diff --git a/node/Cargo.lock b/node/Cargo.lock
index 048dcdd5..bbd75b91 100644
--- a/node/Cargo.lock
+++ b/node/Cargo.lock
@@ -52,6 +52,18 @@ dependencies = [
  "subtle",
 ]
 
+[[package]]
+name = "ahash"
+version = "0.8.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "91429305e9f0a25f6205c5b8e0d2db09e0708a7a6df0f42212bb56c32c8ac97a"
+dependencies = [
+ "cfg-if",
+ "once_cell",
+ "version_check",
+ "zerocopy",
+]
+
 [[package]]
 name = "aho-corasick"
 version = "1.0.4"
@@ -61,6 +73,12 @@ dependencies = [
  "memchr",
 ]
 
+[[package]]
+name = "anes"
+version = "0.1.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4b46cbb362ab8752921c97e041f5e366ee6297bd428a31275b9fcf1e380f7299"
+
 [[package]]
 name = "anstream"
 version = "0.3.2"
@@ -116,6 +134,123 @@ version = "1.0.75"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a4668cab20f66d8d020e1fbc0ebe47217433c1b6c8f2040faf858554e394ace6"
 
+[[package]]
+name = "ark-bn254"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a22f4561524cd949590d78d7d4c5df8f592430d221f7f3c9497bbafd8972120f"
+dependencies = [
+ "ark-ec",
+ "ark-ff",
+ "ark-std",
+]
+
+[[package]]
+name = "ark-ec"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "defd9a439d56ac24968cca0571f598a61bc8c55f71d50a89cda591cb750670ba"
+dependencies = [
+ "ark-ff",
+ "ark-poly",
+ "ark-serialize",
+ "ark-std",
+ "derivative",
+ "hashbrown 0.13.2",
+ "itertools",
+ "num-traits",
+ "zeroize",
+]
+
+[[package]]
+name = "ark-ff"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ec847af850f44ad29048935519032c33da8aa03340876d351dfab5660d2966ba"
+dependencies = [
+ "ark-ff-asm",
+ "ark-ff-macros",
+ "ark-serialize",
+ "ark-std",
+ "derivative",
+ "digest",
+ "itertools",
+ "num-bigint",
+ "num-traits",
+ "paste",
+ "rustc_version",
+ "zeroize",
+]
+
+[[package]]
+name = "ark-ff-asm"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3ed4aa4fe255d0bc6d79373f7e31d2ea147bcf486cba1be5ba7ea85abdb92348"
+dependencies = [
+ "quote",
+ "syn 1.0.109",
+]
+
+[[package]]
+name = "ark-ff-macros"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7abe79b0e4288889c4574159ab790824d0033b9fdcb2a112a3182fac2e514565"
+dependencies = [
+ "num-bigint",
+ "num-traits",
+ "proc-macro2",
+ "quote",
+ "syn 1.0.109",
+]
+
+[[package]]
+name = "ark-poly"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d320bfc44ee185d899ccbadfa8bc31aab923ce1558716e1997a1e74057fe86bf"
+dependencies = [
+ "ark-ff",
+ "ark-serialize",
+ "ark-std",
+ "derivative",
+ "hashbrown 0.13.2",
+]
+
+[[package]]
+name = "ark-serialize"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "adb7b85a02b83d2f22f89bd5cac66c9c89474240cb6207cb1efc16d098e822a5"
+dependencies = [
+ "ark-serialize-derive",
+ "ark-std",
+ "digest",
+ "num-bigint",
+]
+
+[[package]]
+name = "ark-serialize-derive"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ae3281bc6d0fd7e549af32b52511e1302185bd688fd3359fa36423346ff682ea"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 1.0.109",
+]
+
+[[package]]
+name = "ark-std"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "94893f1e0c6eeab764ade8dc4c0db24caf4fe7cbbaafc0eba0a9030f447b5185"
+dependencies = [
+ "num-traits",
+ "rand",
+]
+
 [[package]]
 name = "assert_matches"
 version = "1.5.0"
@@ -130,7 +265,7 @@ checksum = "bc00ceb34980c03614e35a3a4e218276a0a824e911d07651cd0d858a51e8c0f0"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -184,7 +319,7 @@ dependencies = [
  "regex",
  "rustc-hash",
  "shlex",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -244,6 +379,12 @@ dependencies = [
  "zeroize",
 ]
 
+[[package]]
+name = "bumpalo"
+version = "3.14.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7f30e7476521f6f8af1a1c4c0b8cc94f0bee37d91763d0ca2665f299b6cd8aec"
+
 [[package]]
 name = "byteorder"
 version = "1.4.3"
@@ -267,6 +408,12 @@ dependencies = [
  "pkg-config",
 ]
 
+[[package]]
+name = "cast"
+version = "0.3.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "37b2a672a2cb129a2e41c10b1224bb368f9f37a2b16b612598138befd7b37eb5"
+
 [[package]]
 name = "cc"
 version = "1.0.82"
@@ -317,6 +464,33 @@ dependencies = [
  "zeroize",
 ]
 
+[[package]]
+name = "ciborium"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "effd91f6c78e5a4ace8a5d3c0b6bfaec9e2baaef55f3efc00e45fb2e477ee926"
+dependencies = [
+ "ciborium-io",
+ "ciborium-ll",
+ "serde",
+]
+
+[[package]]
+name = "ciborium-io"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "cdf919175532b369853f5d5e20b26b43112613fd6fe7aee757e35f7a44642656"
+
+[[package]]
+name = "ciborium-ll"
+version = "0.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "defaa24ecc093c77630e6c15e17c51f5e187bf35ee514f4e2d67baaa96dae22b"
+dependencies = [
+ "ciborium-io",
+ "half",
+]
+
 [[package]]
 name = "cipher"
 version = "0.3.0"
@@ -369,7 +543,7 @@ dependencies = [
  "heck",
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -436,17 +610,92 @@ dependencies = [
  "libc",
 ]
 
+[[package]]
+name = "criterion"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f2b12d017a929603d80db1831cd3a24082f8137ce19c69e6447f54f5fc8d692f"
+dependencies = [
+ "anes",
+ "cast",
+ "ciborium",
+ "clap",
+ "criterion-plot",
+ "is-terminal",
+ "itertools",
+ "num-traits",
+ "once_cell",
+ "oorandom",
+ "plotters",
+ "rayon",
+ "regex",
+ "serde",
+ "serde_derive",
+ "serde_json",
+ "tinytemplate",
+ "walkdir",
+]
+
+[[package]]
+name = "criterion-plot"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "6b50826342786a51a89e2da3a28f1c32b06e387201bc2d19791f622c673706b1"
+dependencies = [
+ "cast",
+ "itertools",
+]
+
+[[package]]
+name = "crossbeam-deque"
+version = "0.8.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ce6fd6f855243022dcecf8702fef0c297d4338e226845fe067f6341ad9fa0cef"
+dependencies = [
+ "cfg-if",
+ "crossbeam-epoch",
+ "crossbeam-utils",
+]
+
+[[package]]
+name = "crossbeam-epoch"
+version = "0.9.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ae211234986c545741a7dc064309f67ee1e5ad243d0e48335adc0484d960bcc7"
+dependencies = [
+ "autocfg",
+ "cfg-if",
+ "crossbeam-utils",
+ "memoffset",
+ "scopeguard",
+]
+
+[[package]]
+name = "crossbeam-utils"
+version = "0.8.16"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5a22b2d63d4d1dc0b7f1b6b2747dd0088008a9be28b6ddf0b1e7d335e3037294"
+dependencies = [
+ "cfg-if",
+]
+
 [[package]]
 name = "crypto"
 version = "0.1.0"
 dependencies = [
  "anyhow",
+ "ark-bn254",
+ "ark-ec",
+ "ark-serialize",
  "blst",
+ "criterion",
  "ed25519-dalek",
  "hex",
+ "num-traits",
  "rand",
  "sha2",
  "thiserror",
+ "tracing",
 ]
 
