Observed quantum correlations are known to determine in certain cases the underlying quantum state and measurements. This phenomenon is known as (quantum) self-testing. Self-testing constitutes a significant research area with practical and theoretical ramifications for quantum information theory. But since its conception two decades ago by Mayers and Yao, the common way to rigorously formulate self-testing has been in terms of operator-algebraic identities, and this formulation lacks an operational interpretation. In particular, it is unclear how to formulate self-testing in other physical theories, in formulations of quantum theory not referring to operator-algebra, or in scenarios causally different from the standard one. In this paper, we explain how to understand quantum self-testing operationally, in terms of causally structured dilations of the input-output channel encoding the correlations. These dilations model side-information which leaks to an environment according to a specific schedule, and we show how self-testing concerns the relative strength between such scheduled leaks of information. As such, the title of our paper has double meaning: we recast conventional quantum self-testing in terms of information-leaks to an environment --- and this realises quantum self-testing as a special case within the surroundings of a general operational framework. Our new approach to quantum self-testing not only supplies an operational understanding apt for various generalisations, but also resolves some unexplained aspects of the existing definition, naturally suggests a distance measure suitable for robust self-testing, and points towards self-testing as a modular concept in a larger, cryptographic perspective.