I had a similar idea but with a much lower-brained approach of security through purely uuid uniqueness (to some degree, similar to the initial writer controlling access), and without any actual constructs built into it:

https://github.com/matthewscholefield/blobse

Which powers a few small apps like https://matthewscholefield.github.io/votosphere/

Have you considered adding an llms.txt for linkedrecords? I'd love to be able to just tell my agent to build something and point it at your llms.txt and have it just build it out on its own reliably without having to clone the repo, go through the docs, etc.

This reminds me of the sister project of linkedrecords. It is called DJAPI. And API for Data and Jobs.

It was a public API without authentication. Everybody could upload a blob and received an access and encryption key which the client can use to access this particular object. The the client could also trigger a job using the data and producting an outcome. The outcome could then be downloaded and decrypted by the client with the keys.

While linkedrecords is the BaaS part of serverless DJAPI was the FaaS part of it. I've used DJAPI to upload LaTeX files and create a PDF out of it. The actual plan is to merge those projects at some point.