 [[package]]
@@ -493,7 +742,7 @@ checksum = "83fdaf97f4804dcebfa5862639bc9ce4121e82140bec2a987ac5140294865b5b"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -512,6 +761,17 @@ version = "0.3.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7684a49fb1af197853ef7b2ee694bc1f5b4179556f1e5710e1760c5db6f5e929"
 
+[[package]]
+name = "derivative"
+version = "2.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "fcc3dd5e9e9c0b295d6e1e4d811fb6f157d5ffd784b8d202fc62eac8035a770b"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 1.0.109",
+]
+
 [[package]]
 name = "diff"
 version = "0.1.13"
@@ -696,7 +956,7 @@ checksum = "89ca545a94061b6365f2c7355b4b32bd20df3ff95f02da9329b34ccc3bd6ee72"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -772,12 +1032,27 @@ version = "0.3.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b"
 
+[[package]]
+name = "half"
+version = "1.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "eabb4a44450da02c90444cf74558da904edde8fb4e9035a9a6a4e15445af0bd7"
+
 [[package]]
 name = "hashbrown"
 version = "0.12.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888"
 
+[[package]]
+name = "hashbrown"
+version = "0.13.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "43a3c133739dddd0d2990f9a4bdf8eb4b21ef50e4851ca85ab661199821d510e"
+dependencies = [
+ "ahash",
+]
+
 [[package]]
 name = "heck"
 version = "0.4.1"
@@ -874,7 +1149,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99"
 dependencies = [
  "autocfg",
- "hashbrown",
+ "hashbrown 0.12.3",
 ]
 
 [[package]]
@@ -912,6 +1187,15 @@ dependencies = [
  "libc",
 ]
 
+[[package]]
+name = "js-sys"
+version = "0.3.64"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c5f195fe497f702db0f318b07fdd68edb16955aed830df8363d837542f8f935a"
+dependencies = [
+ "wasm-bindgen",
+]
+
 [[package]]
 name = "lazy_static"
 version = "1.4.0"
@@ -984,7 +1268,7 @@ checksum = "bc28438cad73dcc90ff3466fc329a9252b1b8ba668eb0d5668ba97088cf4eef0"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -1034,6 +1318,15 @@ version = "2.5.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d"
 
+[[package]]
+name = "memoffset"
+version = "0.9.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5a634b1c61a95585bd15607c6ab0c4e5b226e695ff2800ba0cdccddf208c406c"
+dependencies = [
+ "autocfg",
+]
+
 [[package]]
 name = "minimal-lexical"
 version = "0.2.1"
@@ -1111,11 +1404,32 @@ dependencies = [
  "winapi",
 ]
 
+[[package]]
+name = "num-bigint"
+version = "0.4.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "608e7659b5c3d7cba262d894801b9ec9d00de989e8a82bd4bef91d08da45cdc0"
+dependencies = [
+ "autocfg",
+ "num-integer",
+ "num-traits",
+]
+
+[[package]]
+name = "num-integer"
+version = "0.1.45"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "225d3389fb3509a24c93f5c29eb6bde2586b98d9f016636dff58d7c6f7569cd9"
+dependencies = [
+ "autocfg",
+ "num-traits",
+]
+
 [[package]]
 name = "num-traits"
-version = "0.2.16"
+version = "0.2.17"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f30b0abd723be7e2ffca1272140fac1a2f084c77ec3e123c192b66af1ee9e6c2"
+checksum = "39e3200413f237f41ab11ad6d161bc7239c84dcb631773ccd7de3dfe4b5c267c"
 dependencies = [
  "autocfg",
 ]
@@ -1145,6 +1459,12 @@ version = "1.18.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d"
 
+[[package]]
+name = "oorandom"
+version = "11.1.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0ab1bc2a289d34bd04a330323ac98a1b4bc82c9d9fcb1e66b63caa84da26b575"
+
 [[package]]
 name = "opaque-debug"
 version = "0.3.0"
@@ -1189,6 +1509,12 @@ dependencies = [
  "windows-targets",
 ]
 
+[[package]]
+name = "paste"
+version = "1.0.14"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "de3145af08024dea9fa9914f381a17b8fc6034dfb00f3a84013f7ff43f29ed4c"
+
 [[package]]
 name = "peeking_take_while"
 version = "0.1.2"
@@ -1222,7 +1548,7 @@ checksum = "4359fd9c9171ec6e8c62926d6faaf553a8dc3f64e1507e76da7911b4f6a04405"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -1259,6 +1585,34 @@ version = "3.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e3d7ddaed09e0eb771a79ab0fd64609ba0afb0a8366421957936ad14cbd13630"
 
+[[package]]
+name = "plotters"
+version = "0.3.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d2c224ba00d7cadd4d5c660deaf2098e5e80e07846537c51f9cfa4be50c1fd45"
+dependencies = [
+ "num-traits",
+ "plotters-backend",
+ "plotters-svg",
+ "wasm-bindgen",
+ "web-sys",
+]
+
+[[package]]
+name = "plotters-backend"
+version = "0.3.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9e76628b4d3a7581389a35d5b6e2139607ad7c75b17aed325f210aa91f4a9609"
+
+[[package]]
+name = "plotters-svg"
+version = "0.3.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "38f6d39893cca0701371e3c27294f09797214b86f1fb951b89ade8ec04e2abab"
+dependencies = [
+ "plotters-backend",
+]
+
 [[package]]
 name = "poly1305"
 version = "0.7.2"
@@ -1315,7 +1669,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "6c64d9ba0963cdcea2e1b2230fbae2bab30eb25a174be395c41e764bfb65dd62"
 dependencies = [
  "proc-macro2",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -1347,7 +1701,7 @@ checksum = "440f724eba9f6996b75d63681b0a92b06947f1457076d503a4d2e2c8f56442b8"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -1428,7 +1782,7 @@ checksum = "7718375aa8f966df66e583b608a305a45bc87eeb1ffd5db87fae673bea17a7e4"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -1547,6 +1901,26 @@ dependencies = [
  "rand_core",
 ]
 
+[[package]]
+name = "rayon"
+version = "1.8.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9c27db03db7734835b3f53954b534c91069375ce6ccaa2e065441e07d9b6cdb1"
+dependencies = [
+ "either",
+ "rayon-core",
+]
+
+[[package]]
+name = "rayon-core"
+version = "1.12.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5ce3fb6ad83f861aac485e76e1985cd109d9a3713802152be56c3b1f0e0658ed"
+dependencies = [
+ "crossbeam-deque",
+ "crossbeam-utils",
+]
+
 [[package]]
 name = "redox_syscall"
 version = "0.3.5"
@@ -1666,6 +2040,15 @@ version = "1.0.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1ad4cc8da4ef723ed60bced201181d83791ad433213d8c24efffda1eec85d741"
 
+[[package]]
+name = "same-file"
+version = "1.0.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "93fc1dc3aaa9bfed95e02e6eadabb4baf7e3078b0bd1b4d7b6b0b68378900502"
+dependencies = [
+ "winapi-util",
+]
+
 [[package]]
 name = "schema"
 version = "0.1.0"
@@ -1684,7 +2067,7 @@ dependencies = [
  "rand",
  "serde",
  "serde_json",
- "syn 2.0.29",
+ "syn 2.0.32",
  "tokio",
 ]
 
@@ -1727,7 +2110,7 @@ checksum = "aafe972d60b0b9bee71a91b92fee2d4fb3c9d7e8f6b179aa99f27203d99a4816"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -1903,9 +2286,9 @@ dependencies = [
 
