in cryptography, we often require domain separation for different uses of the same primitives. roughly, this means ensuring that the inputs to a primitive for different purposes cannot overlap. so there are no instances where you can lift a value from one part of the protocol and use it in another.

i’ve been thinking about data confusion - interpreting the same pile of bytes as different types.

there’s the mitigated but still present “proposal.doc.exe” exploit on windows. it’s partly a user interface problem, where the extension is sometimes hidden and sometimes shown, and partly a platform problem, where you can’t safely run arbitrary binaries, and partly a data confusion problem - the user expects to be opening a document and is instead launching a program.

converge, as it stands right now, doesn’t care about or indicate the type of data that’s stored in an object. so if i throw a reference at you, telling you it’s an image, you don’t actually know you’re getting an image. maybe it’d be worth it to add the expected type into the additional data in the deterministic [AEAD]?

of course, that doesn’t stop anyone from creating a new object with the expected type and bad data. it’d just stop using the original object in multiple contexts.

overall, i don’t feel like it’d really provide any benefit. converge eschews ambient authority - it’d be inconvenient to see if anyone you trust had included the object in another. if the idea about claims goes anywhere, maybe it’d be important to include the type of the referent in the claim, but that’s layers up from the core functionality.