Hash and OTP generation using encrypted values

Using FHE we perform operations on the encrypted secret key, timestamp, and dapp ID to generate an encrypted TOTP code.This Time based One Time Password can be verified on-chain without accessing the

Current Industry Standards for TOTP

TOTP is an extension of HMAC

hash-based message authentication code (HMAC) based one-time password

## Required for OTP generation
1.⁠ ⁠A cryptographic hash method H (default is SHA-1)
2.⁠ ⁠A secret key K, which is an arbitrary byte string and must remain private, 
and thats why stored encrypted on the Smart contract
3.⁠ ⁠⁠A counter C, which counts the number of iterations
4.⁠ ⁠⁠A HOTP value length d (6–10, default is 6, and 6–8 is recommended)

The HOTP value is the human-readable design output, a d-digit decimal number (without omission of leading 0s):

$$HOTPvalue = HOTP(k,c)mod 10^d$$

That is, the value is the d least significant base-10 digits of HOTP.

HOTP is a truncation of the HMAC of the counter C (under the key K and hash function H):

$$HOTP(k,c) = truncate(HMAC(k,c))$$

Truncation first takes the 4 least significant bits of the MAC and uses them as a byte offset i:

$$extract31(MAC, i) = MAC[(i × 8 + 1):(i × 8 + 4 × 8 − 1)]$$

where ":" is used to extract bits from a starting bit number up to and including an ending bit number, where these bit numbers are 0-origin. The use of "19" in the above formula relates to the size of the output from the hash function. With the default of SHA-1, the output is 20 bytes, and so the last byte is byte 19 (0-origin).

That index i is used to select 31 bits from MAC, starting at bit i × 8 + 1:

$$extract31(MAC, i) = MAC[(i × 8 + 1):(i × 8 + 4 × 8 − 1)]$$

31 bits are a single bit short of a 4-byte word. Thus the value can be placed inside such a word without using the sign bit (the most significant bit). This is done to definitely avoid doing modular arithmetic on negative numbers, as this has many differing definitions and implementations.

---

Current Approach

## Required

1. S = Secret key (6-digit number)
2. T = Timestamp (epoch value)
3. A = App ID (4-digit number)

The final 6-digit result (R) can be calculated as:

$$R = (((((S ∧ (T\ \%\ 10^6)) ⊻ A)\ \%\ 10^6 + S) >> 2)\ \%\ 10^6)$$

1. Convert the timestamp to a 6-digit number

$$T' = T \ \%\ 10^6$$

1. Perform bitwise AND operation on the secret key and the converted timestamp

$$R₁ = S ∧ T'$$

1. Perform bitwise XOR operation on the result from Step 2 and the app ID

$$R₂ = R₁ ⊻ A$$

1. Ensure the result from Step 3 is a 6-digit number

$$R₃ = R₂\ \%\ 10^6$$

1. Add the secret key to the result from Step 4

$$R₄ = R₃ + S$$

1. Perform a right shift operation on the result from Step 5

$$R₅ = R₄ >> 2$$

1. Ensure the final result is a 6-digit number

$$R = R₅\ \%\ 10^6$$