Note, on core, multipass won’t be classic and the security policy won’t allow chowning the socket to root:sudo even if you could add a user to the group.
I suspect the pattern is the same as for other snaps of this type where you desire:
$ snap install multipass
... multipass creates the socket with root:multipass 0660 permissions
$ sudo addgroup <user> multipass # addgroup used for simplicity
$ sg multipass ; multipass ...
It is technically possible to use the account-control interface to modify /var/lib/extrausers/group directly, but this has not been allowed in the store for some time.
In short, today, this is not possible. @pedronis, this is a similar scenario (‘system users and groups’) to what we discussed for microk8s recently. In this case, multipass only wants a group to regulate access (I believe this also holds true for the docker and lxd snaps). With microk8s, they want both a user and group.
What would be possible is for multipass to leave the socket as 0666 and do the check itself by looking at the peer cred for the uid, then doing a getgrent() to check for group membership. You could make this group membership configurable via ‘snap set’ for multipass. The only thing left would be how to make it easy for the admin user to add the specified group to the system if it didn’t exist and to add users to the specified group.