-
Notifications
You must be signed in to change notification settings - Fork 6
-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Change BLS signature/public key aggregation to enable better caching #592
Comments
In GPBFT, my plan is to change the
One downside to this approach is that we'll pay the cost of pre-computing the coefficients for all keys in the power table when validating finality certificate signatures where the current method only has to compute the coefficients for the keys actually used. But... I don't think that's going to be a huge deal and I want to keep this simple for now. |
Ew. So... validation makes this a bit annoying. We're going to have to cache this as part of the committee, possibly put it in |
Hm. PowerTable is the right place, but that's probably going to cause a bunch of issues. I'll probably have to add it as an additional param and cache it in the |
This commit: 1. Specifies the BLS curve used by F3. 2. Specifies the aggregation scheme. 3. Tweaks the aggregation scheme to use all public keys from the committee when computing the aggregation coefficients for better performance. This change does not change how F3 consensus works, it just makes the protocol more efficient. See filecoin-project/go-f3#592
* FIP-0086: Specify and update signature and signature aggregation This commit: 1. Specifies the BLS curve used by F3. 2. Specifies the aggregation scheme. 3. Tweaks the aggregation scheme to use all public keys from the committee when computing the aggregation coefficients for better performance. This change does not change how F3 consensus works, it just makes the protocol more efficient. See filecoin-project/go-f3#592 * Apply suggestions from code review Co-authored-by: Jorge M. Soares <[email protected]> Co-authored-by: Masih H. Derkani <[email protected]> --------- Co-authored-by: Jorge M. Soares <[email protected]> Co-authored-by: Masih H. Derkani <[email protected]>
Right now we're not taking advantage of the bitfield mask when aggregating public keys. I.e., each time we aggregate public keys we use an all-ones bitfield and cannot re-use any of the results of the aggregation.
Instead, we should:
coeff*pubkey+pubkey
for every public key for the rest of the instance (cache https://github.com/drand/kyber/blob/94dae51d79b4b0c2d2a9b9cc382b864cf3537783/sign/bdn/bdn.go#L183-L185).This is the one N^2 cryptographic operation we do, so it should make F3 scale significantly better.
The text was updated successfully, but these errors were encountered: