Add conf_whitelist module

[osuketh]

Instead of storing the whitelisted accounts in on-chain, it is stored in off-chain as a Merkle tree by the specific asset maintainer. In order to ensure the validity for the lists, they need to commit the Merkle root and send zkproof to on-chain. So, the soundness is based on that of zkp. All users need to send merkle proof when they invoke the can_transfer function which returns true only if the sender is in the whitelist(i.e. merkle root corresponding to the asset Id)

[osuketh]

The maintainer of the whitelist can update the Merkle root whenever they want. It's just the trade-off between their maintenance cost and UX.