Private Ephemeral Rollups use a Permission Program to manage fine-grained privacy controls for accounts and account groups. This runs on Solana L1 and can be updated on the fly.
Permission Groups: Define groups with arbitrary membership and IDs via CPI. A group aggregates users and the accounts governed by its permissions.
Permissions: Add permissions to groups. Today a permission implies read access for the delegated account; read/write splits may be added in the future.
Access: Client access to permissioned ER state requires authenticating ownership of a specified public key. Successful authentication yields a token used to query the ER.