First, thanks for sharing your work.
I’m reading this paper. Under section 5.1 it mentions how VRF handles the Sybils Attack problem.
It mentions that the binomial distribution is indeed a good choice since splitting the total of sub-users of a user won’t give an advantage over a non-split.
In particular it mentions the following equality (1):
B(k1;n1,p) + B(k2;n2,p) = B(k1 + k2;n1 + n2,p)
Which at first seemed a bit odd to me.
As far as I understand the B(a,b,c) notation, it refers to a probability and not a random variable.
If that’s the case I think that the that formula should be:
B(n1,p) + B(n2,p) = B(n1 + n2,p)
In the B(a,b,c) notation would be something like:
B(z;n1 + n2,p) = convolution(B(k1, n1, p), B(k2, n2,p)) (in such way that k1+k2=z)
Am I looking this correctly?