SK0M0R0H
commented
3 years ago Current functionality for aggregatable BLS accordingly to the specification relies on Knowledge of the Secret Key (or Proof of Possession) or Distinct Messages approaches to defend against Rogue Public Key Attack. We cannot control library usage by a third party that could lead to security problems on the user-side. Moreover, some use-cases cannot use both of these methods. We can use Boneh-Drijvers-Neven work on BLS aggregation as an additional (maybe, even default) way to aggregate signatures.
ilyas675
BLS signature scheme implementation is required.
@ilyas675 I would propose to introduce a special branch for this particular task. Something like
3-bls-signature-scheme.