so uhhh... if you're using CRDTs to distribute data between different clients, how do you validate the changes against business logic or prevent abuse? I can't seem to find anything about filtering/managing changes that clients try to do. It all just seems to expect you to trust whatever clients try to send each other???
@zkat AIUI the idea is that the system-wide validation is meant to arise emergently from all clients individually applying the same set of validation rules (which may themselves be informed by state from that same CRDT, recursively, though that's trickier to get right in a way that reliably converges). Don't know if there's a better or more general answer.
