CPQC-Agg: Commitment-Bound Verification of Post-Quantum Signature Sets for BFT Blockchain Consensus

Blockchain consensus protocols rely on BLS signature aggregation to compress validator attestations. These pairing-based constructions are vulnerable to quantum adversaries. Post-quantum signature schemes (Falcon, ML-DSA) resist quantum attacks but lack native algebraic aggregation, creating a scalability barrier for post-quantum consensus.

We introduce CPQC-Agg, a verification framework for post-quantum signature sets in BFT consensus. Our core technical contribution is Commitment-Bound Deterministic Sampling (CBDS): a technique where the Merkle commitment over the signature set is used to derive the verification sampling seed, creating a cryptographic binding between the integrity structure and the verification strategy. This binding ensures that an adversary cannot adaptively choose which signatures to forge after observing the sampling strategy, because the strategy itself depends on the commitment to all signatures.

We formalize CPQC-Agg security through a game-based definition (Game-CPQC-Sound) and prove a standard reduction to the EUF-CMA security of the underlying signature scheme, with a security loss of factor (n-t) standard in multi-key settings [Bellare-Neven 2006], under an adaptive adversary model.

 We provide a complete SNARK circuit cost analysis for the Merkle commitment and CBDS derivation sub-circuits via Plonky3/Groth16, with 95,704 measured constraints, proof generation in 4.5s, and verification in ~3ms. The Falcon-1024 verification sub-circuit is formally specified and estimated at ~4.08M additional constraints per k=20 signatures; its implementation is deferred to LQ-1's production deployment.

Benchmarks using published NIST Falcon-1024 performance data demonstrate verification speedups of 1.5-5x over naive full verification for validator sets of 50-1,000 at security-correct k values, with adversarial detection rates exceeding 99.98% for single-forgery scenarios at k=80. For consensus-critical bandwidth, Sigma_consensus = 180 KB at n=200, k=120, comparable to existing production blockchains. CPQC-Agg is designed for the LQ-1 post-quantum blockchain protocol.