Hi,

First, thanks for sharing your work.

I’m reading this paper. Under section 5.1 it mentions how VRF handles the Sybils Attack problem.

It mentions that the binomial distribution is indeed a good choice since splitting the total of sub-users of a user won’t give an advantage over a non-split.

In particular it mentions the following equality (1):

B(k1;n1,p) + B(k2;n2,p) = B(k1 + k2;n1 + n2,p)

Which at first seemed a bit odd to me.

As far as I understand the B(a,b,c) notation, it refers to a probability and not a random variable.

If that’s the case I think that the that formula should be:

B(n1,p) + B(n2,p) = B(n1 + n2,p)

In the B(a,b,c) notation would be something like:

B(z;n1 + n2,p) = convolution(B(k1, n1, p), B(k2, n2,p)) (in such way that k1+k2=z)

Am I looking this correctly?

Thanks,

Ignacio