Mark Miller leads a discussion joined by Caridy Patino at 00:24. This is state of the art object capabilities-based computer security in Javascript. The specificity is both delightful and exacting.
YOUTUBE yd8NCoZ5N_o SES-mtg: Internal slots vs practical transparency, near membranes. August 13, 2020.
part 2. Code walk-thru. page 
Implementation would stop man-in-the-middle attacks on Wiki by securing public and plugin keys from sandbox attacks. Google and Salesforce cross-compile JS to monkey patch these unboxing vulnerabilities pending formal support and ratification in Ecmascript.