alxiong
commented
10 months ago When you register, you provide both keys. Current contract API register(PubKey key, bytes calldata signature,) is generic over the public key type and in instantiation will be a BLS pk, now we can switch to a tuple of (bls_pk, schnorr_pk) (caveats: not really, explain later) and still just verify the BLS signature, and trusting that the schnorr_pk provided is correct as there's no incentive to do otherwise.
When replicas compute the stakeTableComm they will commit over both keys, thus binding the two.
It's an interesting open question if we define unique PubKey to be unique tuple, or unique bls_pk only?
for simplicity, we should go with "unique tuple", but this may lead to changing our data structure Node since we have mapping(PubKey => Node), and for easy unique lookup, we may just keep PubKey = BlsKey and push the SchnorrKey as part of the struct Node.
In addition to the BLS public keys used in HotShot, the light client will rely on Schnorr public keys in order to verify a QC. Specify how the stake table establishes the relationship between those keys and ensures the participant inserting those keys knows the corresponding private keys.
cc @alxiong @jbearer