I have a construction $C$ which internally uses idealized primitive $\mathcal{P}$ (a random permutation) where the goal is that $C$ is indifferentiable from a random oracle $\mathcal{F}$. That is, $C$ implements the API of $\mathcal{F}$. Via the indifferentiable argument, I want to show that there exists a simulator $S$ that internally uses $\mathcal{F}$ s.t. for all distinguishers $D$
$$ Pr[D^{C^\mathcal{P},\mathcal{P}}=1] \approx Pr[D^{\mathcal{F},S^\mathcal{F}}=1] $$ Here I used super script to denote the oracles each system has access to.
As stated, $S$ is just an algorithms implements the API of $\mathcal{P}$ and tries to fool $D$ into thinking $S$ looks like $\mathcal{P}$ while also being consistent with $\mathcal{F}$ and $C$. So it makes sense as stated why $S$ can not observe the queries that $D$ makes to $\mathcal{F}$.
However, I'm not sure why the model is this way. My mental model for simulation in general is that the simulator should be able to play the role of all of the oracles. That is, $S$ can observe the queries that $D$ makes to $\mathcal{F}$. In the notation above I'm stating something like $$ Pr[D^{C^\mathcal{P},\mathcal{P}}=1] \approx Pr[D^{S_1^\mathcal{F},S_2^\mathcal{F}}=1] $$ where $S$ gets to observe all of the oracle queries made by $D$. $S_1^\mathcal{F}$ can be simple, it just observes and forwards the query to $\mathcal{F}$. My argument for this is that $D'=D^{S_1,S_2}$ is simply another adversary. If you give me an adversary $D$ that behaves some way with $(C^\mathcal{P},\mathcal{P})$, then I'll give you an adversary $D'$ interacting with $\mathcal{F}$ that behaves computationally indistinguishable.
So my question is: why do many of these papers claim $\mathcal{F}$ queries are not observable?
Merkle-Damg˚ard Revisited which constructs something very similar to what im interested in.
