MinSig.Pop
Follow section 3.3.
A proof of possession scheme uses a separate public key validation step, called a proof of possession, to defend against rogue key attacks. This enables an optimization to aggregate signature verification for the case that all signatures are on the same message.
Equivalent to core_sign
with the DST given in the specification, section 4.2.3
Equivalent to core_verify
with the DST given in the specification section 4.2.3
pop_proof sk
implements the algorithm described in section 3.3.2
pop_verify pk proof
implements the algorithm described in section 3.3.3
aggregate_verify pks msg aggregated_signature
performs a aggregate signature verification. It supposes the same message msg
has been signed. It implements the FastAggregateVerify algorithm specified in section 3.3.4