> This only works if you can trust the people doing the counts, though. If person B says "wow, I heard person A saw FIFTY HAWKS" then that information will spread without any recourse for A to say "er, no, I only saw one." These kind of security and sharing situations seems to be open questions in the field.

I was just about to say something, before I read the rest of the sentence.

> I guess you could sign values,

Yep! :D

> but that'd add a lot of overhead in any decently-sized document. Tricky!

Depends on the number of “things” that need to be signed.

A very big document with a few very big “parts”, requiring only a few signatures is not too bad. A big document consisting of a huge number of very small “parts” on the other hand, would have a lot of overhead in size. But in some cases it might be worth it. I started making such a system a while back for fun. I’ve not made it public yet, as plenty of work remains to be done first. But yeah, in my case I am doing exactly that. Using signatures and verifying the signatures before accepting data from others into my local state.

I even have some logic penalizing remote nodes for providing invalid data.

> This only works if you can trust the people doing the counts ... These kind of security and sharing situations seems to be open questions in the field.

Trust in this sense can be safely assumed in every network that isn't open to arbitrary participants. That trust is guaranteed at lower levels in the stack, for example via TLS, it's definitely not the responsibility of the data/CRDT layer.

Those interested in a formal proof, Automerge has a set of formal proofs in Isabelle. This is an Op-based CRDT.

https://github.com/trvedata/crdt-isabelle/tree/master