With OP_CHECKSIGFROMSTACK (CSFS), signatures are verified against an explicit message rather than the transaction sighash.This seems to allow the same (sig, message) pair to be reused across different UTXOs, unless something binds the message to a specific context.Some discussions (e.g. by Jeremy Rubin https://rubin.io/bitcoin/2024/12/02/csfs-ctv-rekey-symmetry/) mention re-keying or laddering constructions to mitigate this.My question is:How exactly do CSFS laddering or re-keying schemes prevent cross-UTXO replay in practice?What is the binding mechanism — is it based on chaining commitments, updating keys per step, or something else?