Implement PoT proving and verification optimized for AES (aarch64)

[nazar-pc]

This is a backport of nazar-pc/abundance#270 and follow-up to #3552

Curious what difference it makes on Apple Silicon.

Code contributor checklist:

• I have read, understood and followed contributing guide

[teor2345]

Looks good, the locations of constants aren't a blocker

[teor2345]

Can we put this constant in the containing module, rather than repeating it in each module?
(Same question for other constants in this file.)

[nazar-pc]

I was a little less comfortable because this is a platform-specific file, so extracting it somewhere would require annoying cfg() conditions. The rest of constants are specific to aarch64 and not shared with x86-64, intrinsics behave slightly differently here, which also confused me at first.

[nazar-pc]

Two tests hanged on macOS:

SLOW [>5820.000s] domain-client-operator tests::test_xdm_channel_allowlist_removed_after_xdm_resp_relaying
SLOW [>5820.000s] domain-client-operator tests::test_xdm_false_invalid_fraud_proof

Would be nice for someone to dedicate time to fix these flaky tests, they fail way too often for my liking.

[teor2345]

Same macOS test issue as #3535 (comment)

Seems like the 2025-05-31 nightly compiler or 2024 edition caused some instability in the macOS tests. We don't know which because they were combined into a single PR.

[nazar-pc]

Well, if it reproduces more reliably we can kind of call it a good thing, easier to debug that way

[jfrank-summit]

Curious what difference it makes on Apple Silicon.

Running on M4 Max:

group     main branch                     pot-aarch64-aes branch
-----     ---------------------        -------------------
prove     1641.5±446.51ms             1104.9±6.98ms    
verify     144.5±2.52ms                   134.1±2.47ms       

[nazar-pc]

Surprisingly good proving time with a solid improvement for both, nice!