AES256-GCM Is it safe to both add the IV to the AAD and use it in the encryption?

The IV is generally pre-prepended to ciphertext. Did they omit this? The IV is only on the AAD or there is already two IVs around? Any link to the paper/source? Please not a paper from senior undergraduate papers.

Maybe they're thinking of Authenticated Hedged Encryption with Associated Data (AHEAD): using an AEAD like AES-GCM, use a MAC of the message as the IV (with the encryption key as the MAC key), then sticking a random nonce in the AAD. That makes it key-committing, authenticated, non-deterministic encryption. It takes 2 passes, and there are better constructs for AHEAD than using AES-GCM, but it's safe enough. (If you want AES, it's possible to use AES-GCM-SIV with a random 256-bit nonce in the AAD followed by a key check value, but that takes more design.)

This question needs some clarity to properly answer. Why do you think the IV is part of the message? What's the context of the protocol? It's possible to have the IV in the AAD and everything will be fine, the IV is not secret data, so adding the IV to the AAD isn't harmful on its own. But AES256-GCM doesn't specify how to pick the IV, and putting it in the AAD is weird, so it's possible wherever you saw this is doing something wildly unsafe! Without a link to the source we can't really answer whether this case is harmful.

I sit in a Tesla and translated this thread with Ai: