R(keys) : Ring root generation. GP Appendix G eq (G.3). getringroot(⟦B̃⟧) ∈ B° ⊂ 𝔹_144. Commits to a set of Bandersnatch public keys. Deliberately left abstract — intended to be axiomatically specified or linked via FFI to a concrete cryptographic implementation.
5.4. Bandersnatch Ring VRF
opaque
opaque
Jar.Crypto.bandersnatchRingVerify (root : BandersnatchRingRoot) (context message : ByteArray) (proof : BandersnatchRingVrfProof) (ringSize : UInt32) : BoolJar.Crypto.bandersnatchRingVerify (root : BandersnatchRingRoot) (context message : ByteArray) (proof : BandersnatchRingVrfProof) (ringSize : UInt32) : Bool
V°_r^x⟨m⟩ : Ring VRF proof verification. GP Appendix G eq (G.4). zk-SNARK-enabled anonymous proof of secret knowledge within a set. Deliberately left abstract — intended to be axiomatically specified or linked via FFI to a concrete cryptographic implementation.
opaque
Jar.Crypto.bandersnatchRingSign (secretKey : ByteArray) (root : BandersnatchRingRoot) (context message : ByteArray) (ringSize : UInt32) : BandersnatchRingVrfProofJar.Crypto.bandersnatchRingSign (secretKey : ByteArray) (root : BandersnatchRingRoot) (context message : ByteArray) (ringSize : UInt32) : BandersnatchRingVrfProof
V°_r^x⟨m⟩ : Ring VRF proof generation (requires secret key). Deliberately left abstract — intended to be axiomatically specified or linked via FFI to a concrete cryptographic implementation.
opaque
Y(p) : VRF output extraction from ring proof. GP Appendix G eq (G.5). banderout(p) ∈ ℍ. Same VRF output semantics as regular signatures. Deliberately left abstract — intended to be axiomatically specified or linked via FFI to a concrete cryptographic implementation.