The idea originally came from noticing that many security problems occur even when authentication and authorization are technically correct.
The system verifies identity, but not necessarily intention.
I started exploring whether a small cryptographic handshake layer could make critical operations more explicit and verifiable.
Curious if others have seen similar approaches or problems.