Add a batch verifier to multiexp, along with constant time variants

Saves ~8% during FROST key gen, even with dropping a vartime for a 
constant time (as needed to be secure), as the new batch verifier is 
used where batch verification previously wasn't. The new multiexp API 
itself also offered a very slight performance boost, which may solely be 
a measurement error.

Handles most of https://github.com/serai-dex/serai/issues/10. The blame 
function isn't binary searched nor randomly sorted yet.

crypto/frost/src/tests/literal/secp256k1.rs

@@ -13,7 +13,7 @@ use k256::{
   ProjectivePoint
 };
 
-use crate::{CurveError, Curve, multiexp_vartime, algorithm::Hram, tests::curve::test_curve};
+use crate::{CurveError, Curve, algorithm::Hram, tests::curve::test_curve};
 
 #[derive(Clone, Copy, PartialEq, Eq, Debug)]
 pub struct Secp256k1;
@@ -38,8 +38,8 @@ impl Curve for Secp256k1 {
     Self::G::GENERATOR
   }
 
-  fn multiexp_vartime(scalars: &[Self::F], points: &[Self::G]) -> Self::G {
-    multiexp_vartime(scalars, points, false)
+  fn little_endian() -> bool {
+    false
   }
 
   // The IETF draft doesn't specify a secp256k1 ciphersuite

crypto/frost/src/tests/mod.rs

@@ -82,7 +82,7 @@ pub fn key_gen<R: RngCore + CryptoRng, C: Curve>(
       }
       our_secret_shares.insert(*l, shares[&i].clone());
     }
-    let these_keys = machine.complete(our_secret_shares).unwrap();
+    let these_keys = machine.complete(rng, our_secret_shares).unwrap();
 
     // Verify the verification_shares are agreed upon
     if verification_shares.is_none() {