 [[package]]
 name = "syn"
-version = "2.0.29"
+version = "2.0.32"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c324c494eba9d92503e6f1ef2e6df781e78f6a7705a0202d9801b198807d518a"
+checksum = "239814284fd6f1a4ffe4ca893952cdd93c224b6a1571c9a9eadd670295c0c9e2"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -1961,7 +2344,7 @@ checksum = "b4dc4744280091c8760f456b14c5598f5f7afe96851b4da30fe0933725dae0d3"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -1981,7 +2364,7 @@ checksum = "6bb623b56e39ab7dcd4b1b98bb6c8f8d907ed255b18de254088016b27a8ee19b"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -2020,6 +2403,16 @@ version = "0.1.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb"
 
+[[package]]
+name = "tinytemplate"
+version = "1.2.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "be4d6b5f19ff7664e8c98d03e2139cb510db9b0a60b55f8e8709b689d939b6bc"
+dependencies = [
+ "serde",
+ "serde_json",
+]
+
 [[package]]
 name = "tokio"
 version = "1.32.0"
@@ -2047,7 +2440,7 @@ checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -2097,7 +2490,7 @@ checksum = "5f4f31f56159e98206da9efd823404b79b6ef3143b4a7ab76e67b1751b25a4ab"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
@@ -2230,7 +2623,17 @@ source = "git+https://github.com/matter-labs/vise.git?rev=dd05139b76ab0843443ab3
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
+]
+
+[[package]]
+name = "walkdir"
+version = "2.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d71d857dc86794ca4c280d616f7da00d2dbfd8cd788846559a6813e6aa4b54ee"
+dependencies = [
+ "same-file",
+ "winapi-util",
 ]
 
 [[package]]
@@ -2248,6 +2651,70 @@ version = "0.11.0+wasi-snapshot-preview1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
 
+[[package]]
+name = "wasm-bindgen"
+version = "0.2.87"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7706a72ab36d8cb1f80ffbf0e071533974a60d0a308d01a5d0375bf60499a342"
+dependencies = [
+ "cfg-if",
+ "wasm-bindgen-macro",
+]
+
+[[package]]
+name = "wasm-bindgen-backend"
+version = "0.2.87"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5ef2b6d3c510e9625e5fe6f509ab07d66a760f0885d858736483c32ed7809abd"
+dependencies = [
+ "bumpalo",
+ "log",
+ "once_cell",
+ "proc-macro2",
+ "quote",
+ "syn 2.0.32",
+ "wasm-bindgen-shared",
+]
+
+[[package]]
+name = "wasm-bindgen-macro"
+version = "0.2.87"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "dee495e55982a3bd48105a7b947fd2a9b4a8ae3010041b9e0faab3f9cd028f1d"
+dependencies = [
+ "quote",
+ "wasm-bindgen-macro-support",
+]
+
+[[package]]
+name = "wasm-bindgen-macro-support"
+version = "0.2.87"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "54681b18a46765f095758388f2d0cf16eb8d4169b639ab575a8f5693af210c7b"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.32",
+ "wasm-bindgen-backend",
+ "wasm-bindgen-shared",
+]
+
+[[package]]
+name = "wasm-bindgen-shared"
+version = "0.2.87"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ca6ad05a4870b2bf5fe995117d3728437bd27d7cd5f06f13c17443ef369775a1"
+
+[[package]]
+name = "web-sys"
+version = "0.3.64"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9b85cbef8c220a6abc02aefd892dfc0fc23afb1c6a426316ec33253a3877249b"
+dependencies = [
+ "js-sys",
+ "wasm-bindgen",
+]
+
 [[package]]
 name = "which"
 version = "4.4.0"
@@ -2275,6 +2742,15 @@ version = "0.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ac3b87c63620426dd9b991e5ce0329eff545bccbbb34f3be09ff6fb6ab51b7b6"
 
+[[package]]
+name = "winapi-util"
+version = "0.1.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f29e6f9198ba0d26b4c9f07dbe6f9ed633e1f3d5b8b414090084349e46a52596"
+dependencies = [
+ "winapi",
+]
+
 [[package]]
 name = "winapi-x86_64-pc-windows-gnu"
 version = "0.4.0"
@@ -2353,6 +2829,26 @@ version = "0.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "09041cd90cf85f7f8b2df60c646f853b7f535ce68f85244eb6731cf89fa498ec"
 
+[[package]]
+name = "zerocopy"
+version = "0.7.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "81ba595b9f2772fbee2312de30eeb80ec773b4cb2f1e8098db024afadda6c06f"
+dependencies = [
+ "zerocopy-derive",
+]
+
+[[package]]
+name = "zerocopy-derive"
+version = "0.7.15"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "772666c41fb6dceaf520b564b962d738a8e1a83b41bd48945f50837aed78bb1d"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.32",
+]
+
 [[package]]
 name = "zeroize"
 version = "1.6.0"
@@ -2370,7 +2866,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69"
 dependencies = [
  "proc-macro2",
  "quote",
- "syn 2.0.29",
+ "syn 2.0.32",
 ]
 
 [[package]]
diff --git a/node/Cargo.toml b/node/Cargo.toml
index d560d722..b22a7fb6 100644
--- a/node/Cargo.toml
+++ b/node/Cargo.toml
@@ -26,17 +26,21 @@ assert_matches = "1.5.0"
 async-trait = "0.1.71"
 bit-vec = "0.6"
 blst = "0.3.10"
+ark-bn254 = "0.4.0"
+ark-ec = "0.4.2"
+ark-serialize = { version = "0.4.2", features = ["std"] }
+num-traits = "0.2.17"
 clap = { version = "4.3.3", features = ["derive"] }
 ed25519-dalek = { version = "2.0.0", features = ["serde", "rand_core"] }
 futures = "0.3.28"
 hex = "0.4.3"
-hyper = { version = "0.14.27", features = ["http1", "http2","server","tcp"] }
+hyper = { version = "0.14.27", features = ["http1", "http2", "server", "tcp"] }
 im = "15.1.0"
 once_cell = "1.17.1"
 pin-project = "1.1.0"
 prost = "0.11.0"
 prost-build = "0.11.0"
-prost-reflect = { version = "0.11.0", features = ["derive","serde"] }
+prost-reflect = { version = "0.11.0", features = ["derive", "serde"] }
 prost-reflect-build = "0.11.0"
 protoc-bin-vendored = "3.0.0"
 prettyplease = "0.2.6"
@@ -76,6 +80,9 @@ panic = 'abort'
 [profile.release]
 panic = 'abort'
 
+[profile.dev.package.crypto]
+opt-level = 3
+
 # Compile all the external dependencies with optimizations, because
 # some of them (especially the cryptographic primitives) are extremely
 # slow when compiled without optimizations, and make the tests run slow.
diff --git a/node/actors/consensus/src/leader/replica_commit.rs b/node/actors/consensus/src/leader/replica_commit.rs
index 870da2b5..dd676f8c 100644
--- a/node/actors/consensus/src/leader/replica_commit.rs
+++ b/node/actors/consensus/src/leader/replica_commit.rs
@@ -41,7 +41,7 @@ pub(crate) enum Error {
     },
     /// Invalid message signature.
     #[error("invalid signature: {0:#}")]
-    InvalidSignature(#[source] crypto::bls12_381::Error),
+    InvalidSignature(#[source] validator::Error),
 }
 
