© Kevin Mehall and the Splash Contributors
Name
— Designation
Value
— Information
Identity
— Time
Authority
— Permission
Security
Concurrency
When a function is called, curry in each argument by calling a curry_arg generic function. curry_arg for pure-value types would be equivalent to traditional currying. This would be implemented in some sort of :value specializer, so functions operating on Refs could have direct access.
For IRefs, curry_arg curries in the current value of the IRef.
For ARefs, curry_arg curries in the value of the ARef, if and only if the function is in its permitted set. Otherwise, it curries in itself. Another form of the specializer could simply fail if the value could not be unrapped. This version could be used on primitives such as prim_op_object_get_slot to protect access to the direct capability inside the ARef. (Problem: But then how does the curry_arg function access data inside the ARef?)
A membrane-like could be implemented in a subclass of ARef by wrapping the returned value in an ARef with the same permitted set.
Problem: This only works when types are homogeneous and the same functions are available
Problem: If the argument passing this type is not the first, the unwrapped return value would be passed through the functions that may have been added by the more inner arguments' curry_arg. Malicious code could create a type specializing curry_arg and capture this data