Specification

A user should be able to use a node id, OR an identity to be able to share a vault, currently vaults can be shared only with node ID's, however, sharing with identities is a crucial part of Polykey.

The desired behaviour should be that sharing a vault with a nodeId shares the vault with the entire gestalt. This is because Gestalts are addressable by both nodeIds and identityProviderIds. Furthermore, the VaultShare handlers should also be able to accept identityProviderIds as well, and take the first discovered node of the identity to trust.

There are some implications regarding discovery. For example, in the case where node B trusts node A, and hence gestalt A, but node C joins gestalt A after this, so that node B does not know that node C is in gestalt A yet.

Additional Context

There is existing discussion about how to do this in Polykey: MatrixAI/Polykey#626. This CLI issue is derived from that.

Tasks

1. Enable sharing of vault with gestalt ID.
2. Allow for nodes from the same trusted gestalt to clone/pull a vault
3. When a vault is shared with a gestalt, implement notifications for all nodes of that gestalt
4. Update discovery mechanism when vault pull is called.