Make keyset size independent of 'hiding' param

[davxy]

Domain::hiding is used to control whether we want to make the proof zk (or not) by randomizing (or not) the last 3 evaluations of the domain.

Currently, setting this parameter to false has the side effect of using the 3 zk-rows to make space for 3 extra items in the keyset part.

This results in the inability to verify a proof that was generated with hiding = false in a verifier domain where hiding = true (even though this parameter is not really relevant in the verifier's context).

My point is that it would be nice to have, given a certain domain size, a fixed size for the keyset part (regardless of whether hiding is being true or not).

This would also have the added benefit of allowing this parameter (set to false) to be leveraged for producing test vectors as well.

[davxy]

@swasilyev do you think this is reasonable? 😁

[swasilyev]

Just talked to @AlistairStewart. He says that if we go with 1023 validators, there will be not enough rows for apk-proofs. So we can't sacrifice these 3 rows in the non-hiding case.