TLDR: We present a signature aggregation scheme intended as a possible alternative to BLS signatures in the context of committee voting, with applications such as committee-based notorisation and fork-free sharding. Construction Let V be a committee of voters v_1, ..., v_n. For a given message m every voter can cast one vote by signing m. For concreteness we set |V| = 423 (as inspired by Dfinity) and require a threshold of t votes (e.g. t = |V|/2) to form a quorum. Given at least t votes, som...| Ethereum Research
Dark Mode Toggle| vitalik.eth.limo
TLDR: We present a 1-bit custody bond scheme which is friendly to BLS aggregation. Construction Let V be a 32-ETH collateralised validator that has published H(s) onchain where s is a 32-byte secret. Given a piece of data D the validator V can compute the corresponding “custody bit” b as follows: Partition D into 32-byte chunks XOR every 32-byte chunk with s and H(D) Merkleise the XORed chunks to get a root r Let b be the least significant bit of r The signed message [H(D), b] is a non-o...| Ethereum Research