It might be useful to have “trusted” engine storage, data that cant be changed except by trusted parties, but still separate from engines themselves (as to not lose state on upgrades). Have an engine where collection owner can mint NFTs, any smart contract holding the NFT can write to a shared storage
Thought about having something like this built into shell itself, but might be interesting to implement it “engine land”
Maybe even have this be a standard INFTCredentialAccess engine:
Engine is ownable, owner can mint credential NFTs to any address.
Credentials store role flags and other data
Grant NFT allows msg sender to use private functionality on engine
Owner can revoke grant access by token ID (grant NFT becomes useless)