[dnmc]

Maybe this isn't what you're suggesting, but it's already possible to make an interface that prevents callers from doing math on indices in Rust — just return a struct that has a private member for the index. The caller can pass the value back at which point you can unwrap it and do index arithmetic.

[kibwen]

More than that, in theory an opaque handle would also do things like statically prevent a handle taken from one array from being used to access a different array. I feel like this should be possible in Rust with type-level shenanigans (e.g. GhostCell).

[thezipcreator]

this is possible in rust, albeit with a lot of shenanigans. See this article where someone made a GC in rust where the external references are bound to a specific GC via a unique lifetime: https://kyju.org/blog/tokioconf-2026/