@cwebber Finally, IIUC the "malleable deputy" vulnerability isn't really due to the *truncation*: It would have also happened with support for multiple hashes, e.g. hypothetically did:sha256 vs. did:sha512, or even did:sha224 (which is the "correct" way to truncate SHA-255). Or if they messed up case-sensivity somewhere and let you register a capitalized version of an existing did:plc.

I might call it some sort of aliasing attack?

(There's another world where you could potentially generate aliases via the padding bits in the last base32 character if the truncated comparison was done after converting to binary, but in this particular case you can't because it's truncated to a multiple of 8 characters/40 bits.)