LastSeenMessage is ineffective against certain context manipulation

Probably a duplicate. TL,DR: LastSeenMessage(LSM) is ineffective against certain context manipulation involving private message

Background
1.19.1-pre5 introduced several measures against context manipulation, one of which is LSM - which tracks 5 users' last seen messages. This in theory prevents an attack where a malicious person uses /msg (or other signed private messaging measures) to provide context message that a reported person never saw. LSM is different from "message chaining"/ previousSignature which does include private messages by design. The message "acknowledgment" is sent when a player sends a chat message or when the player has 64 unacknowledged messages. An acknowledgment contains LSM and lastReceived (last received header-only message, is not signed).

Bug
The bug exists in the design of LSM - that it only tracks the "last seen" messages. Consider the following cases:

1. Bad actor (P1) sends private message to self: /msg @s context message (M1)
2. Bad actor (P1) sends a normal message that reported person (P2) sees (M2)
3. P2 responds to M2 (M3)
4. P1 reports the response M3

Let's track the LSM and previousSignature and see how it works:

1. Before M1, P1 has: LSM = empty, lastReceived = null, previousSignature = null (signed by P1 as part of M1)
2. Between M1 and M2, P1 has: LSM = <P1: M1>, lastReceived = null, previousSignature = M1 (signed by P1 as part of M2) and P2 has: LSM = empty, lastReceived = M1, previousSignature = M1
3. Between M2 and M3, P1 and P2 both have: LSM = <P1: M2>, lastReceived = null, previousSignature = M2 (signed by P2 as part of M3)

What if, instead the first message was a normal message? Then it will be like:

1. Before M1, P1 has: LSM = empty, lastReceived = null, previousSignature = null
2. Between M1 and M2, P1 and P2 both have: LSM = <P1: M1>, lastReceived = null, previousSignature = M1
3. Between M2 and M3, P1 and P2 both have: LSM = <P1: M2>, lastReceived = null, previousSignature = M2

The problem here is that the LSM and previousSignature signed as part of sent context messages are the same - which is problematic, because this means that either a message P2 has never seen can be included as evidential context without any way of disproving, or that P2 can dispute a message they definitely saw as "not seen".

Does This Actually Work?
Not sure. Context manipulation is not an easy trick for actually getting someone to be banned. Any message you'd get from an innocent person getting manipulated will be far from actually offensive ones. However, the latter scenario - giving a bad person a defense that is not sound but is technically not disprovable - is not good either.

However, this exploit has much worse consequence: it gives the community a reason, sound, technically true, and almost indisputable, that chat reporting is bad due to fear of gaslighting - which has proven true. Without mitigations for this issue (or a public guideline explaining that "context message can never incriminate, only defend") this will only get worse.

Fix
This is not easy to fix, since any attempt would be cat-and-mouse game. However, we can mitigate this issue by making LSM keep track of more messages, not just 1 per profile. (For example, "5 last seen messages per profile")

Another "fix" involves a policy change that no context message can incriminate otherwise neutral/innocent message, effectively preventing context manipulation from being abused for false bans. This policy should be publicly displayed.