Author: Gregory Maxwell 2014-10-05 23:50:56
Published on: 2014-10-05T23:50:56+00:00
In an email exchange on October 5, 2014 between Gregory Maxwell and another individual, Maxwell pointed out tools that could be helpful for Bitcoin transactions. He also suggested a more unconventional approach to help secure transactions - using the BLS short signature scheme. This scheme allows for multiple signatures from different messages to be securely aggregated into a single signature through pairing cryptography, which has nice bandwidth properties and can be recursively applied. Additionally, removing a set of signatures from the aggregate is not possible without knowing the set of signatures by itself. Maxwell explains that if coinbase transactions contain a signature and if some fee-paying users relay their transaction privately to miners, other miners would only learn of the transaction in aggregated form. Without knowing the transaction by itself, they would not be able to add it to their own block in a fork. This provides several anti-censorship properties as transactions can only be accepted or rejected as a group unless the members are known separately. The use of this aggregation method can be additive to regular DSA signatures, so even if the cryptosystem is broken, the only harm would be allowing disaggregation. However, verification takes a slow pairing operation per transaction.
Updated on: 2023-05-19T19:20:50.869847+00:00