Why have unidirectional symmetric keys?

[macaba]

I'm in the process of implementing a non-gaming related library for AEAD-secured DTO transfer between micro-services. I took a look at the netcode.io 1.02 standard.md and I can see the sense in virtually all of it, but there is one aspect I don't yet understand.

The connect token establishes 2 keys:

[client to server key] (32 bytes)
[server to client key] (32 bytes)

This has the effect of making the data transfer unidirectional for a given key.
What benefit does this have?
In my current understanding, if the client and server shared the same key [per unique server-client pair] (which has been established out-of-band over a secure side channel) to allow bidirectional comms with the same key, this wouldn't degrade the security but I suspect there is something I don't yet understand.

Thank you!

[macaba]

Got it.
You're using ChaCha20, which uses a sequence nonce, not a random nonce like XChaCha20, which is what I've been looking at.
So you need to prevent nonce reuse in either direction.

[gafferongames]

Yes and it seemed cleaner than just say, setting high bit on nonce in one direction and zero in the other.