In cryptography, a verifiable random function (VRF) is a public-key pseudorandom function that provides proofs that its outputs were calculated correctly. The owner of the secret key can compute the function value as well as an associated proof for any input value. Everyone else, using the proof and the associated public key (or verification key[1]), can check that this value was indeed calculated correctly, yet this information cannot be used to find the secret key.[2]
A verifiable random function can be viewed as a public-key analogue of a keyed cryptographic hash[2] and as a cryptographic commitment to an exponentially large number of seemingly random bits.[3] The concept of a verifiable random function is closely related to that of a verifiable unpredictable function (VUF), whose outputs are hard to predict but do not necessarily seem random.[3][4]
The concept of a VRF was introduced by Micali, Rabin, and Vadhan in 1999.[4][5] Since then, verifiable random functions have found widespread use in cryptocurrencies, as well as in proposals for protocol design and cybersecurity.
:9
was invoked but never defined (see the help page).:7
was invoked but never defined (see the help page).