Once we start using sigchecks in place of sigops, anything relying
on that number can only be run *after* CheckInputs. Notably, the
virtualsize computation and the generation of the CTxMemPoolEntry
(and things using the CTxMemPoolEntry).
This perhaps creates some concerns of DoS vector, however it can
be ameliorated by a future change that runs the standard script
checks with a dummy signature verifier (no signature verification)
and only the consensus script checks need signature verification.
The standard sigcheck count would be put into mempool, however if
the sigchecks counts disagree the transaction should be dropped.