A Tez Capital tool designed by bakers, for bakers
From the beginning, Tezos baking was designed to be open and flexible. Anyone with tez staked and the right setup can participate in helping secure the network. Over time, this led to a clear separation of responsibilities: the Baking Stack and the Signer.
The Baking Stack includes the node, baker daemon, and accuser. Together, they maintain blockchain state, propose blocks, produce attestations, and monitor for invalid behavior. This side has always been flexible, running on everything from Raspberry Pis to cloud VMs to dedicated servers.
The Signer is far more sensitive. It authorizes consensus participation and historically held both admin and consensus keys together, meaning a single device controlled everything. For this reason, signers were isolated and hardened. Individuals relied on Ledger devices, while larger operators used HSMs or cloud KMS solutions.
Recent protocol upgrades now allow bakers to separate admin keys from consensus keys. This keeps the admin key secure while the consensus key can live on dedicated signing hardware, opening the door to new solutions.
This setup worked when signing demands were low. But as Tezos evolved toward faster blocks and universal attestations, hardware signers like Ledger devices hit their limits, setting the stage for the BLS signer era (hello Raspberry Pi’s).
Why BLS Matters
BLS (Boneh–Lynn–Shacham) is a signature scheme already used by Ethereum’s consensus layer, Zcash, and other modern proof-of-stake systems. Its defining feature is signature aggregation, which allows multiple signatures to be combined into one.
Before BLS, each block required hundreds of individual attestation signatures, consuming significant bandwidth with only partial baker participation per block. With tz4 addresses using BLS, all those signatures compress into a single aggregated attestation. This means all bakers can now attest to every block while using less bandwidth.
The network-level benefits are substantial: stronger security guarantees, predictable rewards, lower node load, cleaner protocol logic, and native multisig accounts available exclusively for tz4. The upcoming Tallinn upgrade pushes this further with faster block times.
The protocol evolved. Signer infrastructure had to follow.
The New Signer Landscape
With Ledger no longer viable for tz4 baking, several signing alternatives are emerging. Some come from the core development team and others are community-driven.
Core development options include BLS Signer by Nomadic Labs, which runs on a Raspberry Pi Zero offering a low-cost dedicated hardware option currently in prototype, and Signatory by ECAD Labs, designed for institutional operators with cloud KMS and HSM support.
Community-driven alternatives include TezSign and Russignol. What makes TezSign particularly special is that it was community-funded through the Tezos Ecosystem DAO. This represents a true community effort to offer a new solution. Seeing the Community DAO being actively used in this way is very welcomed.
TezSign, developed by TEZ Capital, is the solution I currently use for my baking operations. Its tight integration with TezBake made installation and immediate use straightforward, and it’s what enabled my migration to BLS.
TezSign Deep Dive
TezSign is not a standalone tool. It is part of a broader operational stack designed by bakers, for bakers. At its core, TezSign handles consensus signing, TezBake orchestrates baking operations, and TezPay manages reward distribution. All components are designed to work together seamlessly.
As mentioned previously, what sets TezSign apart is its community-first approach. The TEZ Capital team provides active technical support through Discord and Telegram, making it probably the most accessible solution for bakers who need hands-on help. This matters especially for small and community bakers like me, who may not have dedicated infrastructure teams. TezBake has become a popular choice among small operators precisely because of this support structure, and TezSign integrates naturally into that workflow.
The design philosophy emphasizes minimal operational overhead, tight CLI integration, open-source transparency. Instead of building a generic signing platform, TEZ Capital focused on what bakers actually need to run stable infrastructure.
As Tezos moves fully into the BLS era, signers are no longer interchangeable accessories. They are core protocol infrastructure where operational correctness matters as much as cryptography. TezSign reflects a maturing baking ecosystem, one that is moving away from consumer hardware shortcuts and toward community supported infrastructure. As a community member, I couldn’t be happier with these initiatives.
TezSign by the Numbers
TezSign is written in Go and actively maintained with 24 releases to date and 64 commits. The project is licensed under SSPL (Server Side Public License), keeping it open and transparent.
On the hardware side, TezSign supports Raspberry Pi Zero 2W, Raspberry Pi 4, and Radxa Zero 3, with entry costs starting under $20 USD. The Raspberry Pi 5 is not recommended at this time.
The architecture is built around air-gapped security: keys live on isolated hardware connected to the host via USB through a custom wire protocol. This design is hardened against power loss corruption, meaning a sudden outage will not compromise your signing environment. TezSign also supports multi-device and multi-baker setups out of the box, with optional auto-unlock on boot for operational flexibility. At roughly 200MB, the image footprint is minimal compared to other solutions.
Where We Go From Here
The shift to BLS and tz4 marks a turning point for Tezos baking.
When Ledger couldn’t adapt, the ecosystem responded with better alternatives. Signers like TezSign emerged, making baking infrastructure more professional and accessible than before.
BLS already improves consensus efficiency through signature aggregation. Looking ahead, Tezos is exploring quantum resistance. According to my early research and speculation, future protocol upgrades could potentially introduce tz5 addresses using ML-DSA-44, a quantum resistant signature method approved by NIST. While tz4 optimizes consensus today, tz5 would aim to protect against tomorrow’s quantum threats.
From aggregated signatures to quantum-proof cryptography, Tezos is building infrastructure designed to last decades (or centuries).
TezSign and the BLS Signer Era was originally published in Tezos Commons on Medium, where people are continuing the conversation by highlighting and responding to this story.