fix(console): include only relevant proofs

[fforbeck]

Context

When I try to upload an encrypted file, the UCAN KMS server now checks if the account DID associated with the request is subscribed to a paid plan.
Not sure how this was working locally, but after getting it deployed to staging, I started getting a new error:

Caused by: Error: Claim {"can":"space/encryption/setup"} is not authorized
  - Capability {"can":"space/encryption/setup","with":"did:key:z6MkregdKwiCtbUHqaWwii1rJMwRkAoKKXT32iAzAUPTztjF"} is not authorized because:
    - Capability can not be (self) issued by 'did:key:z4MXj1wBzi9jUstyNmyyRPnXGLhQQcYDzWYLQ4M1D5EDnJeLz1rHR141WY6TefK5MEeVvfWtw5drGsYoNbJkD2E2rxksiGtwrCFdGQvSYEXMgPripR5RcGK8sZ5THggwJ3NJwKnCJ5MsWHZN7oys96KSrgNkdarzXcz4ziMf5Z16RvcC7p3qAuGyq7qPrfKn5gmPBXPiUoDqLxcMzmr8dns2PCZS3pnCvAk8RpzHLCSPZBhnj1Q1jhvMVPYEbNrFoiXcq4K3Dg34LgXzEimNz3t3gSAXZHMVQZVoR458dRxHsLdJha1S78cePEiAbt3P9G5mfp47wzCYBa9oGAWmGmJzNuVuNPqPZfm4zfrmSdrkATVKLFv56'
    - Capability can not be derived from prf:bafyreigzy5nrwupa6kqq7wdh24std3tgrbt5dsmcq2mw6z6ofwilpgonzu because:
      - Delegation audience is 'did:key:z6MkmRf149D6oc9wq9ioXCsT5fgTn6esd7JjB9S5JnM4Y9qj' instead of 'did:key:z4MXj1wBzi9jUstyNmyyRPnXGLhQQcYDzWYLQ4M1D5EDnJeLz1rHR141WY6TefK5MEeVvfWtw5drGsYoNbJkD2E2rxksiGtwrCFdGQvSYEXMgPripR5RcGK8sZ5THggwJ3NJwKnCJ5MsWHZN7oys96KSrgNkdarzXcz4ziMf5Z16RvcC7p3qAuGyq7qPrfKn5gmPBXPiUoDqLxcMzmr8dns2PCZS3pnCvAk8RpzHLCSPZBhnj1Q1jhvMVPYEbNrFoiXcq4K3Dg34LgXzEimNz3t3gSAXZHMVQZVoR458dRxHsLdJha1S78cePEiAbt3P9G5mfp47wzCYBa9oGAWmGmJzNuVuNPqPZfm4zfrmSdrkATVKLFv56'
    - Capability can not be derived from prf:bafyreicjk2cyudk3c5fztixq7jayqittiaxmxzcyyrju4unlefozdklhgi because:
      - Unable to resolve 'did:mailto:dmail.ai:0x27a70b4111431af7ed9003a155ad2aa68d7ac952' key
    - Capability can not be derived from prf:bafyreibsbi4jlfh66s6n5442n6ax6h4icjgywrnm4tsb76lyhxzlr3h7gq because:
      - Unable to resolve 'did:web:staging.up.storacha.network' key
    at KMSCryptoAdapter.getSpacePublicKey (1252.d089fce33f25417b.js:1:10867)
    at async KMSCryptoAdapter.encryptSymmetricKey (1252.d089fce33f25417b.js:1:8686)
    at async encryptFile (5276-5acf6ba55e2c60f9.js:1:47123)
    at async encryptAndUpload (5276-5acf6ba55e2c60f9.js:1:46484)
    at async doEncryptedUpload (5276-5acf6ba55e2c60f9.js:1:95092)
    at async doUpload (5276-5acf6ba55e2c60f9.js:1:95405)

I believe it was caused because I was including all the agent's proofs in the getPlanDelegation, and then the storacha client created by the UCAN KMS Server, imports all the proofs, but it can't resolve the following DID: did:web:staging.up.storacha.network.

Solution

Include only relevant proofs so the agent doesn't need to handle and try to resolve additional dids.

Relevant code: https://github.com/storacha/ucan-kms/blob/main/src/services/storacha-storage.js#L71

[travis]

this seems like a good idea no matter what, but I'm not sure it will fix the issue - I think this proof will still depend on a proof that includes the staging service DID - we actually have a mapping that should allow this to resolve the staging DID:

https://github.com/storacha/w3infra/blob/main/upload-api/functions/ucan-invocation-router.js#L103

that said, if this does fix the issue then great!