Signature Verification for Beacon Chain

[rawfalafel]

Casper 2.0 will likely use BLS multisigs to efficiently secure signatures from attesters and notaries. However we're still undecided on the signature scheme used for Ruby because the implementation details are subject to change and BLS multisig implementations are few and far between. This issue will track our options until we've collectively made a decision. Here's some options:

1. Punt signature verification altogether and use a noop for signature verification. The obvious downside is that the random beacon chain wouldn't be useful as a consensus machine whatsoever. However, it may be sufficient as a prototype.
2. Use ECDSA signatures without any fancy aggregation. Downside here is the large data size and performance penalty of transporting and verifying large numbers of signatures for large validator sets.
3. Explore existing BLS sig libraries and begin implemneting it now. Dfinity has a number of repositories we can look into, and this comment mentions a scheme that's being looked into.

The second option seems like the most reasonable option to me but in order to stay ahead of the curve I'm going to spend some time studying BLS sigs.

[terencechain]

Please keep in mind. Regarding BLS, both the one from Dfinity and the one from crypto.stanford.edu are using GMP which has tricky licensing (not allowed on app stores for example)

[rawfalafel]

Good point. I'll track noteworthy licenses for any library we choose to import in this issue.

[eolszewski]

Would this not provide the same benefit?

[rauljordan]

This is being worked on in #637

[rauljordan]

Closed by having the go-bls repo integrated into Prysm. Closing this in favor of #1366.