diff --git a/src/lib.rs b/src/lib.rs
index 9b8be8e..fe58798 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -9,6 +9,9 @@ mod public_key;
 mod secret_key;
 mod signature;
 
+/// An element of the JubJub scalar field used for randomization of public and secret keys.
+pub type Randomizer = jubjub::Fr;
+
 pub use error::Error;
 pub use public_key::{PublicKey, PublicKeyBytes};
 pub use secret_key::{SecretKey, SecretKeyBytes};
diff --git a/src/public_key.rs b/src/public_key.rs
index b286b02..3f7aed9 100644
--- a/src/public_key.rs
+++ b/src/public_key.rs
@@ -1,6 +1,6 @@
 use std::convert::TryFrom;
 
-use crate::{Error, Signature};
+use crate::{Error, Randomizer, Signature};
 
 /// A refinement type indicating that the inner `[u8; 32]` represents an
 /// encoding of a RedJubJub public key.
@@ -40,9 +40,14 @@ impl TryFrom<PublicKeyBytes> for PublicKey {
     }
 }
 
-// This is similar to impl signature::Verifier but without boxed errors
 impl PublicKey {
+    /// Randomize this public key with the given `randomizer`.
+    pub fn randomize(&self, randomizer: Randomizer) -> PublicKey {
+        unimplemented!();
+    }
+
     /// Verify a supposed `signature` over `msg` made by this public key.
+    // This is similar to impl signature::Verifier but without boxed errors
     pub fn verify(&self, msg: &[u8], signature: &Signature) -> Result<(), Error> {
         unimplemented!();
     }
diff --git a/src/secret_key.rs b/src/secret_key.rs
index dddf7d2..637fc11 100644
--- a/src/secret_key.rs
+++ b/src/secret_key.rs
@@ -1,6 +1,6 @@
 use std::convert::TryFrom;
 
-use crate::{Error, PublicKey, Signature};
+use crate::{Error, Randomizer, PublicKey, Signature};
 
 /// A refinement type indicating that the inner `[u8; 32]` represents an
 /// encoding of a RedJubJub secret key.
@@ -47,9 +47,14 @@ impl<'a> From<&'a SecretKey> for PublicKey {
     }
 }
 
-// Similar to signature::Signer but without boxed errors.
 impl SecretKey {
+    /// Randomize this public key with the given `randomizer`.
+    pub fn randomize(&self, randomizer: Randomizer) -> PublicKey {
+        unimplemented!();
+    }
+
     /// Sign the given `msg` with this `SecretKey`.
+    // Similar to signature::Signer but without boxed errors.
     pub fn sign(&self, msg: &[u8]) -> Signature {
         unimplemented!();
     }