Is it safe to add fluid scopes to an OCap language?

YOUTUBE nLti4CPkv4k Discussion at FRIAM led by Mark Miller.

This discussion is motivated by the proposal to add so-called "AsyncContext" to JavaScript. The question is how does this affect the safety of Hardened JS, the use of JavaScript as an object-capability language.

The discussion makes use of the examples at TC39 PR . This PR will continue to evolve as our understanding does.

Miller uses Lisp and Scheme to explain the transition from dynamic to fluid scoping. Discussion moves to Carol and Bob pass on an unsafe attack to Alice, and how Alice is able to make the code safe (not grant capabilities to the attack).

tl;dr Classic xkcd security model

FRIAM is a group of object-capability experts who have been meeting continually since the mid 1990s. This discussion examined the larger question of the safety of these mechanisms if added to OCap languages in general.