Add sendTransaction permission

[rekmarks]

Adding a sendTransaction permission requires:

• a spending limit caveat
  • this requires guaranteed disk writes as described in https://github.com/MetaMask/gaba/issues/112
    • this may result in a PR against https://github.com/MetaMask/obs-store

2019-09-04 I've made progress on defining the caveat that will be used to implement spending limits. Persistence is the big problem.

Some findings after researching storage APIs and our current state persistence solution:

• Currently, we persist state to the browser extension storage.local in this snippet in background.js, which uses a class implemented in the extension.
  • We also have a fallback that uses window.localStorage through LocalStorageStore from obs-store, although per the MDN link above, only very old browsers do not support storage.local.
• The persistence strategy we use does not work well or at all with what we need for a spending limit permission and the associated uintLimit caveat type. Specifically:
  • We use a single storage key for the entire state, writing to it once per second.
  • We want to persist a subset of the rpc-cap state, and we only want rpc-cap to touch it.
    • There are probably security concerns here (storage.local can probably be accessed through accident or malice), but we can save that for later.
  • It's a little all over the place and I don't like it.

Here's what I want to do:

• [ ] Pop out the extension's lib/local-store.js into an ExtensionStore class in obs-store
  • Or at the very least, implement that class and leave the extension as is.
• [ ] Write a PersistentController class in gaba with a parallel (or total?) disk store for stuff that has to be persisted
• [ ] Write some kind of abstract PersistentStorage class in obs-store or gaba that is used to implement LocalStorage and ExtensionStorage classes for use in PersistentController
  • Its get and set methods will be async as in the extension's local-store, and we'll have to use a mutex (await-semaphore as used elsewhere?) or I'll have to use IndexedDB (see this MDN link)
• [ ] Make the CapabilitiesController in rpc-cap extend PersistentController and start persisting

[rekmarks]

I don't think we're ever going to do this.