A consumer requests certain pieces of information, and the user gives “links” to that data within their DID document
We also create a registry that stores what pieces of information the user allowed the consumer to access
Every time a consumer needs certain data, they go through a function in UserRegistry contract (or some new contract that we create), and that function checks whether the consumer is allowed to get that data
If it is allowed, the data is returned, otherwise access is denied.