Consider changing proof serialization to match C++ implementation

[divergentdave]

Currently, zk_one_circuit::Proof::encode() throws an error if the session ID/oracle field is not 32 bytes, but the rest of the codebase allows for a variable-length session ID. The C++ implementation of proof serialization does not follow the same structure as in https://www.ietf.org/archive/id/draft-google-cfrg-libzk-01.html#section-7.5-3. Instead, it serializes the six MAC tags, then for each circuit, the commitment, the Sumcheck proof, and the Ligero proof. I think we should implement this serialization format instead, so we can interoperate. Excluding the oracle field from serialized proofs will also avoid the simple mistake of relying on it instead of taking this domain separation input from a higher-level protocol, without checking consistency.