here's a link to another discussion with some answers: https://discuss.grapheneos.org/d/1346-pwas-with-vanadium. Also, a relevant link from the GrapheneOS website: https://grapheneos.org/usage#web-browsing
Boffs My understanding is these PWAs would have the same permissions as vanadium
No. Sites on Vanadium are also sandboxed and access to APIs for location, camera, microphone, etc. are all controlled by Vanadium on a per-site basis. For example, Google Maps PWA can have location access, while Facebook PWA doesn't.
Boffs I had to temporarily grant vanadium storage access, would all of those companies get access to my storage even if their PWAs aren't in use?
No. So far it looks like PWAs cannot access entire folders, but instead if a PWA needs access to a file on your phone, the browser will use the Android File Picker. In other words, you have to give it special permission to read a file when it asks. A PWA can't just access files on its own on the file system without user interaction, even files it has had access to before.
When / if Chromium has folder access added, I'm sure it'll be set up the same way.
Boffs Also can the PWAs snoop on each other if I'm using the same browser or is everything isolated?
Everything is isolated. From the website:
Chromium-based browsers like Vanadium provide the strongest sandbox implementation, leagues ahead of the alternatives. It is much harder to escape from the sandbox and it provides much more than acting as a barrier to compromising the rest of the OS. Site isolation enforces security boundaries around each site using the sandbox by placing each site into an isolated sandbox.
Boffs Is there anything else I should consider?
Not really. Web browsers have put a lot of work in to hardening site isolation and sandboxing everything. Websites and PWAs can only access the file system through APIs built in to the browser. All access can be controlled per-website.
Only thing I can think of is if the PWA is updating in the background (like for push notifications), then the site will be able to see your IP address as your phone polls the site for notifications. If that bothers you, use a VPN.
GiftedAccess How does the storage scopes work in this case?
Storage scopes don't really come in to play here. Vanadium doesn't need any file storage access for this functionality. When a PWA asks to open a file, Vanadium uses the Android File Picker to browse for the specific file. This is different from storage access. PWAs have to ask for access to individual files each time they want access. They don't automatically get access to anything Vandium has access to with its storage permissions.