Hi @corentin.damman,
As you know, private snaps requires a user to be logged in to the device to access it. And this user has to be either the owner of the snap, or a collaborator, which has full RW access on the snap.
So, imagine, if every device from Laborelec would have RW credentials for an account that can access and change this snap, every human accessing these devices could:
1- change the privacy setting, from private to public
2- upload a new revision abusing the interface, with any malicious content (intentionally or non intentionally).
So granting the snapd-control interface to a snap in the public store is not something that can be done in this case. What Laborelec should consider is getting a brand store, which is designed exactly for this case: there are snaps targeting a specific device model, which does not make sense in to be available in the main store; and the brand store can have a finer control about what interfaces the snaps are granted.
A brand store has also the very desirable feature where your devices would not need any user credentials in it, they will have a custom model pointing to this store with a unique serial and no other device could impersonate a device to access the brand store.
If you/Laborelec decide not to use a brand store, you should really re-consider not using the “private” feature of a snap for this, since (as I mentioned above) in order to access a private snap, owner or collaborator is required, and any of those have full RW access on the snap. Furthermore, user authentication in a device expires, so every user using a device will have to re-login, manually, entering email and password, every time the user authentication (macaroon) expires. Expiration date of user authentication can vary.
Private snaps were designed to be used in an initial phase of development, so a minimal group of users could upload new revisions and test it in a device, but it was not designed, nor it makes sense to be used, as a way of production distribution of your snap.
Regards, Natalia.