runtime hash selection with SHA256, Blake3, Keccak support

[yash25198]

Summary

• Runtime hash selection: Replace compile-time feature flags with runtime HashConfig enum, allowing selection between Skyscraper, SHA256, Keccak, and BLAKE3 without recompilation
• Uses WHIR 2.0's HashEngine API — standard hashes (SHA2, Keccak, Blake3) use WHIR's built-in engines; Skyscraper is registered as a custom engine
• Runtime TranscriptSponge enum dispatches Fiat-Shamir sponge calls to the active hash variant

Changes

• New HashConfig enum with serde support for runtime hash algorithm selection
• TranscriptSponge runtime-dispatch enum wrapping all four sponge implementations
• SkyscraperHashEngine implementing WHIR's HashEngine trait with batched SIMD leaf hashing
• Updated CLI prepare command to accept --hash configuration
• Binary file format updates to store hash config in headers (version bumps for prover/verifier/nps formats)
• Hash benchmarks (cargo bench --bench hash_bench) covering leaf hash, compression, Merkle layers, and sponge operations

Testing

# Prepare with different hash configurations
provekit-cli prepare --hash sha256 ...
provekit-cli prepare --hash blake3 ...
provekit-cli prepare --hash keccak ...
provekit-cli prepare --hash skyscraper ...  # default

Performance

Operation	Skyscraper (baseline)	Blake3	Keccak	SHA-256
Merkle commit (524K leaves)	22.6 ms (1.00x)	3.30 ms (6.85x)	15.6 ms (1.45x)	6.35 ms (3.56x)
Merkle commit (262K leaves)	10.0 ms (1.00x)	1.66 ms (6.02x)	8.99 ms (1.11x)	2.14 ms (4.67x)
Matrix commit (524K x 8)	146 ms (1.00x)	15.7 ms (9.30x)	44.6 ms (3.27x)	21.6 ms (6.76x)
IRS commit (1M)	337 ms (1.00x)	201 ms (1.68x)	272 ms (1.24x)	262 ms (1.29x)
inner_blinded_prove	410 ms (1.00x)	306 ms (1.34x)	341 ms (1.20x)	288 ms (1.42x)

[Bisht13]

Can we add e2e tests for all hashes which includes the prepare, prove and verify step?