From f6b88ee3fbeb69eeab4f18a90630503979910183 Mon Sep 17 00:00:00 2001
From: Tony Garnock-Jones <tonyg@leastfixedpoint.com>
Date: Mon, 6 Feb 2023 16:19:03 +0100
Subject: [PATCH] Switch to HMAC-BLAKE2s

---
 schemas/sturdy.prs | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/schemas/sturdy.prs b/schemas/sturdy.prs
index 1384967..6d36735 100644
--- a/schemas/sturdy.prs
+++ b/schemas/sturdy.prs
@@ -3,6 +3,12 @@ embeddedType EntityRef.Cap .
 
 ; The sequence of Caveats is run RIGHT-TO-LEFT.
 ; That is, the newest Caveats are at the right.
+;
+; Let f = HMAC-BLAKE2s, e = canonical machine-oriented serialization of some preserves value,
+; and k = the original secret key for the ref.
+;
+; The `sig` is then f(f(f(f(k, e(oid)), ...), Caveat), ...).
+;
 SturdyRef = <ref @oid any @caveatChain [Caveat ...] @sig bytes>.
 
 ; embodies 1st-party caveats over assertion structure, but nothing else