Research requirements for Maskbook plugin

[danfinlay]

Maskbook.com

From me:

The Maskbook plugin requires a category of permission that we haven't explored yet: What is the simplest way we can request permission to, say, decrypt messages on facebook? Permission to edit text by selector? We'd love to make it less than "permission to view and edit all info on all pages", and while "all info on Facebook" is much better, I wonder if we could be even more specific?

From yisiliu:

We are requesting only "Browsing History" and "Manage Downloads" permission and the rest are just web hacks :)

Posting here for more discussion

[Jack-Works]

Hi, the "" permission is "webNavigation" in the manifest file.

Maskbook use this permission to let the script of Maskbook inject to Facebook as early as possible. ("document_start" in the manifest file is not early enough).

And on Chrome, there is no chrome.contentScripts API (Firefox does), so without the "webNavigation" permission, Maskbook cannot inject content script with the optional permission "<all_url>" (Maskbook require for the specify site in the runtime).

https://github.com/DimensionDev/Maskbook/blob/master/src/background-service.ts#L48

[Tedko]

Hi, the "" permission is "webNavigation" in the manifest file.

Maskbook use this permission to let the script of Maskbook inject to Facebook as early as possible. ("document_start" in the manifest file is not early enough).

And on Chrome, there is no chrome.contentScripts API (Firefox does), so without the "webNavigation" permission, Maskbook cannot inject content script with the optional permission "<all_url>" (Maskbook require for the specify site in the runtime).

https://github.com/DimensionDev/Maskbook/blob/master/src/background-service.ts#L48

@danfinlay What's your opinion? :D

[danfinlay]

I was actually hoping to get a higher-level description of your needs: Rather than listing the current WebExtension APIs that you use, I was hoping to refine the definition of the minimum possible API that MetaMask could provide to enable the same use case.

One way I can tell that WebExtension's APIs are failing here is that the permissions you're requesting don't sound obviously related to what you're doing, and so it is hard for a user to provide informed consent for these permissions.

Instead, maybe "edit the way posts are displayed and posted on Facebook"? Or maybe just "ability to manipulate facebook", etc..

[Jack-Works]

Maskbook will request access for a certain site (like facebook.com or twitter.com) if user choose to connect their facebook/twitter account.
After the permission is granted, Maskbook will be able to read the post and try to decrypt them. When user create encrypted posts by Maskbook, Maskbook will automatically paste the encrypted post into the post box of facebook/twitter but not sending them automatically.
Maskbook will use the EC key to encrypt the post, sign the content of the post.
Maskbook will collect info like nickname, user id, avatar and relationship(friend/non-friend) to other person.
All of information collected above will be stored locally. In future, Maskbook may have cross device sync so the information will be transported by end-to-end encryption.

[danfinlay]

So for right now, Maskbook could operate entirely with:

• permission to view & edit info on twitter and facebook

And you wouldn't even need ability to access the internet?

We provide keys to every plugin, so you don't even need permission for that.

This would represent very strong privacy guarantees, and I think I can endorse giving you a method to edit these sites.

Async Site Editing

Now unlike a WebExtension, where you get a contentscript per page, we would not be able to give you direct DOM access, your access to the page would always be async. Is this a deal breaker? I'm curious if our registerApiMethodHandler() method could be good enough for this purpose. We will probably at least need this feature in capnode first, or we can switch to CapTP.

We could also consider making specialized permissions just for this use case, like "Permission to modify how I post and view posts on twitter/facebook", although this gives us a moving target to try to support.

[Jack-Works]

Alright, I thought connect to internet is too basic to mention. Maskbook need to connect to the internet to dispatch AES keys to other Maskbook users.
Maskbook is using GunDB (a decenterialized graph database) which is using WebSocket to connect to the bridge server. In future, Maskbook will connect to Matrix (a decenterialized IM protocol) by HTTPs.

Our infrastructure of injecting UI to the webpage is heavily depends on DOM operation. https://github.com/DimensionDev/holoflows-kit/
But Maskbook doesn't require the DOM to be the "real" DOM because our infrastructure already wrap the DOM into a Proxy (https://github.com/DimensionDev/Holoflows-Kit/blob/master/src/DOM/Proxy.ts).

Maskbook also need to add a <script> tag to the webpage to intercept document.addEventListener. The function of auto paste text to the input box is depends on this.

[rekmarks]

@Jack-Works @Tedko I'm going to close this issue since I'm about to archive this repository, but if you are still interested in building a Maskbook snap and documenting your present requirements, please open an issue in https://github.com/MetaMask/snaps-skunkworks.