Add proxy support if possible

[Tbaut]

It has been mentioned by 2 users in the past days, I am not entirely sure how this should be supported (proxies are supposed to be for specific use cases, and it seems that Polkadot users have set an identity on an account that they then use proxies for).

https://polkadot.polkassembly.io/motion/12#ee2b7dc2-341c-42e2-9837-3f84fb28c938
https://polkadot.polkassembly.io/post/39#30707954-3282-4943-bea4-805674b81203

@joepetrowski and @lucasvo would you mind telling us more about your use case, we'd love to help you use your identity on Polkassembly if possible.

[lucasvo]

We are using a proxy with an identity as the "Centrifuge Dev" team. Because this account is shared between different people we didn't want to use a private key. It would make it impossible to revoke access: if an employee left and they had access to they key we have to assume they will always have access.

For that reason we use a proxy. If this account will start to manage more significant amounts of DOTs we will actually change the proxy to only allow a 2/n multisig to perform any actions at which point I think it would definitely become quite complicated to determine how a user can interact with polkassembly with a proxy identity - require 2 signatures to log in?

[joepetrowski]

My setup is less complex than that, seems @lucasvo is using anonymous proxies?

I have my Council account with an identity, the key for which I keep completely offline. I only made a transaction to set another account as its Governance proxy in order to act on behalf of the proxied account in Council matters. I want messages that I write with my proxy account to appear as coming from the proxied account, just like the proxy transactions take on the origin of the proxied account.

If account B is a proxy for account A, I should be able to submit some proof:

1. proxy.proxies(A) includes B.
2. Its type is a superset of Governance, i.e. All, NonTransfer, or Governance.

After this claim has been made for B, every time B makes a post on Polkassembly, it should perform the previous two checks to make sure that the proxy hasn't been revoked. If it is still a proxy, then it should display the message as coming from A.

[Tbaut]

Thanks for the use-cases explanations.
Polkassembly access control is totally off-chain (just like the DB of the posts and the comments). Any proxy can be queried on-chain afaik (not sure what anonymous proxies are tbh), so there shouldn't even be the need for a proof.

For displaying proxied identity, I think that should be possible because we get the info from on-chain. Polkassembly could check for proxied account of type Governance and show that.

One bigger hurdle is for post edition. To make sure there's no bug / attack vector, Polkassembly would need to track any change in on-chain proxy settings and every-time a user writes, check against these on-chain settings. This is sort of advanced ACL is not something that the current architecture is capable of. Not saying it's not possible of course, but it's not trivial.