malachite num_bigint hybrid

[wjblanke]

DO NOT MERGE

---

Note

High Risk
Changes core numeric operator implementations (div, divmod, mod, modpow) by routing through malachite-bigint, which could affect deterministic arithmetic semantics and performance in a consensus-sensitive VM.

Overview
Switches several arithmetic ops in more_ops.rs (/, divmod, mod, modpow) to compute via malachite-bigint by converting to/from signed big-endian byte encodings, while keeping the public Number type as num-bigint.

Adds non_empty_be_bytes() and uses it in op_pubkey_for_exp to ensure a non-empty integer byte representation (e.g., zero becomes [0]) before calling G1Element::from_integer.

Updates dependencies (Cargo.toml/Cargo.lock) to include malachite-bigint and its transitive crates, and makes a couple of small test/assertion tweaks for empty buffers.

^{Written by Cursor Bugbot for commit a4bbb74. This will update automatically on new commits. Configure here.}

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	cargo/​malachite-bigint@​0.7.0

View full report

[socket-security]

All alerts resolved. Learn more about Socket for GitHub.

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

Ignoring alerts on:

• cargo/bytemuck@1.25.0
• cargo/foldhash@0.2.0
• cargo/libm@0.2.16
• cargo/malachite-base@0.7.0
• cargo/malachite-bigint@0.7.0
• cargo/malachite-nz@0.7.0
• cargo/paste@1.0.15
• cargo/safe_arch@0.7.4
• cargo/wide@0.7.33
• cargo/hashbrown@0.16.1
• cargo/itertools@0.14.0

View full report

[wjblanke]

@SocketSecurity ignore-all