From 59e236713119faafee52fa18d835fa61d1d15899 Mon Sep 17 00:00:00 2001
From: Emery Hemingway <ehmry@posteo.net>
Date: Tue, 7 Sep 2021 12:01:42 +0200
Subject: [PATCH] WiP! SturdyRef

---
 src/syndicate/sturdy.nim | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 src/syndicate/sturdy.nim

diff --git a/src/syndicate/sturdy.nim b/src/syndicate/sturdy.nim
new file mode 100644
index 0000000..7d877a6
--- /dev/null
+++ b/src/syndicate/sturdy.nim
@@ -0,0 +1,30 @@
+import preserves, preserves/parse
+import ../syndicate/protocols/schemas/sturdy, ./private/hmacs
+
+proc mint*(key: openarray[byte]; oid: Value): SturdyRef =
+  SturdyRef(oid: oid, sig: hmacSha256(key, encode(oid), key.len))
+
+proc attenuate*(r: SturdyRef; caveats: Attenuation): SturdyRef =
+  result = SturdyRef(
+    oid: r.oid,
+    caveatChain: r.caveatChain,
+    sig: hmacSha256(r.sig, caveats.encode))
+  result.caveatChain.add caveats
+
+proc validate*(key: openarray[byte]; r: SturdyRef): bool =
+  var sig = hmacSha256(key, r.oid.encode, key.len)
+  for a in r.caveatChain:
+    sig = hmacSha256(sig, a.encode)
+  r.sig == sig
+
+when isMainModule:
+  import unittest
+  test "mint":
+    var
+      key: array[16, byte]
+      oid = "syndicate".toPreserve(EmbeddedType)
+      sRef = mint(key, oid)
+      control = parsePreserves"""<ref "syndicate" [] #[pkgN9TBmEd3Q04grVG4Zdw]>"""
+    check(sRef.toPreserve == control)
+    let aRef = attenuate(sRef, newSeq[Caveat]())
+    check validate(key, aRef)