Coinciding pseudonymisation and decryption factors
When for the creation of a local pseudonym the same string is used for the pseudonymisation and decryption contexts, the resulting factors are the same. There is no reason for allowing this coincidence, and leads to mildly weaker security. (E.g., when decryption and pseudonym factors coincide, a local pseudonym for party A can be translated to a local pseudonym for party B when the private keys for A and B are known.)
Proposed solution: prepend "pseudonym" and "decryption", respectively, to the strings used to create the factors.