Issues to be solved for the introduction of BLS

[torao]

Summary

One important thing is that the introduction of BLS signature aggregation results in a mix of ed25519 keys for the VRF and BLS keys for the signature on the system.

• Generating, storing, and distributing BLS key-pair.
  • Can we generate BLS key-pair when creating an ed25519 key with tendermint command?
  • Is there a more appropriate, standardized format such as PKCS#12?
  • Is the distribution way of public key possible to be the same as the current tendermint?
• Using BLS private key for signature and aggregation.
  • When will we aggregate the BLS signatures?
    • It's able to aggregate when generating a Commit for a block.
    • It currently has the signer's address and signature for each CommitSig. It's probably possible to move the aggregated signature to Commit.
    • However, since CommitSig seems to also be used to represent a signature to a Vote, it may not be possible to simply remove it from a class field.

For Admin Use

• Not duplicate issue
• Appropriate labels applied
• Appropriate contributors tagged
• Contributor assigned/self-assigned

[zemyblue]

It's able to aggregate when generating a Commit for a block.

@torao, How about aggregating the BLS signature as generating the block from proposer?
The block include the voter's signatures of previous block, so even if the BLS signature aggregates the signature at Commit, the new block proposer can be disabled. This is because the more voters' signatures they collect, the more rewards they have.