At first glance I think receipts and RAVs require the same data, and, naively would share the same fields. But this is a security hole. If a signed RAV can be interpreted as a receipt this allows an indexer to compound their earnings. This needs to be addressed either by using a separate signing key, or delimiting the message types (I prefer the latter, to avoid introducing a key-sharing protocol during setup).
Adding a discriminant byte ensures a signed RAV can't be sent in as a receipt. Currently receipt and RAV have only one difference (receipt has nonce and RAV doesn't) and if this difference was removed by some future change it would allow an indexer to send RAVs in as if they were receipts.
tkornuta-semiotic
commented
1 year ago
Context from email with Zac:
Adding a discriminant byte ensures a signed RAV can't be sent in as a receipt. Currently receipt and RAV have only one difference (receipt has nonce and RAV doesn't) and if this difference was removed by some future change it would allow an indexer to send RAVs in as if they were receipts.