Prototype pollution prevention for wallet scripts

[darkdh]

Resolves brave/brave-browser#24415
Resolves https://github.com/brave/security/issues/940

1. Provide extensions::SafeBuiltins like class for Brave wallet and only save what we need. (Most of the codes are copied from upstream)
2. Move unnecessary Object creation from script to v8
3. This measure is to protect the scripts we loaded in Brave, 3rd party scripts are out of scope
4. SafeBuiltins are loaded in a closure when executing the script so it won't pollute the global namespace

Submitter Checklist:

• I confirm that no security/privacy review is needed, or that I have requested one
• There is a ticket for my issue
• Used Github auto-closing keywords in the PR description above
• Wrote a good PR/commit description
• Squashed any review feedback or "fixup" commits before merge, so that history is a record of what happened in the repo, not your PR
• Added appropriate labels (QA/Yes or QA/No; release-notes/include or release-notes/exclude; OS/...) to the associated issue
• Checked the PR locally: npm run test -- brave_browser_tests, npm run test -- brave_unit_tests, npm run lint, npm run gn_check, npm run tslint
• Ran git rebase master (if needed)

Reviewer Checklist:

• A security review is not needed, or a link to one is included in the PR description
• New files have MPL-2.0 license header
• Adequate test coverage exists to prevent regressions
• Major classes, functions and non-trivial code blocks are well-commented
• Changes in component dependencies are properly reflected in gn
• Code follows the style guide
• Test plan is specified in PR before merging

After-merge Checklist:

• The associated issue milestone is set to the smallest version that the
  changes has landed on
• All relevant documentation has been updated, for instance:
  • https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)
  • https://github.com/brave/brave-browser/wiki/Proxy-redirected-URLs
  • https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections
  • https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes
  • https://github.com/brave/brave-browser/wiki/Custom-Headers
  • https://github.com/brave/brave-browser/wiki/Web-Compatibility-Exceptions-in-Brave
  • https://github.com/brave/brave-browser/wiki/QA-Guide
  • https://github.com/brave/brave-browser/wiki/P3A

Test Plan:

1. Setup wallet and solana account
2. Navigate to simple website like example.com
3. Open Dev console
4. Type this and enter

Object.defineProperties = ()=>console.log('defineProperties overwritten')
await solana.connect()
_brave_solana.createPublickey = ()=>'0x12345'
_brave_solana.createPublickey('5STiJLNtCLiNaeD6vwrEfvikNi9NbfVpEbxU7KrUv4uo').toString()

8. Grant permission or unlock the wallet when being asked.
9. We should expect to see '5STiJLNtCLiNaeD6vwrEfvikNi9NbfVpEbxU7KrUv4uo'
10. Refresh the page
11. Type this and enter

await solana.connect()
Object.prototype.__defineGetter__('publicKey', ()=>'0x00')
solana.publicKey

12. We should be able to see real public key instead of '0x00'
13. Refresh the page
14. Type this and enter

Object.freeze = ()=>{}
await solana.connect()
_brave_solana.abc = 123
_brave_solana.abc

15. We should see undefined instead of 123

[bridiver]

seems like this should be a generic helper outside of wallet?

[darkdh]

If it has to be generic and it needs to include everything. Right now, we only protect the one we used in wallet scripts.

[bridiver]

well, it needs to include the things we are using, but those can be added for other Brave scripts that use it. What I want to avoid is duplicating this in other places

[darkdh]

fixed in 9cdc09281c12f97e6e37ac031c4c8572586a2169

[bridiver]

do we have a const for publicKey somewhere?

[bridiver]

also used https://github.com/brave/brave-core/pull/14460/files#diff-7cdd1da2bab576a68d9a1469b45add340ad978aafbdff369f3e590b1aaf8febbR740

[darkdh]

fixed in 4d3458125b59d884a72a96565a2c43311c31eba1