From 1ad416abc4602de660fb08c3bbd07bbabbeb1600 Mon Sep 17 00:00:00 2001
From: Dr Maxim Orlovsky <orlovsky@lnp-bp.org>
Date: Wed, 11 Dec 2024 03:05:29 +0100
Subject: [PATCH] implement TXO seal conversion into a SONIC auth token

---
 src/popls/bp.rs | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/src/popls/bp.rs b/src/popls/bp.rs
index 0e80156c..a5d2dce0 100644
--- a/src/popls/bp.rs
+++ b/src/popls/bp.rs
@@ -33,6 +33,7 @@ use bp::dbc::opret::OpretProof;
 use bp::dbc::tapret::TapretProof;
 use bp::seals::TxoSeal;
 use bp::{dbc, Outpoint, Txid, Vout};
+use commit_verify::CommitId;
 use hypersonic::{
     AdaptedState, AuthToken, CellAddr, CodexId, ContractId, IssueParams, MethodName, NamedState,
     Operation, Schema, StateAtom, Supply,
@@ -62,7 +63,15 @@ pub type TapretSeal = TxoSeal<TapretProof>;
 impl<D: dbc::Proof> Protocol for TxoSeal<D> {
     type Id = Txid;
 
-    fn auth_token(&self) -> AuthToken { todo!() }
+    // SECURITY: Here we cut SHA256 tagged hash of a single-use seal definition to 30 bytes in order
+    // to fit it into a field element with no overflows. This must be a secure operation since we
+    // still have a sufficient 120-bit collision resistance.
+    fn auth_token(&self) -> AuthToken {
+        let id = self.commit_id().to_byte_array();
+        let mut shortened_id = [0u8; 30];
+        shortened_id.copy_from_slice(&id[0..30]);
+        AuthToken::from_byte_array(shortened_id)
+    }
 }
 
 // TODO: Support failback seals
@@ -201,12 +210,6 @@ impl<
     }
      */
 
-    pub fn new_vout(&mut self, vout: Vout) -> TxoSeal<D> { todo!() }
-
-    pub fn new_seal(&mut self) -> TxoSeal<D> { todo!() }
-
-    pub fn resolve_seal(&self, opout: CellAddr) -> TxoSeal<D> { todo!() }
-
     /// Creates a single operation basing on the provided construction parameters.
     pub fn prefab(&self, params: ConstructParams) -> Prefab {
         // convert ExecParams into CallParams