A locked transaction with one input UTXO will contains up to 2N+1 signatures, and almost every transactions are locked using this service.
Then miners need to verify this? if yes, then how they can do? How miner can know/verfiy a tnx containing correct and enough signatures as the output result of rejection sampling?
1. 2N+1 signatures are of: sender and 2N of ILS nodes.
2. All ILS node PubKeys can be calculated by everyone using the said Rejection Sampling (all data is on-chain).
3. As part of Schnorr Signature protocol, after the first handshake round with each ILS nodes, tx sender has the list of all available ILS nodes. He will create a bit mask (each bit for each ILS node), to mark all nodes with the signature. This bit mask (takes only 2N bit, or N/4 bytes) is included in the TX, and signed by the sender and all ILS nodes.
4. From the TX bit mask, everyone will know which ILS node signatures is aggregated in the Schnorr MultiSig. So they can verify the signature with all their PubKey aggregated.
Every participant need to verify the signature, including miners and SPV, and SSN nodes.