circomlib, barretenberg, noir, and poseidon-bls12381-circom).

Key Changes:

• Added convenience hash methods poseidon_hash<N>() and poseidon2_hash<N>() with configurable field types (BN254/BLS12-381)
• Introduced PoseidonConfig and Poseidon2Config structs to encapsulate hash parameters (rate, capacity, rounds, matrices)
• Changed API signatures from Vec<U256> to fixed-size arrays [U256; N] for improved type safety
• Added extensive test coverage with validation against circomlib (Poseidon BN254), poseidon-bls12381-circom (Poseidon BLS12-381), and barretenberg (Poseidon2 BN254)

Reviewed changes

Copilot reviewed 4 out of 6 changed files in this pull request and generated 7 comments.

File	Description
soroban-sdk/src/tests/crypto_poseidon.rs	Reorganized tests into Poseidon and Poseidon2 sections; added comprehensive test cases for both BN254 and BLS12-381 with t=2, t=3, t=4 configurations; updated to use array-based API
soroban-sdk/src/crypto/poseidon_sponge.rs	Introduced PoseidonConfig struct; refactored sponge to use configuration-based initialization; updated absorb() to accept Vec instead of single elements; added hash() convenience function
soroban-sdk/src/crypto/poseidon2_sponge.rs	Introduced Poseidon2Config struct; parallel refactoring to Poseidon sponge with BLS12-381 support; added hash() convenience function with rate=3
soroban-sdk/src/crypto.rs	Updated public API signatures to use fixed-size arrays and field_type parameter; added documentation linking to reference implementations; exported new Config structs