 impl StateMachine {
diff --git a/node/actors/consensus/src/leader/replica_prepare.rs b/node/actors/consensus/src/leader/replica_prepare.rs
index 67519427..275f31f8 100644
--- a/node/actors/consensus/src/leader/replica_prepare.rs
+++ b/node/actors/consensus/src/leader/replica_prepare.rs
@@ -50,7 +50,7 @@ pub(crate) enum Error {
     },
     /// Invalid message signature.
     #[error("invalid signature: {0:#}")]
-    InvalidSignature(#[source] crypto::bls12_381::Error),
+    InvalidSignature(#[source] validator::Error),
     /// Invalid `HighQC` message.
     #[error("invalid high QC: {0:#}")]
     InvalidHighQC(#[source] anyhow::Error),
diff --git a/node/actors/consensus/src/replica/leader_commit.rs b/node/actors/consensus/src/replica/leader_commit.rs
index bc73a82b..f5bcd1da 100644
--- a/node/actors/consensus/src/replica/leader_commit.rs
+++ b/node/actors/consensus/src/replica/leader_commit.rs
@@ -28,7 +28,7 @@ pub(crate) enum Error {
     },
     /// Invalid message signature.
     #[error("invalid signature: {0:#}")]
-    InvalidSignature(#[source] crypto::bls12_381::Error),
+    InvalidSignature(#[source] validator::Error),
     /// Invalid justification for the message.
     #[error("invalid justification: {0:#}")]
     InvalidJustification(#[source] anyhow::Error),
diff --git a/node/actors/consensus/src/replica/leader_prepare.rs b/node/actors/consensus/src/replica/leader_prepare.rs
index ec2c3b8e..74501136 100644
--- a/node/actors/consensus/src/replica/leader_prepare.rs
+++ b/node/actors/consensus/src/replica/leader_prepare.rs
@@ -32,7 +32,7 @@ pub(crate) enum Error {
     },
     /// Invalid message signature.
     #[error("invalid signature: {0:#}")]
-    InvalidSignature(#[source] crypto::bls12_381::Error),
+    InvalidSignature(#[source] validator::Error),
     /// Invalid `PrepareQC` message.
     #[error("invalid PrepareQC: {0:#}")]
     InvalidPrepareQC(#[source] anyhow::Error),
diff --git a/node/actors/consensus/src/replica/tests.rs b/node/actors/consensus/src/replica/tests.rs
index 775929e8..09fd17b7 100644
--- a/node/actors/consensus/src/replica/tests.rs
+++ b/node/actors/consensus/src/replica/tests.rs
@@ -6,6 +6,7 @@ use roles::validator::{self, ViewNumber};
 
 #[tokio::test]
 async fn start_new_view_not_leader() {
+    concurrency::testonly::abort_on_panic();
     let ctx = &ctx::test_root(&ctx::ManualClock::new());
     let rng = &mut ctx.rng();
 
diff --git a/node/actors/consensus/src/tests.rs b/node/actors/consensus/src/tests.rs
index eead7bca..41723316 100644
--- a/node/actors/consensus/src/tests.rs
+++ b/node/actors/consensus/src/tests.rs
@@ -6,7 +6,7 @@ use concurrency::ctx;
 
 async fn run_test(behavior: Behavior, network: Network) {
     concurrency::testonly::abort_on_panic();
-    let ctx = &ctx::test_root(&ctx::AffineClock::new(4.));
+    let ctx = &ctx::test_root(&ctx::AffineClock::new(1.));
 
     const NODES: usize = 11;
     let mut nodes = vec![behavior; NODES];
diff --git a/node/actors/network/src/consensus/handshake/mod.rs b/node/actors/network/src/consensus/handshake/mod.rs
index df12c477..5d6d309f 100644
--- a/node/actors/network/src/consensus/handshake/mod.rs
+++ b/node/actors/network/src/consensus/handshake/mod.rs
@@ -1,7 +1,7 @@
 use crate::{frame, noise};
 use anyhow::Context as _;
 use concurrency::{ctx, time};
-use crypto::{bls12_381, ByteFmt};
+use crypto::ByteFmt;
 use roles::{node, validator};
 use schema::{proto::network::consensus as proto, read_required, ProtoFmt};
 
@@ -43,7 +43,7 @@ pub(super) enum Error {
     #[error("unexpected peer")]
     PeerMismatch,
     #[error("validator signature {0}")]
-    Signature(#[from] bls12_381::Error),
+    Signature(#[from] validator::Error),
     #[error("stream {0}")]
     Stream(#[source] anyhow::Error),
 }
diff --git a/node/deny.toml b/node/deny.toml
index dd10be9e..6fdd9bb5 100644
--- a/node/deny.toml
+++ b/node/deny.toml
@@ -60,6 +60,7 @@ skip = [
 
     # Old versions required by hyper.
     { name = "socket2", version = "=0.4.9" },
+    { name = "hashbrown", version = "=0.12.3" }, # (hyper -> h2 -> indexmap -> hashbrown)
 ]
 
