The SAS protocol establishes peer-to-peer authenticated communication over an insecure channel by using an extra channel, such as in Apple iMessage (see Application below).
This is a toy implementation of the Vaudenay SAS protocol [PDF].
To avoid 4 round-trips whereas 3 are sufficient, SAS was improved by the MA-3 protocol [PDF].
The used commitment scheme is an idealized commitment model in which a trusted third party reveals the commitment. In a real world implementation, commitment schemes that don't require a trusted third party would be more practical ( random oracle, CRS model).
Apple uses the SAS protocol for iMessage Contact Key Verification, introduced in iOS 17.2.