Notes

• Introduced doubly aggregatable signatures: layer-0 signatures aggregated into layer-1 attestations, then aggregated into a succinct certificate.
• Security model covers unforgeability and equivocation resistance.
• Two constructions: one with linear-size public keys & efficient verification (2 pairings), another with constant-size keys but linear pairings.
• Based on RMSS, enabling algebraic verification and SNARK-friendly predicates on bitmaps.
• Key application: incentivizing timely all-to-all vote dissemination in consensus protocols.
• Prototype implementation demonstrates concrete efficiency.

• 提出双重聚合签名：第一层签名聚合成第二层证明，最后合并为简洁证书
• 安全模型涵盖不可伪造性和抗模棱两可攻击（即防止对未观察到的签名作证）
• 方案一：线性大小公钥，验证仅需群加法和两次配对；方案二：常数大小公钥，但验证需线性配对
• 基于随机模子集和（RMSS），实现纯代数验证，便于SNARK证明位图上的简洁谓词
• 主要应用：激励共识协议中及时的全对全投票传播，确保验证者快速收到所有投票
• 通过原型实现验证了方案的具体效率