pub fn derive_sas_code(
our_secret: &StaticSecret,
their_public: &PublicKey,
tx_id: &[u8; 16],
) -> Result<SasCode>Expand description
Derive the 7-emoji + 3-group-decimal SAS code from the X25519
shared secret and the agreed-upon tx_id. Both peers compute this
independently and must end up with the same answer for OOB
comparison to succeed.
Matches the MSC 2241 derivation: HKDF-SHA256 with tx_id as salt
and b"huddle-sas-v1" as info, expanded to 11 bytes. First 6 bytes
→ 7 6-bit chunks (mod 49) → emoji indices. Next 5 bytes → 3 13-bit
chunks (+ 1000) → 3 four-digit decimal groups.