Request to manage asset access on NeoFS based on smart contract

[amlwwalker]

Summary or problem description

I saw here, that there is a feature request to update the Oracles to be able to POST data to NeoFS and it made me think again about this.

Is it feasible that access rights to an asset on neoFS can use a smart contract/NFT ownership to allow a wallet access to an asset? Maybe not today, but as a feature (request)?
This would be a hugely powerful feature of NeoFS especially as one of Neo's big things is how storage is native to the Neo ecosystem.

Do you have any solution you want to propose?

Probably an extension of bearer tokens where when a request is made to NeoFS for an asset, the asset (perhaps through attributes??) requires 'proof' that the requesting wallet owns a specific asset on a smart contract.

Neo Version
Neo 3

[cschuchardt88]

@amlwwalker
You can think of smart contracts a mini database. Why not develop your own proof in your smart contract? NFT as example.

[amlwwalker]

@cschuchardt88 - permissions for accessing an asset are done from the NeoFS nodes though. My request is really about enhancing the existing NeoFS authentication layer (which has the eacl tables, the session and bearer tokens for auth) so that a smart contract could be used, exactly as you say as a database (for authentication).
So a request is made to NeoFS to access an asset, the NeoFS node(s) check the authentication of the requester for the asset as they currently do, however I'm proposing that as well as eacl and bearers, there is "smart contract" as an option.

A basic proof could be a smart contract that returns true if a wallet owns an asset or not.... but I can't really make a proof of this without the proposal of enhancing the neoFS nodes auth system.

@roman-khimov is this feasible?

[cschuchardt88]

@amlwwalker maybe write up/ put request a NEP for smart contracts standard.

https://github.com/neo-project/proposals

[roman-khimov]

We can only base this on side chain contracts and this is closely related to nspcc-dev/neofs-api#305 to me (which should solve the problem for many cases). But probably some VM-based EACLs would also be needed and currently we have no plans for them.

[0c3d7r4]

Without this your whole neofs is useless. The point of distributed blockchain is for it to be dirstributed, not requiring a side-server to issue transactions, because if that goes down, the content-delivery authentication (token-issuing, ACL-updating) infrastructure goes down rendering the service USELESS. This is not smart economy. If you were serious about innovation, you'd investigate the hard tasks like this one and not cherry-pick the obvious solutions like basic S3 nodes which anybody can do. Harsh but true. I'm tired of seeing people abandon real progress half-way once they've reached some MVP and have enough to report this to the investors. This feature is a must have if you want to move forward.