Rename Sign/DidSign to Watermark/HasWatermark

Rename methods and files to avoid confusion with cryptographic signing.
The watermark mechanism folds GUID bytes into a SHA256 hash for tracing
purposes and is not a cryptographic primitive.

- Sign() -> Watermark()
- DidSign() -> HasWatermark()
- signer.go -> watermark.go
- signer_test.go -> watermark_test.go
- Update test messages and README

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: schigh

README.md

@@ -136,24 +136,24 @@ g := guid.MustNew()
 g[0], g[1] = 'a', 'b'
 ```
 
-### Signing
+### Watermarking
 
-A GUID can watermark data by folding its bytes into a SHA256 hash. This is not cryptographic signing. It is a lightweight mechanism for associating a GUID with a piece of data.
+A GUID can watermark data by folding its bytes into a SHA256 hash. This is not cryptographic signing. It is a lightweight tracing mechanism for associating a GUID with a piece of data.
 
 ```go
 g := guid.MustNew()
 data := []byte("some payload")
 
-sig := g.Sign(data)
-fmt.Printf("Signature: %s\n", sig) // hex-encoded
+wm := g.Watermark(data)
+fmt.Printf("Watermark: %s\n", wm) // hex-encoded
 
-// verify
-if g.DidSign(string(sig)) {
+// check
+if g.HasWatermark(string(wm)) {
 	fmt.Println("verified")
 }
 ```
 
-Note: `Sign` uses bitwise OR to fold GUID bytes into the hash. Multiple GUIDs can appear to have signed the same data (false positives are possible). This is suitable for tagging and tracing, not for authentication.
+Note: `Watermark` uses bitwise OR to fold GUID bytes into the hash. Multiple GUIDs can appear to match the same watermarked data (false positives are possible). This is suitable for tagging and tracing, not for authentication.
 
 ### Custom Generator
 

signer_test.go

@@ -5,8 +5,10 @@ import (
 	"encoding/hex"
 )
 
-// Sign applies the GUID's metadata to a SHA256 hash of the input data
-func (g GUID) Sign(in []byte) []byte {
+// Watermark folds the GUID's bytes into a SHA256 hash of the input data.
+// This is not cryptographic signing. It is a lightweight tracing mechanism
+// for associating a GUID with a piece of data.
+func (g GUID) Watermark(in []byte) []byte {
 	// cant digest what we don't have
 	if len(in) == 0 {
 		return nil
@@ -34,10 +36,10 @@ func (g GUID) Sign(in []byte) []byte {
 	return out
 }
 
-// DidSign returns true when this GUID was used to sign the hex string
-// This function will return false immediately if the input string is either not
-// hex-encoded or generated from a SHA256 hash
-func (g GUID) DidSign(in string) bool {
+// HasWatermark returns true when this GUID's bytes are present in the
+// given hex-encoded hash. Returns false if the input is not valid hex
+// or not SHA256-sized.
+func (g GUID) HasWatermark(in string) bool {
 	sum, err := hex.DecodeString(in)
 	if err != nil {
 		return false

signer.go watermark.gosigner.go renamed to watermark.go

@@ -0,0 +1,74 @@
+package guid
+
+import (
+	"testing"
+)
+
+func TestGUID_Watermark(t *testing.T) {
+	// Watermark should return nil for empty input
+	g := MustNew()
+	if wm := g.Watermark(nil); wm != nil {
+		t.Fatalf("expected nil for empty input, got %s", wm)
+	}
+	if wm := g.Watermark([]byte{}); wm != nil {
+		t.Fatalf("expected nil for empty input, got %s", wm)
+	}
+
+	// Watermark should produce consistent output
+	data := []byte("music television")
+	wm1 := g.Watermark(data)
+	wm2 := g.Watermark(data)
+	if string(wm1) != string(wm2) {
+		t.Fatalf("expected consistent watermarks, got %s and %s", wm1, wm2)
+	}
+
+	// Watermark output should be 64 hex chars (SHA256 = 32 bytes = 64 hex)
+	if len(wm1) != 64 {
+		t.Fatalf("expected watermark length 64, got %d", len(wm1))
+	}
+
+	// Different data should produce different watermarks
+	wm3 := g.Watermark([]byte("live mice sit on us"))
+	if string(wm1) == string(wm3) {
+		t.Fatal("expected different watermarks for different data")
+	}
+
+	// Different GUIDs should produce different watermarks for same data
+	g2 := MustNew()
+	wm4 := g2.Watermark(data)
+	if string(wm1) == string(wm4) {
+		t.Fatal("expected different watermarks from different GUIDs")
+	}
+}
+
+func TestGUID_HasWatermark(t *testing.T) {
+	g := MustNew()
+	data := []byte("test data")
+	wm := g.Watermark(data)
+
+	// GUID should verify its own watermark
+	if !g.HasWatermark(string(wm)) {
+		t.Fatal("expected HasWatermark to return true for own watermark")
+	}
+
+	// HasWatermark should return false for invalid hex
+	if g.HasWatermark("not-hex") {
+		t.Fatal("expected HasWatermark to return false for non-hex input")
+	}
+
+	// HasWatermark should return false for wrong-length hex
+	if g.HasWatermark("abcd") {
+		t.Fatal("expected HasWatermark to return false for short hex")
+	}
+
+	// HasWatermark should return false for tampered data
+	if g.HasWatermark("aaa0000000000000000000000000000000000000000000000000000000000000") {
+		t.Fatal("expected HasWatermark to return false for tampered data")
+	}
+
+	// TestGUID watermark round trip
+	testWm := TestGUID.Watermark([]byte("hello"))
+	if !TestGUID.HasWatermark(string(testWm)) {
+		t.Fatal("TestGUID failed to verify its own watermark")
+	}
+}