If you can mask anything then can you use XSS to get any proof you want? Doesn't even have to be code, since block chains may activate based on certain text being on the site.
The fact that something was redacted, and where, is included in the proof. So it shouldn't be a problem as long as the verifier takes this into account. A simple thing to do would be to discard any messages with unexpected readactions (e.g., create a whitelist of places where you expect redaction, such as the Cookie: header). That would prevent situations like:
Do not give Bob $50 under any circumstances.
Do [X] give bob $50 under any circumstances.
