They are just MutableData’s. When we talk about shared MD is just a MD which is being shared by several applications, i.e. several applications have permissions to insert, update and/or delete entries from it.
When you create a MD the owner is the account/user, and the app that is creating the MD sets the permissions upon creation for itself (if you use
quickSetup it enables all permissions for the app creating it, using its sign key to do so). After that, any app that has the
ManagePermissions permission can set permissions for any other app. Now, if an app doesn’t have the
MangePermissions permission for a MD, and it doesn’t have any other permission it needs, it can not add itself, this is when the
SharedMD request/flow comes in to add that app to the permissions list.
Yes, I think so, but only the entries which are not encrypted will be readable by the other user. A private MD can contain also unencrypted entries.
This is not possible yet, as you can see the comment there in the code, it’s locked to only one owner at the moment. Changing ownership is not implemented yet either.
I’m not sure if this makes sense, at least at the moment, because usually it is an app which is interacting with the network and manipulating the user’s data on behalf of the user, so you need the app to be given permissions.