 [sources]
diff --git a/node/libs/crypto/Cargo.toml b/node/libs/crypto/Cargo.toml
index 93d7ec24..4b8f96f3 100644
--- a/node/libs/crypto/Cargo.toml
+++ b/node/libs/crypto/Cargo.toml
@@ -9,8 +9,20 @@ license.workspace = true
 [dependencies]
 anyhow.workspace = true
 blst.workspace = true
+ark-bn254.workspace = true
+ark-ec.workspace = true
+ark-serialize.workspace = true
+num-traits.workspace = true
 ed25519-dalek.workspace = true
 hex.workspace = true
 rand.workspace = true
 sha2.workspace = true
 thiserror.workspace = true
+tracing.workspace = true
+
+[dev-dependencies]
+criterion = "0.5.1"
+
+[[bench]]
+name = "bench"
+harness = false
diff --git a/node/libs/crypto/benches/bench.rs b/node/libs/crypto/benches/bench.rs
new file mode 100644
index 00000000..99d6c477
--- /dev/null
+++ b/node/libs/crypto/benches/bench.rs
@@ -0,0 +1,48 @@
+#![allow(clippy::missing_docs_in_private_items)]
+#![allow(missing_docs)]
+
+extern crate crypto;
+
+use criterion::{criterion_group, criterion_main, Criterion};
+use rand::Rng;
+use std::iter::repeat_with;
+
+fn bench_bn254(c: &mut Criterion) {
+    use crypto::bn254::{AggregateSignature, PublicKey, SecretKey, Signature};
+    let mut rng = rand::thread_rng();
+    let mut group = c.benchmark_group("bn254");
+    group.bench_function("100 sig aggregation", |b| {
+        b.iter(|| {
+            let sks: Vec<SecretKey> = repeat_with(|| rng.gen::<SecretKey>()).take(100).collect();
+            let pks: Vec<PublicKey> = sks.iter().map(|k| k.public()).collect();
+            let msg = rng.gen::<[u8; 32]>();
+            let sigs: Vec<Signature> = sks.iter().map(|k| k.sign(&msg)).collect();
+            let agg = AggregateSignature::aggregate(&sigs);
+            agg.verify(pks.iter().map(|pk| (&msg[..], pk))).unwrap()
+        });
+    });
+
+    group.finish();
+}
+
+#[allow(missing_docs)]
+fn bench_bls12_381(c: &mut Criterion) {
+    use crypto::bls12_381::{AggregateSignature, PublicKey, SecretKey, Signature};
+    let mut rng = rand::thread_rng();
+    let mut group = c.benchmark_group("bls12_381");
+    group.bench_function("100 sig aggregation", |b| {
+        b.iter(|| {
+            let sks: Vec<SecretKey> = repeat_with(|| rng.gen::<SecretKey>()).take(100).collect();
+            let pks: Vec<PublicKey> = sks.iter().map(|k| k.public()).collect();
+            let msg = rng.gen::<[u8; 32]>();
+            let sigs: Vec<Signature> = sks.iter().map(|k| k.sign(&msg)).collect();
+            let agg = AggregateSignature::aggregate(&sigs)?;
+            agg.verify(pks.iter().map(|pk| (&msg[..], pk)))
+        });
+    });
+
+    group.finish();
+}
+
+criterion_group!(benches, bench_bls12_381, bench_bn254);
+criterion_main!(benches);
diff --git a/node/libs/crypto/src/bn254/error.rs b/node/libs/crypto/src/bn254/error.rs
new file mode 100644
index 00000000..985ae8a0
--- /dev/null
+++ b/node/libs/crypto/src/bn254/error.rs
@@ -0,0 +1,9 @@
+/// Error type for generating and interacting with bn254.
+#[derive(Debug, thiserror::Error)]
+#[non_exhaustive]
+pub enum Error {
+    #[error("Signature verification failure")]
+    SignatureVerificationFailure,
+    #[error("Aggregate signature verification failure")]
+    AggregateSignatureVerificationFailure,
+}
diff --git a/node/libs/crypto/src/bn254/hash.rs b/node/libs/crypto/src/bn254/hash.rs
new file mode 100644
index 00000000..dd7a7b62
--- /dev/null
+++ b/node/libs/crypto/src/bn254/hash.rs
@@ -0,0 +1,26 @@
+//! Hash operations.
+
+use ark_bn254::{G1Affine, G1Projective};
+use ark_ec::AffineRepr as _;
+use sha2::Digest as _;
+
+/// Hashes an arbitrary message and maps it to an elliptic curve point in G1.
+pub(crate) fn hash_to_g1(msg: &[u8]) -> G1Projective {
+    for i in 0..256 {
+        // Hash the message with the index as suffix.
+        let bytes: [u8; 32] = sha2::Sha256::new()
+            .chain_update(msg)
+            .chain_update((i as u32).to_be_bytes())
+            .finalize()
+            .into();
+
+        // Try to get a G1 point from the hash. The probability that this works is around 1/8.
+        let p = G1Affine::from_random_bytes(&bytes);
+
+        if let Some(p) = p {
+            return p.into();
+        }
+    }
+    // It should be statistically infeasible to finish the loop without finding a point.
+    unreachable!()
+}
diff --git a/node/libs/crypto/src/bn254/mod.rs b/node/libs/crypto/src/bn254/mod.rs
new file mode 100644
index 00000000..533509e9
--- /dev/null
+++ b/node/libs/crypto/src/bn254/mod.rs
@@ -0,0 +1,215 @@
+//! BLS signature scheme for the BN254 curve.
+//!
+//! Disclaimer: the implementation of the pairing-friendly elliptic curve does not run in constant time,
+//! hence it does not protect the secret key from side-channel attacks.
+
+use crate::ByteFmt;
+use anyhow::Context as _;
+use ark_bn254::{Bn254, Fr, G1Projective as G1, G2Projective as G2};
+use ark_ec::{
+    pairing::{Pairing as _, PairingOutput},
+    Group as _,
+};
+use ark_serialize::{CanonicalDeserialize, CanonicalSerialize};
+pub use error::Error;
+use num_traits::Zero as _;
+use std::collections::HashMap;
+
+#[doc(hidden)]
+pub mod error;
+
+#[cfg(test)]
+mod tests;
+
+pub mod hash;
+mod testonly;
+
+/// Type safety wrapper around a scalar value.
+pub struct SecretKey(Fr);
+
+impl SecretKey {
+    /// Gets the corresponding [`PublicKey`] for this [`SecretKey`]
+    pub fn public(&self) -> PublicKey {
+        let p = G2::generator() * self.0;
+        PublicKey(p)
+    }
+
+    /// Produces a signature using this [`SecretKey`]
+    pub fn sign(&self, msg: &[u8]) -> Signature {
+        let hash_point = hash::hash_to_g1(msg);
+        let sig = hash_point * self.0;
+        Signature(sig)
+    }
+}
+
+impl ByteFmt for SecretKey {
+    fn decode(bytes: &[u8]) -> anyhow::Result<Self> {
+        Fr::deserialize_compressed(bytes)
+            .map(Self)
+            .context("failed to decode secret key")
+    }
+
+    fn encode(&self) -> Vec<u8> {
+        let mut buf = Vec::new();
+        self.0.serialize_compressed(&mut buf).unwrap();
+        buf
+    }
+}
+
+/// Type safety wrapper around G2.
+#[derive(Clone, PartialEq, Eq, Hash)]
+pub struct PublicKey(G2);
+
+impl ByteFmt for PublicKey {
+    fn decode(bytes: &[u8]) -> anyhow::Result<Self> {
+        G2::deserialize_compressed(bytes)
+            .map(Self)
+            .context("failed to decode public key")
+    }
+
+    fn encode(&self) -> Vec<u8> {
+        let mut buf = Vec::new();
+        self.0.serialize_compressed(&mut buf).unwrap();
+        buf
+    }
+}
+
+impl PartialOrd for PublicKey {
+    fn partial_cmp(&self, other: &Self) -> Option<std::cmp::Ordering> {
+        Some(self.cmp(other))
+    }
+}
+
+impl Ord for PublicKey {
+    fn cmp(&self, other: &Self) -> std::cmp::Ordering {
+        ByteFmt::encode(self).cmp(&ByteFmt::encode(other))
+    }
+}
+
+/// Type safety wrapper around a G1 value.
+#[derive(Clone, Debug, PartialEq, Eq)]
+pub struct Signature(G1);
+
+impl Signature {
+    /// Verifies a signature against the provided public key.
+    ///
+    /// This function is intentionally non-generic and disallow inlining to ensure that compilation optimizations can be effectively applied.
+    /// This optimization is needed for ensuring that tests can run within a reasonable time frame.
+    #[inline(never)]
+    pub fn verify(&self, msg: &[u8], pk: &PublicKey) -> Result<(), Error> {
+        let hash_point = hash::hash_to_g1(msg);
+
+        // First pair: e(H(m): G1, pk: G2)
+        let a = Bn254::pairing(hash_point, pk.0);
+        // Second pair: e(sig: G1, generator: G2)
+        let b = Bn254::pairing(self.0, G2::generator());
+
+        if a == b {
+            Ok(())
+        } else {
+            Err(Error::SignatureVerificationFailure)
+        }
+    }
+}
+
+impl ByteFmt for Signature {
+    fn decode(bytes: &[u8]) -> anyhow::Result<Self> {
+        G1::deserialize_compressed(bytes)
+            .map(Self)
+            .context("failed to decode signature")
+    }
