When we came up with the set of message primitives, I had little confidence that they would remain unchanged. In fact we never saw critical reasons to change them. When Jonathan Shapiro did his systems he made some small changes to make message passing slightly more symmetric and got perhaps a more elegant and orthogonal set with no more real complexity.
The hardest design that we encountered was for the two byte streams which connected a program to a terminal but abstracted the Tymnet mechanisms from typical applications. There was a good deal of shared state between the streams but our design worked out well. That was the point where we said that when a design difficulty arose try using one more domain, and if that failed try using one less. I think Charlie Landau wrote that code. We never did an Internet interface.
Aside from the Tymnet interface, which was a hard design, I do not recall significant design obstacles for the other several dozen proposed and real applications. This was in part because the system components that we reified were very much like real hardware. When confused we would ask how to do the job on bare hardware and the solution was often to emulate that. Conventional kernels take away so many features available from the real hardware.
One task that eluded us was the ability to provide programatic ‘read-only’ facets to an object in such a way to ensure that the code to implemented the new logic was guaranteed not to impact the integrity of the object proper. This might require breaking abstractions of the object, but in such a way that no side effects on the object state were possible. Perhaps somewhat like the factory logic ensures side effects.
Bill Frantz tells me that he has a design to do that that he will present soon.