Leaking scoped capabilities

[Linyxus]

Compiler version

main

Minimized code

import language.experimental.captureChecking

trait IO:
  def println(s: String): Unit
def usingIO[R](op: IO^ => R): R = ???

case class Boxed[+T](unbox: T)

type Res = [R, X <: Boxed[IO^] -> R] -> (op: X) -> R
def mkRes(x: IO^): Res =
  [R, X <: Boxed[IO^] -> R] => (op: X) =>
    val op1: Boxed[IO^] -> R = op
    op1(Boxed(x))
def test2(): Unit =
  val leaked: Res = usingIO[Res](mkRes)
  val x = leaked[Boxed[IO^], Boxed[IO^] -> Boxed[IO^]](x => x)
  x.unbox.println("boom")  // out of scope access to the scoped capability

Output

It compiles.

Expectation

It should not. It allows an out-of-scoped access to a scoped capability.

/cc @odersky

[Linyxus]

At the latest main when compiling the code of this issue it outputs:

[info] running (fork) dotty.tools.dotc.Main -d /Users/linyxus/Workspace/dotty/compiler/../out/default-last-scalac-out.jar -classpath /Users/linyxus/Library/Caches/Coursier/v1/https/repo1.maven.org/maven2/org/scala-lang/scala-library/2.13.14/scala-library-2.13.14.jar:/Users/linyxus/Workspace/dotty/library/../out/bootstrap/scala3-library-bootstrapped/scala-3.6.0-RC1-bin-SNAPSHOT-nonbootstrapped/scala3-library_3-3.6.0-RC1-bin-SNAPSHOT.jar -color:never -Xprint:cc issues/cc-logging.scala
==> {cap} accountsFor (caps.cap : caps.Capability), {cap}??
<== {cap} accountsFor (caps.cap : caps.Capability), {cap}? = true
==> {cap} accountsFor ex$15.type, {ex$15}??
<== {cap} accountsFor ex$15.type, {ex$15}? = true

It shows the debug information!

This seems to a outcome of the combination of this and this.

/cc @odersky