Allow different "warning" levels

[bdresser]

Rather than a monolithic blacklist, we could include different levels of warning that we display to the user.

Could correlate to severity of reported issue, number of reports, recency of compromise, etc.

Probably needs some discussion or research.

Relates to MetaMask/metamask-extension#4776

[blurpesec]

Kicking off discussion here.

Currently eth-phishing-detect detects and spits out the following messages:

1. { type: 'whitelist', result: false } - In the event of a domain being on the whitelist.
2. { type: 'blacklist', result: true } - In the event of a domain being on the blacklist.
3. { type: 'fuzzylist', result: true, match: NUM } - In the event of a domain having a sufficiently-small string edit distance from one of the domains on the fuzzylist.
4. { type: 'all', result: false } - In the event of a domain not being whitelisted, blacklisted, or detected by the fuzzylist.

I propose that we change this to include more information on levenshtein-checks. The suggested outputs will then be:

1. { type: 'whitelist', result: false, input: 'example.com' } - In the event of a domain being on the whitelist.
2. { type: 'blacklist', result: true, input: 'example.com' } - In the event of a domain being on the blacklist.
3. { type: 'fuzzylist', editdistance: NUM, result: true, input: 'example.com', match: 'example.com' } - In the event of a domain having a sufficiently-small string edit distance from one of the domains on the fuzzylist. NUM, in this instance is a specific number (the edit distance from the levenshtein distance detection).
   Example 1: { type: 'fuzzylist', editdistance: 2, result: true, input: 'mycriptto.com', match: 'mycrypto.com' } the editdistance would be 2 because the levenshtein distance between mycriptto.com and the detected domain mycrypto.com is 2.
4. { type: 'all', result: false, input: 'example.com' } - In the event of a domain not being whitelisted, blacklisted, nor detected by the fuzzylist.

---

As it pertains to MetaMask, MetaMask can handle the occurrences independently.

• A return of { type: 'fuzzylist', editdistance: 2, result: true, input: 'mycriptto.com', fuzzydomain: 'mycrypto.com' }, MetaMask could choose to show a warning instead of a block, due to the check returning true because of fuzzylist detection with a severity of 9 (the number of letters in mycrypto.com minus the edit distance between the input domain and mycrypto.com) out of 11 (the number of letters in mycrypto.com the closest detected fuzzy comparison within detectable range), or 81.8% severity.
• A return of { type: 'blacklist', result: true, input: 'myeitherwallet.com' }, MetaMask can choose to show a block, because this domain, itself, has been strictly blacklisted, having a severity of 100%.