It does seem like "What if we offer checked integer arithmetic operations?" is a cheaper experiment than CHERI's "What if we mechanically reify extent based provenance"?"
But also way less impactful. It would solve maybe 20% of serious security vulnerabilities whereas CHERI solves like 60% at least. More if you use its strong compartmentalisation capabilities (heh).
That said, CHERI is super complicated. Checked integer arithmetic operations would be way simpler.
That said, CHERI is super complicated. Checked integer arithmetic operations would be way simpler.