# What is the BLS signature scheme? posted February 2019

BLS is a digital signature scheme being standardized.

Its basis is quite similar to other signature schemes, it has a key generation with a generator $P2$:

The signature is a bit weird though, you pretend the hashed message is the generator (using a `hash_to_G1`

function you hash the message into a point on a curve) and you do what you usually do in a key generation: you make it a public key with your private key

Verification is even weirder, you use a bilinear pairing to verify that indeed, `pairing([secret_key]hashed_msg, P2) = pairing([secret_key]P2, hashed_msg)`

.

This weird signing/verifying process allows for pretty cool stuff. You can compress (aggregate) signatures of the same msg in a single signature!

To do that, simply add all the signatures together! Easy peasy right?

Can you verify such a compressed signature? Yes you can.

Simply compress the public key, the same way you compressed the signature. And verify the `sig_compressed`

with the `public_key_compressed`

. Elegant :)

But what if the different signatures are on different messages? Well, just add them together as well.

The process to verify that is a bit more complicated. This time you multiply a bunch of `pairing([secret_key]P2, hashed_msg)`

together, and you verify that it is equal to another pairing made out of the compressed signature. Pairings are magical!

## Comments

## Joker

Comedy is subjective, Mur-ray.

## Bete

Is BLS similar with Shacham’s Public Verification? Thanks!

## Jon

What about same public key, different messages?

## leave a comment...