Consider Make detecting zcap auto-refresh viability more sophisticated #102
Description
Currently, zcaps in a root profile agent's user EDV document is checked for a delegation proof from the same key that delegated the root profile agent's capability invocation key zcap. If such a delegation proof exists, then the zcap is considered auto-refreshable. This will need to become a more sophisticated check if rotation of that key becomes supported or if there's a need to auto-refresh zcaps that have been delegated through another profile agent (the profile's delegation is further up the delegation chain than the immediate parent).
Note: The current check also only considers a zcap "auto-refreshable" if it only has a single proof on it -- and that proof is a capability delegation proof with a verification method matching what is stated above.