+    fn encode(&self) -> Vec<u8> {
+        let mut buf = Vec::new();
+        self.0.serialize_compressed(&mut buf).unwrap();
+        buf
+    }
+}
+
+impl PartialOrd for Signature {
+    fn partial_cmp(&self, other: &Self) -> Option<std::cmp::Ordering> {
+        Some(self.cmp(other))
+    }
+}
+
+impl Ord for Signature {
+    fn cmp(&self, other: &Self) -> std::cmp::Ordering {
+        ByteFmt::encode(self).cmp(&ByteFmt::encode(other))
+    }
+}
+/// Type safety wrapper around [Signature] indicating that it is an aggregated signature.
+#[derive(Clone, Debug, PartialEq, Eq)]
+pub struct AggregateSignature(G1);
+
+impl AggregateSignature {
+    /// Generates an aggregate signature from a list of signatures.
+    pub fn aggregate<'a>(sigs: impl IntoIterator<Item = &'a Signature>) -> Self {
+        let mut agg = G1::zero();
+        for sig in sigs {
+            agg += sig.0
+        }
+
+        AggregateSignature(agg)
+    }
+
+    /// This function is intentionally non-generic and disallow inlining to ensure that compilation optimizations can be effectively applied.
+    /// This optimization is needed for ensuring that tests can run within a reasonable time frame.
+    #[inline(never)]
+    fn verify_raw(&self, msgs_and_pks: &[(&[u8], &PublicKey)]) -> Result<(), Error> {
+        // Aggregate public keys if they are signing the same hash. Each public key aggregated
+        // is one fewer pairing to calculate.
+        let mut pairs: HashMap<&[u8], G2> = HashMap::new();
+        for (msg, pk) in msgs_and_pks {
+            *pairs.entry(msg).or_default() += pk.0;
+        }
+        // First pair: e(sig: G1, generator: G2)
+        let a = Bn254::pairing(self.0, G2::generator());
+
+        // Second pair: e(H(m1): G1, pk1: G2) * ... * e(H(m1000): G1, pk1000: G2)
+        let mut b = PairingOutput::zero();
+        for (msg, pk) in pairs {
+            b += Bn254::pairing(hash::hash_to_g1(msg), pk);
+        }
+
+        if a == b {
+            Ok(())
+        } else {
+            Err(Error::AggregateSignatureVerificationFailure)
+        }
+    }
+
+    /// Verifies an aggregated signature for multiple messages against the provided list of public keys.
+    /// This method expects one public key per message, otherwise it will fail. Note however that
+    /// If there are any duplicate messages, the public keys will be aggregated before verification.
+    pub fn verify<'a>(
+        &self,
+        msgs_and_pks: impl Iterator<Item = (&'a [u8], &'a PublicKey)>,
+    ) -> Result<(), Error> {
+        self.verify_raw(&msgs_and_pks.collect::<Vec<_>>()[..])
+    }
+}
+
+impl ByteFmt for AggregateSignature {
+    fn decode(bytes: &[u8]) -> anyhow::Result<Self> {
+        G1::deserialize_compressed(bytes)
+            .map(Self)
+            .context("failed to decode aggregate signature")
+    }
+
+    fn encode(&self) -> Vec<u8> {
+        let mut buf = Vec::new();
+        self.0.serialize_compressed(&mut buf).unwrap();
+        buf
+    }
+}
+
+impl PartialOrd for AggregateSignature {
+    fn partial_cmp(&self, other: &Self) -> Option<std::cmp::Ordering> {
+        Some(self.cmp(other))
+    }
+}
+
+impl Ord for AggregateSignature {
+    fn cmp(&self, other: &Self) -> std::cmp::Ordering {
+        ByteFmt::encode(self).cmp(&ByteFmt::encode(other))
+    }
+}
diff --git a/node/libs/crypto/src/bn254/testonly.rs b/node/libs/crypto/src/bn254/testonly.rs
new file mode 100644
index 00000000..a4af1c1d
--- /dev/null
+++ b/node/libs/crypto/src/bn254/testonly.rs
@@ -0,0 +1,33 @@
+//! Random key generation, intended for use in testing
+
+use super::{AggregateSignature, PublicKey, SecretKey, Signature};
+use rand::{distributions::Standard, prelude::Distribution, Rng};
+
+/// Generates a random SecretKey. This is meant for testing purposes.
+impl Distribution<SecretKey> for Standard {
+    fn sample<R: Rng + ?Sized>(&self, rng: &mut R) -> SecretKey {
+        let rand = ark_bn254::Fr::new(rng.gen());
+        SecretKey(rand)
+    }
+}
+
+/// Generates a random PublicKey. This is meant for testing purposes.
+impl Distribution<PublicKey> for Standard {
+    fn sample<R: Rng + ?Sized>(&self, rng: &mut R) -> PublicKey {
+        PublicKey(rng.gen())
+    }
+}
+
+/// Generates a random Signature. This is meant for testing purposes.
+impl Distribution<Signature> for Standard {
+    fn sample<R: Rng + ?Sized>(&self, rng: &mut R) -> Signature {
+        Signature(rng.gen())
+    }
+}
+
+/// Generates a random AggregateSignature. This is meant for testing purposes.
+impl Distribution<AggregateSignature> for Standard {
+    fn sample<R: Rng + ?Sized>(&self, rng: &mut R) -> AggregateSignature {
+        AggregateSignature(rng.gen())
+    }
+}
diff --git a/node/libs/crypto/src/bn254/tests.rs b/node/libs/crypto/src/bn254/tests.rs
new file mode 100644
index 00000000..933b914b
--- /dev/null
+++ b/node/libs/crypto/src/bn254/tests.rs
@@ -0,0 +1,89 @@
+use std::iter::repeat_with;
+
+use rand::{rngs::StdRng, Rng, SeedableRng};
+
+use crate::bn254::{AggregateSignature, PublicKey, SecretKey, Signature};
+
+#[test]
+fn signature_smoke() {
+    let mut rng = StdRng::seed_from_u64(29483920);
+    let sk = rng.gen::<SecretKey>();
+    let pk = sk.public();
+
+    let msg = rng.gen::<[u8; 32]>();
+    let sig = sk.sign(&msg);
+
+    sig.verify(&msg, &pk).unwrap()
+}
+
+#[test]
+fn signature_failure_smoke() {
+    let mut rng = StdRng::seed_from_u64(29483920);
+
+    let sk1 = rng.gen::<SecretKey>();
+    let sk2 = rng.gen::<SecretKey>();
+    let pk2 = sk2.public();
+    let msg = rng.gen::<[u8; 32]>();
+    let sig = sk1.sign(&msg);
+
+    assert!(sig.verify(&msg, &pk2).is_err())
+}
+
+#[test]
+fn aggregate_signature_smoke() {
+    let mut rng = StdRng::seed_from_u64(29483920);
+
+    // Use an arbitrary 5 keys for the smoke test
+    let sks: Vec<SecretKey> = repeat_with(|| rng.gen::<SecretKey>()).take(5).collect();
+    let pks: Vec<PublicKey> = sks.iter().map(|k| k.public()).collect();
+    let msg = rng.gen::<[u8; 32]>();
+
+    let sigs: Vec<Signature> = sks.iter().map(|k| k.sign(&msg)).collect();
+    let agg = AggregateSignature::aggregate(&sigs);
+
+    agg.verify(pks.iter().map(|pk| (&msg[..], pk))).unwrap()
+}
+
+#[test]
+fn aggregate_signature_distinct_messages() {
+    let mut rng = StdRng::seed_from_u64(29483920);
+    let num_keys = 5;
+    let num_distinct = 2;
+
+    // Use an arbitrary 5 keys for the smoke test
+    let sks: Vec<SecretKey> = repeat_with(|| rng.gen::<SecretKey>())
+        .take(num_keys)
+        .collect();
+    let pks: Vec<PublicKey> = sks.iter().map(|k| k.public()).collect();
+    // Create 2 distinct messages
+    let msgs: Vec<[u8; 32]> = repeat_with(|| rng.gen()).take(num_distinct).collect();
+
+    let mut sigs: Vec<Signature> = Vec::new();
+    let mut pairs: Vec<(&[u8], &PublicKey)> = Vec::new();
+    for (i, sk) in sks.iter().enumerate() {
+        let msg = &msgs[i % num_distinct];
+        sigs.push(sk.sign(msg));
+        pairs.push((msg, &pks[i]))
+    }
+
+    let agg = AggregateSignature::aggregate(&sigs);
+
+    agg.verify(pairs.into_iter()).unwrap()
+}
+
+#[test]
+fn aggregate_signature_failure_smoke() {
+    let mut rng = StdRng::seed_from_u64(29483920);
+
+    // Use an arbitrary 5 keys for the smoke test
+    let sks: Vec<SecretKey> = repeat_with(|| rng.gen::<SecretKey>()).take(5).collect();
+    let pks: Vec<PublicKey> = sks.iter().map(|k| k.public()).collect();
+    let msg = rng.gen::<[u8; 32]>();
+
+    // Take only three signatures for the aggregate
+    let sigs: Vec<Signature> = sks.iter().take(3).map(|k| k.sign(&msg)).collect();
+
+    let agg = AggregateSignature::aggregate(&sigs);
+
+    assert!(agg.verify(pks.iter().map(|pk| (&msg[..], pk))).is_err())
+}
diff --git a/node/libs/crypto/src/lib.rs b/node/libs/crypto/src/lib.rs
index b777892a..5c22086c 100644
--- a/node/libs/crypto/src/lib.rs
+++ b/node/libs/crypto/src/lib.rs
@@ -1,8 +1,11 @@
 //! Collection of cryptographic primitives used in zksync-bft repository.
 
