Android is preparing to add support for “Valet Key”, which we assume refers to a way to securely & temporarily share a digital car key for valet parking. A new system property and SELinux policy for “valet key” have been added, but that’s it – no details on the implementation.
With the December 2022 Pixel Feature Drop, Google rolled out the ability to share a digital car key with your (trusted) friends and family. AFAIK, there’s currently no way to temporarily grant someone access to your DCK unless you manually grant then remember to revoke access.
Now here’s where things get weird. How exactly will you share your DCK temporarily with the valet? Would a temporarily valid credential be transferred to a receiving device via Nearby Share or something? Would you have to text/send them a link? Hand them (!) your phone?
Handing the valet your phone doesn’t sound ideal…but that might be how this works? Hear me out.
The SELinux policy that Google set up gives the Settings app r/w access to /metadata/valetkey. This lets it write /metadata/valetkey/enabled to indicate a valet key is enabled.
The status of the valet key is only readable to apps if /metadata/valetkey/enabled exists, ro.valetkey.enabled is true, and a GSI (?) is running.
Why would this be conditioned on whether a GSI is running? Maybe your phone will boot into a GSI temporarily so when you hand your phone over to the valet, your data will be inaccessible to them. It’s a wild theory for sure, but there’s so little information to go on!
Oh, and I looked at the CCC v3 specification. There isn’t really a section on how valet keys work, but there is a mention of a “valet parking key” as one of the standard profiles in section 11.6 Key Configuration.