How to control access to personnal information stored on blockchain (with an educational use case)

The following scenario can be suggested as the simplest option:

1. We create a smart contract with 3 methods:

• RegistryRequest(bytes32 info_id, bytes32 user_id, string memory public_cert) payeble
• SendInfo(bytes32 info_id, bytes32 user_id, string file_addr)
• GetInfo(bytes32 info_id, bytes32 user_id) view return(string memory retVal)

2. The consumer calls the method RegistryRequest transfers:

• info_id - the identifier of the required data
• user_id - his unique identifier (e-mail, mobile phone, and so on) ()
• public_cert- his public key OpenSSL and attaches a certain amount in Eth to the transaction as payment for the service.

3. Having received the details and payment from the consumer, you:

• create a file with the data he needs
• encrypt this file with the consumer's public key OpenSSL,
• upload it to some web resource or transfer it via IPFS or Ethereum Swarm (or in any other way)
• using the method SendInfo lay out the "address" of the data file (file_addr) in relation to the data and consumer identifiers (info_id, user_id). To pay for the transaction, you use a portion of the amount received from the consumer along with the RegistryRequest.

4. The consumer through the method GetInfo using the data identifier (info_id) and his personal identifier (user_id) receives the "address" of the data file, extracts and decrypts it

5. If the data changes, then their changed state is laid out similarly to point 3

6. After the expiration of the data provision period, you stop releasing their update

More complex solutions can, for example, be discussed with experts for free and simulated on a kekker.com