+pub use fmt::*;
+
+/// Currently replaced by [bn254] and unused.
 pub mod bls12_381;
+
+pub mod bn254;
 pub mod ed25519;
 mod fmt;
 pub mod sha256;
-
-pub use fmt::*;
diff --git a/node/libs/roles/src/validator/conv.rs b/node/libs/roles/src/validator/conv.rs
index 0b65e63d..c96fc2f7 100644
--- a/node/libs/roles/src/validator/conv.rs
+++ b/node/libs/roles/src/validator/conv.rs
@@ -354,12 +354,12 @@ impl ProtoFmt for PublicKey {
     type Proto = proto::PublicKey;
 
     fn read(r: &Self::Proto) -> anyhow::Result<Self> {
-        Ok(Self(ByteFmt::decode(required(&r.bls12381)?)?))
+        Ok(Self(ByteFmt::decode(required(&r.bn254)?)?))
     }
 
     fn build(&self) -> Self::Proto {
         Self::Proto {
-            bls12381: Some(self.0.encode()),
+            bn254: Some(self.0.encode()),
         }
     }
 }
@@ -368,12 +368,12 @@ impl ProtoFmt for Signature {
     type Proto = proto::Signature;
 
     fn read(r: &Self::Proto) -> anyhow::Result<Self> {
-        Ok(Self(ByteFmt::decode(required(&r.bls12381)?)?))
+        Ok(Self(ByteFmt::decode(required(&r.bn254)?)?))
     }
 
     fn build(&self) -> Self::Proto {
         Self::Proto {
-            bls12381: Some(self.0.encode()),
+            bn254: Some(self.0.encode()),
         }
     }
 }
@@ -382,12 +382,12 @@ impl ProtoFmt for AggregateSignature {
     type Proto = proto::AggregateSignature;
 
     fn read(r: &Self::Proto) -> anyhow::Result<Self> {
-        Ok(Self(ByteFmt::decode(required(&r.bls12381)?)?))
+        Ok(Self(ByteFmt::decode(required(&r.bn254)?)?))
     }
 
     fn build(&self) -> Self::Proto {
         Self::Proto {
-            bls12381: Some(self.0.encode()),
+            bn254: Some(self.0.encode()),
         }
     }
 }
diff --git a/node/libs/roles/src/validator/keys/aggregate_signature.rs b/node/libs/roles/src/validator/keys/aggregate_signature.rs
index a6b8743a..7f1d6ee8 100644
--- a/node/libs/roles/src/validator/keys/aggregate_signature.rs
+++ b/node/libs/roles/src/validator/keys/aggregate_signature.rs
@@ -1,20 +1,18 @@
 use super::{Error, PublicKey, Signature};
 use crate::validator::messages::{Msg, MsgHash};
-use crypto::{bls12_381, ByteFmt, Text, TextFmt};
+use crypto::{bn254, ByteFmt, Text, TextFmt};
 use std::fmt;
 use utils::enum_util::Variant;
 
 /// An aggregate signature from a validator.
 #[derive(Clone, PartialEq, Eq, PartialOrd, Ord)]
-pub struct AggregateSignature(pub(crate) bls12_381::AggregateSignature);
+pub struct AggregateSignature(pub(crate) bn254::AggregateSignature);
 
 impl AggregateSignature {
     /// Generate  a new aggregate signature from a list of signatures.
-    pub fn aggregate<'a>(sigs: impl IntoIterator<Item = &'a Signature>) -> anyhow::Result<Self> {
-        Ok(AggregateSignature(
-            bls12_381::AggregateSignature::aggregate(
-                sigs.into_iter().map(|sig| &sig.0).collect::<Vec<_>>(),
-            )?,
+    pub fn aggregate<'a>(sigs: impl IntoIterator<Item = &'a Signature>) -> Self {
+        AggregateSignature(bn254::AggregateSignature::aggregate(
+            sigs.into_iter().map(|sig| &sig.0).collect::<Vec<_>>(),
         ))
     }
 
@@ -55,12 +53,12 @@ impl ByteFmt for AggregateSignature {
 impl TextFmt for AggregateSignature {
     fn encode(&self) -> String {
         format!(
-            "validator:aggregate_signature:bls12_381:{}",
+            "validator:aggregate_signature:bn254:{}",
             hex::encode(ByteFmt::encode(&self.0))
         )
     }
     fn decode(text: Text) -> anyhow::Result<Self> {
-        text.strip("validator:aggregate_signature:bls12_381:")?
+        text.strip("validator:aggregate_signature:bn254:")?
             .decode_hex()
             .map(Self)
     }
diff --git a/node/libs/roles/src/validator/keys/mod.rs b/node/libs/roles/src/validator/keys/mod.rs
index 36b17bff..77e23ff9 100644
--- a/node/libs/roles/src/validator/keys/mod.rs
+++ b/node/libs/roles/src/validator/keys/mod.rs
@@ -11,4 +11,4 @@ pub use secret_key::SecretKey;
 pub use signature::Signature;
 
 /// Error type returned by validator key operations.
-pub type Error = crypto::bls12_381::Error;
+pub type Error = crypto::bn254::Error;
diff --git a/node/libs/roles/src/validator/keys/public_key.rs b/node/libs/roles/src/validator/keys/public_key.rs
index fb668ac1..40f8edfc 100644
--- a/node/libs/roles/src/validator/keys/public_key.rs
+++ b/node/libs/roles/src/validator/keys/public_key.rs
@@ -1,9 +1,9 @@
-use crypto::{bls12_381, ByteFmt, Text, TextFmt};
+use crypto::{bn254, ByteFmt, Text, TextFmt};
 use std::fmt;
 
 /// A public key for a validator.
 #[derive(Clone, PartialEq, Eq, PartialOrd, Ord, Hash)]
-pub struct PublicKey(pub(crate) bls12_381::PublicKey);
+pub struct PublicKey(pub(crate) bn254::PublicKey);
 
 impl ByteFmt for PublicKey {
     fn encode(&self) -> Vec<u8> {
@@ -17,12 +17,12 @@ impl ByteFmt for PublicKey {
 impl TextFmt for PublicKey {
     fn encode(&self) -> String {
         format!(
-            "validator:public:bls12_381:{}",
+            "validator:public:bn254:{}",
             hex::encode(ByteFmt::encode(&self.0))
         )
     }
     fn decode(text: Text) -> anyhow::Result<Self> {
-        text.strip("validator:public:bls12_381:")?
+        text.strip("validator:public:bn254:")?
             .decode_hex()
             .map(Self)
     }
diff --git a/node/libs/roles/src/validator/keys/secret_key.rs b/node/libs/roles/src/validator/keys/secret_key.rs
index db1b8f4b..4029ea23 100644
--- a/node/libs/roles/src/validator/keys/secret_key.rs
+++ b/node/libs/roles/src/validator/keys/secret_key.rs
@@ -1,6 +1,7 @@
 use super::{PublicKey, Signature};
 use crate::validator::messages::{Msg, MsgHash, Signed};
-use crypto::{bls12_381, ByteFmt, Text, TextFmt};
+use crypto::{bn254, ByteFmt, Text, TextFmt};
+use rand::Rng;
 use std::{fmt, sync::Arc};
 use utils::enum_util::Variant;
 
@@ -8,12 +9,12 @@ use utils::enum_util::Variant;
 /// SecretKey is put into an Arc, so that we can clone it,
 /// without copying the secret all over the RAM.
 #[derive(Clone)]
-pub struct SecretKey(pub(crate) Arc<bls12_381::SecretKey>);
+pub struct SecretKey(pub(crate) Arc<bn254::SecretKey>);
 
 impl SecretKey {
     /// Generate a new secret key.
-    pub fn generate(ikm: [u8; 32]) -> Self {
-        Self(Arc::new(bls12_381::SecretKey::generate(ikm)))
+    pub fn generate<R: Rng>(rng: &mut R) -> Self {
+        Self(Arc::new(rng.gen()))
     }
 
