ERC-5496 — Multi-privilege Management NFT Extension

Back to Token Standards

ERC-5496: Multi-privilege NFT

ERC-5496 lets an NFT carry multiple discrete privileges that the owner can grant individually. Each privilege has a unique id (integer); holders can hold a subset of an NFT's privileges. The privileges may auto-reset on transfer or persist depending on the implementation choice.

Differs from ERC-7432 (named role grants with TTL) and ERC-5380 (per-action delegation) in that privileges are discrete bits rather than time-bounded grants: either the holder has the privilege or doesn't.

Common in:

• Game characters with multi-permission roles (read, write, command, evolve).
• DAO members with privilege bitmaps for proposing / voting / executing.
• Subscription NFTs with feature-flag privileges.

Required Interface (delta from ERC-721)

interface IERC5496 {
    event PrivilegeAssigned(uint256 indexed tokenId, uint256 indexed privId,
                            address indexed user, uint256 expires);

    function setPrivilege(uint256 tokenId, uint256 privId, address user, uint256 expires) external;
    function privilegeOf(uint256 tokenId, uint256 privId) external view returns (address);
    function privilegeExpires(uint256 tokenId, uint256 privId) external view returns (uint256);
    function hasPrivilege(uint256 tokenId, uint256 privId, address user) external view returns (bool);
}

Neo Equivalent: NEP-11 + Per-(tokenId, privId, holder) Storage

public static void SetPrivilege(ByteString tokenId, BigInteger privId, UInt160 user, BigInteger expires)
{
    if (!Runtime.CheckWitness(OwnerOf(tokenId))) throw new Exception("NEP11:NotOwner");
    var entry = new Map<string, object> { ["user"] = user, ["expires"] = expires };
    Storage.Put(Storage.CurrentContext, PrivKey(tokenId, privId), StdLib.Serialize(entry));
}

public static bool HasPrivilege(ByteString tokenId, BigInteger privId, UInt160 user)
{
    var raw = Storage.Get(Storage.CurrentContext, PrivKey(tokenId, privId));
    if (raw is null) return false;
    var entry = (Map<string, object>)StdLib.Deserialize((ByteString)raw);
    if ((BigInteger)entry["expires"] < Runtime.Time) return false;
    return ((UInt160)entry["user"]).Equals(user);
}

Direct port of the mapping. Unlike ERC-7432 which uses named bytes32 role IDs, ERC-5496 uses simple integer IDs (suitable for small fixed enumerations).

Comparison

Standard	Granularity	Identifier	Use case
ERC-4907	Single role	None (USER)	Simple rentals
ERC-5380	Per-action	bytes4 selector	Action delegation
ERC-5496 (this)	Per-privilege	uint256 ID	Bitmap-style permissions
ERC-7432	Per-role	bytes32 hash	Named-role grants

Composition

• ERC-7432 — named roles. ERC-5496 is the numeric-id variant with simpler semantics.
• ERC-5380 — entitlement extension. Both grant per-NFT permissions; ERC-5496 is more enum-like.
• ERC-2981 — royalties. Grants don't affect royalty payments.

// SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;

contract ERC5496 {
    struct Priv { address user; uint256 expires; }
    mapping(uint256 => mapping(uint256 => Priv)) internal _privs;

    function setPrivilege(uint256 tokenId, uint256 privId, address user, uint256 expires) external {
        // ... owner check ...
        _privs[tokenId][privId] = Priv(user, expires);
    }

    function hasPrivilege(uint256 tokenId, uint256 privId, address user) external view returns (bool) {
        Priv memory p = _privs[tokenId][privId];
        return p.user == user && p.expires >= block.timestamp;
    }
}

using System;
using System.ComponentModel;
using System.Numerics;
using Neo;
using Neo.SmartContract.Framework;
using Neo.SmartContract.Framework.Attributes;
using Neo.SmartContract.Framework.Native;
using Neo.SmartContract.Framework.Services;

namespace R3E.Examples;

[DisplayName("MultiPrivNFT")]
[ContractPermission("*", "*")]
[SupportedStandards(NepStandard.Nep11)]
public class MultiPrivNFT : Nep11Token<TokenState>
{
    public override string Symbol => "MPRV";

    private const byte Prefix_Priv = 0x30;

    public static void SetPrivilege(ByteString tokenId, BigInteger privId, UInt160 user, BigInteger expires)
    {
        if (!Runtime.CheckWitness(OwnerOf(tokenId))) throw new Exception("NEP11:NotOwner");
        var entry = new Map<string, object> { ["user"] = user, ["expires"] = expires };
        Storage.Put(Storage.CurrentContext, PrivKey(tokenId, privId), StdLib.Serialize(entry));
    }

    public static bool HasPrivilege(ByteString tokenId, BigInteger privId, UInt160 user)
    {
        var raw = Storage.Get(Storage.CurrentContext, PrivKey(tokenId, privId));
        if (raw is null) return false;
        var entry = (Map<string, object>)StdLib.Deserialize((ByteString)raw);
        if ((BigInteger)entry["expires"] < Runtime.Time) return false;
        return ((UInt160)entry["user"]).Equals(user);
    }

    private static byte[] PrivKey(ByteString tokenId, BigInteger privId)
        => new byte[] { Prefix_Priv }.Concat(tokenId).Concat((ByteString)(byte[])privId.ToByteArray());
}