We present a pairing-based signature scheme for use in blockchains
that achieves substantial savings in bandwidth and storage requirements
while providing strong security guarantees.
Our signature scheme supports aggregation on the same message, which
allows us to compress multiple signatures on the same block during
consensus, and achieves forward security, which prevents adaptive
attacks on the blockchain.
Our signature scheme can be applied to all blockchains that rely on multi-party consensus protocols to agree on blocks of transactions (such as proof-of-stake or permissioned blockchains).