Security: pet daemon leaks host powers to guest profiles

[kriskowal]

The guest powers facet (as created by endo mkguest guest-name) should provide a powers object suitable for use by any confined program or peer. The guest must also be able to recognize, by reverse-lookup, the senders and receivers of messages in its inbox. Currently, the name HOST is special to a guest and allows them to recognize a message that was sent by their host (one of the user’s profiles).

However, by passing the actual host powers object to the guest, it can then use those powers.

Profiles already view the objective messages through a subjective lens. For a host that lens can be transparent, but for a guest, the host contact in particular must be replaced with a contact facet that confers no powers except to be able to recognize the contact in other messages and to use the contact to refer to a recipient when sending a message.

Design

Every profile (guest and host) must have a corresponding “contact” facet. The message inbox for a guest should reveal only contacts. The HOST special name for a guest must be the contact. The SELF special name must be identical to the guest powers object, so there may need to be a different special name for helping a guest recognize themselves as the sender of a message, or the inbox must make an exception in its distortion.

[kriskowal]

This issue should block first publish to npm for the pet daemon.

[kriskowal]

I’ve added the metamask-grant-2024 label. Although this is not expressly mentioned on the grant we submitted in 2023 to cover H1 2024, it is necessary to prove out the Endo design. This is also now in progress.