I don’t think I agree with the claim that with the old way of doing signatures through PKI you can’t embed the public key in the signatures. In fact, the PKCS standard says you can: https://tools.ietf.org/html/rfc5652#section-12.1

And therefore I don’t think that blockchain is doing it any better — maybe it did away with standards and uses a simpler structure that fits the usecase precisely, but PKCS is supposed to handle a wider scope of usecases and therefor is a bit more convoluted. But you can do the same thing in both cases.