Filter proxy transactions by specific extrinsic #2372
Description
Is your feature request related to a problem? Please describe.
Problem:
The filtering of extrinsics for scoping proxies is done by pre-defined types, which do not fit all use cases for builders, are not best security practice, make proxies promiscuous or force people to lean on execution of smart contracts instead of native delegation of chain calls. If only one extrinsic of any given type is required, the parent still has to open access to the entire type, exposing access not required by the proxy. This is not the Principle of Least Privilege. See an example from the NIST guidelines for best practices: https://csrc.nist.gov/glossary/term/least_privilege
Describe the solution you'd like
Solution:
Open proxy extrinsic filtering to specific individual extrinsics (in addition to or rather than whole types) to allow secure delegation that fits various needs. Effectively a (delegate, type::extrinsic, delay) option for add_proxy to only open access to custom combinations of single extrinsics. This would allow for creating more secure and personalized scopes of proxy extrinsics specific to any builder's needs. It would also lower use of smart contracts as an end-around for dynamic requirements.
Describe alternatives you've considered
At this time, there is no proxy alternative to scope permissions to specific extrinsics. One could write smart contracts, but these could have performance/storage implications and seem redundant vs just allowing self-management of proxies to run native tx.
Additional context
No response