feat(oprf): add split-blinding unlinkable OPRF (partial unlinkability)

- Implement split-blinding protocol with C, C_r dual evaluation
- Add 7 security proof tests for unlinkability properties
- Add benchmarks: ~101µs (109x faster than OT-based)
- Note: Server can compute C - C_r fingerprint (documented limitation)

src/oprf/mod.rs

@@ -5,6 +5,7 @@ pub mod ring;
 pub mod ring_lpr;
 #[cfg(test)]
 mod security_proofs;
+pub mod unlinkable_oprf;
 pub mod voprf;
 
 pub use ring::{
@@ -23,3 +24,9 @@ pub use hybrid::{
 pub use voprf::{
     CommittedKey, EvaluationProof, KeyCommitment, VerifiableOutput, voprf_evaluate, voprf_verify,
 };
+
+pub use unlinkable_oprf::{
+    UnlinkableBlindedInput, UnlinkableClientState, UnlinkableOprfOutput, UnlinkablePublicParams,
+    UnlinkableServerKey, UnlinkableServerResponse, client_blind_unlinkable,
+    client_finalize_unlinkable, evaluate_unlinkable, server_evaluate_unlinkable,
+};