Currently when an RPC node does a network fanout to get a reward or exit
signature, it verifies each signature as it returns before adding it to
the aggregate.
This ends up being quite slow: on my desktop machine on current
stagenet, in a release build, with 240 stagenet nodeus nodes, just these
verifications calls taking a bit more than a full second in total (while
the aggregation itself takes only a tenth of a second). While still
reasonable on stagenet, on mainnet it's going to be 10s of CPU time per
signature request, which is too much.
This commit rewrites it to speed it up considerably in the normal (i.e.
no bad signature) case:
the aggregator aggregates returning pubkeys and signatures without
individual verification.
once we have all results, we then perform a single verification of the
aggregated signature against the aggregated pubkey. If it succeeds
there's no other needed checks.
if that check fails then we fall back to doing a one-by-one
verification on all the individual signatures, removing them from the
aggregates if we find any failures.
In the normal case (where we don't get any failing signatures) this
speeds up aggregate processing by more than 10x by only needing one
signature verification.
A nice side effect of this is that because we always know the aggregate
pubkey now, we can include that in debug logs (previously it was only
available in debug logs in debug builds), and in the RPC result.
Currently when an RPC node does a network fanout to get a reward or exit signature, it verifies each signature as it returns before adding it to the aggregate.
This ends up being quite slow: on my desktop machine on current stagenet, in a release build, with 240 stagenet nodeus nodes, just these verifications calls taking a bit more than a full second in total (while the aggregation itself takes only a tenth of a second). While still reasonable on stagenet, on mainnet it's going to be 10s of CPU time per signature request, which is too much.
This commit rewrites it to speed it up considerably in the normal (i.e. no bad signature) case:
In the normal case (where we don't get any failing signatures) this speeds up aggregate processing by more than 10x by only needing one signature verification.
A nice side effect of this is that because we always know the aggregate pubkey now, we can include that in debug logs (previously it was only available in debug logs in debug builds), and in the RPC result.
(This builds on top of #1751)