How about implementing it as an access modifier like "trusted" and enforce that only values from other trusted members can be assigned to a trusted member?