Add criterion benchmarks for signature verification paths

[avrabe]

Part of the V&V coverage initiative.

Problem

sigil is on the supply-chain hot path — every signature verification must complete within a build-time budget. Silent crypto-path regressions could make CI hang or supply-chain validation unusable in practice. A criterion regression gate prevents this.

Recognized as evidence under ISO 26262-6 Table 10 row 1e and DO-178C Table A-6 Obj 3 (performance).

Acceptance

• benches/verification_benchmarks.rs with criterion groups:
  • Ed25519 signature verify (matches the Lean theorem — lean/Ed25519.lean)
  • DSSE envelope parse + verify
  • SLH-DSA post-quantum signature verify (when implemented)
  • Merkle-tree validation throughput (per-leaf-count)
  • Certificate-chain validation (per-chain-length)
• Per-path latency SLA captured as baseline
• CI job: sanity run on PR, full run nightly with persistence
• Traceability: benchmarks link to FIPS 205 / RFC 8032 requirement IDs in rivet.yaml

Notes

• criterion 0.5+; co-locate with test fixtures in src/lib/benches/
• Supply-chain integration (e.g. on every module load) means per-verification time matters more than total throughput