     /// Public key corresponding to this secret key.
@@ -50,13 +51,13 @@ impl ByteFmt for SecretKey {
 impl TextFmt for SecretKey {
     fn encode(&self) -> String {
         format!(
-            "validator:secret:bls12_381:{}",
+            "validator:secret:bn254:{}",
             hex::encode(ByteFmt::encode(&*self.0))
         )
     }
 
     fn decode(text: Text) -> anyhow::Result<Self> {
-        text.strip("validator:secret:bls12_381:")?
+        text.strip("validator:secret:bn254:")?
             .decode_hex()
             .map(Arc::new)
             .map(Self)
diff --git a/node/libs/roles/src/validator/keys/signature.rs b/node/libs/roles/src/validator/keys/signature.rs
index 21e0ddf4..d35ec6d6 100644
--- a/node/libs/roles/src/validator/keys/signature.rs
+++ b/node/libs/roles/src/validator/keys/signature.rs
@@ -1,11 +1,11 @@
 use super::{Error, PublicKey};
 use crate::validator::messages::{Msg, MsgHash};
-use crypto::{bls12_381, ByteFmt, Text, TextFmt};
+use crypto::{bn254, ByteFmt, Text, TextFmt};
 use std::fmt;
 
 /// A signature from a validator.
 #[derive(Clone, PartialEq, Eq)]
-pub struct Signature(pub(crate) bls12_381::Signature);
+pub struct Signature(pub(crate) bn254::Signature);
 
 impl Signature {
     /// Verify a message against a public key.
@@ -31,12 +31,12 @@ impl ByteFmt for Signature {
 impl TextFmt for Signature {
     fn encode(&self) -> String {
         format!(
-            "validator:signature:bls12_381:{}",
+            "validator:signature:bn254:{}",
             hex::encode(ByteFmt::encode(&self.0))
         )
     }
     fn decode(text: Text) -> anyhow::Result<Self> {
-        text.strip("validator:signature:bls12_381:")?
+        text.strip("validator:signature:bn254:")?
             .decode_hex()
             .map(Self)
     }
diff --git a/node/libs/roles/src/validator/messages/consensus.rs b/node/libs/roles/src/validator/messages/consensus.rs
index ec55969f..743e12f0 100644
--- a/node/libs/roles/src/validator/messages/consensus.rs
+++ b/node/libs/roles/src/validator/messages/consensus.rs
@@ -199,7 +199,7 @@ impl PrepareQC {
 
         // Aggregate the signatures.
         let signature =
-            validator::AggregateSignature::aggregate(signed_messages.iter().map(|v| &v.sig))?;
+            validator::AggregateSignature::aggregate(signed_messages.iter().map(|v| &v.sig));
 
         Ok(Self { map, signature })
     }
@@ -314,7 +314,7 @@ impl CommitQC {
             .collect();
 
         // Aggregate the signatures.
-        let signature = validator::AggregateSignature::aggregate(msg_map.values().copied())?;
+        let signature = validator::AggregateSignature::aggregate(msg_map.values().copied());
         Ok(Self {
             message,
             signers: Signers(bit_vec),
diff --git a/node/libs/roles/src/validator/messages/msg.rs b/node/libs/roles/src/validator/messages/msg.rs
index c534fd98..ac0e3bf8 100644
--- a/node/libs/roles/src/validator/messages/msg.rs
+++ b/node/libs/roles/src/validator/messages/msg.rs
@@ -1,8 +1,8 @@
 //! Generic message types.
 
 use super::{ConsensusMsg, NetAddress};
-use crate::{node::SessionId, validator};
-use crypto::{bls12_381::Error, sha256, ByteFmt, Text, TextFmt};
+use crate::{node::SessionId, validator, validator::Error};
+use crypto::{sha256, ByteFmt, Text, TextFmt};
 use std::fmt;
 use utils::enum_util::{BadVariantError, Variant};
 
diff --git a/node/libs/roles/src/validator/tests.rs b/node/libs/roles/src/validator/tests.rs
index b1ceb948..9309ea64 100644
--- a/node/libs/roles/src/validator/tests.rs
+++ b/node/libs/roles/src/validator/tests.rs
@@ -113,8 +113,8 @@ fn test_signature_verify() {
     let msg1: MsgHash = rng.gen();
     let msg2: MsgHash = rng.gen();
 
-    let key1 = SecretKey::generate(rng.gen());
-    let key2 = SecretKey::generate(rng.gen());
+    let key1 = SecretKey::generate(rng);
+    let key2 = SecretKey::generate(rng);
 
     let sig1 = key1.sign_hash(&msg1);
 
@@ -136,13 +136,13 @@ fn test_agg_signature_verify() {
     let msg1: MsgHash = rng.gen();
     let msg2: MsgHash = rng.gen();
 
-    let key1 = SecretKey::generate(rng.gen());
-    let key2 = SecretKey::generate(rng.gen());
+    let key1 = SecretKey::generate(rng);
+    let key2 = SecretKey::generate(rng);
 
     let sig1 = key1.sign_hash(&msg1);
     let sig2 = key2.sign_hash(&msg2);
 
-    let agg_sig = AggregateSignature::aggregate(vec![&sig1, &sig2]).unwrap();
+    let agg_sig = AggregateSignature::aggregate(vec![&sig1, &sig2]);
 
     // Matching key and message.
     assert!(agg_sig
diff --git a/node/libs/schema/proto/executor/config.proto b/node/libs/schema/proto/executor/config.proto
index 87baafd0..f273a039 100644
--- a/node/libs/schema/proto/executor/config.proto
+++ b/node/libs/schema/proto/executor/config.proto
@@ -21,8 +21,8 @@
 //   examples: "203.0.113.7:3456", "[2001:DB8::1]:4567"
 //
 // ValidatorPublicKey - public key of the validator (consensus participant) of the form "validator:public:<signature scheme>:<hex encoded key material>"
-//   Currently only bls12_381 signature scheme is supported for validators.
-//   example: "validator:public:bls12_381:ad5dae0f91d5bcdd1a0481a6f719bc7188b25b623c51b1988321fe911596c94d0a3717f028d4d9d226a8afe087d7f2ca"
+//   Currently only bn254 signature scheme is supported for validators.
+//   example: "validator:public:bn254:4b0c4697f0a35eab30f63684ae4611f3c1d631eecfd97237e2345a9b3d0c472dbb16c49b793beceaab0cdd89cda6ff1099bd1aaf1ad6cabde9a15793cc09b407"
 //
 // NodePublicKey - public key of the node (gossip network participant) of the form "node:public:<signature scheme>:<hex encoded key material>"
 //   Currently only ed25519 signature scheme is supported for nodes.
diff --git a/node/libs/schema/proto/roles/validator.proto b/node/libs/schema/proto/roles/validator.proto
index 8d02e1a7..f622b06d 100644
--- a/node/libs/schema/proto/roles/validator.proto
+++ b/node/libs/schema/proto/roles/validator.proto
@@ -147,13 +147,13 @@ message Signed {
 }
 
 message PublicKey {
-  optional bytes bls12381 = 1; // required
+  optional bytes bn254 = 1; // required
 }
 
 message Signature {
-  optional bytes bls12381 = 1; // required
+  optional bytes bn254 = 1; // required
 }
 
 message AggregateSignature {
-  optional bytes bls12381 = 1; // required
+  optional bytes bn254 = 1; // required
 }
diff --git a/node/tools/src/bin/keys.rs b/node/tools/src/bin/keys.rs
index 2355b58b..63d5ec9e 100644
--- a/node/tools/src/bin/keys.rs
+++ b/node/tools/src/bin/keys.rs
@@ -1,12 +1,11 @@
 //! This tool generates a validator key pair and prints it to stdout.
 #![allow(clippy::print_stdout)]
 
-use rand::Rng;
 use roles::validator;
 
 /// This tool generates a validator key pair and prints it to stdout.
 fn main() {
-    let key = validator::SecretKey::generate(rand::rngs::OsRng.gen());
+    let key = validator::SecretKey::generate(&mut rand::rngs::OsRng);
     let encoded_pk = crypto::TextFmt::encode(&key.public());
     let encoded_sk = crypto::TextFmt::encode(&key);
     println!("Generating keypair:");