Smart Privacy Consent Contract

What it does:
Allows individuals to grant, revoke, and track consent for use of their personal data by applications, services, or AI systems on-chain.

Why it matters:
Ensures GDPR/CCPA-like compliance, provides verifiable consent records, prevents misuse of personal data, and enables transparent, revocable permissions.

How it works:

Users register and grant consent for specific purposes, services, or datasets
Consent is recorded immutably on-chain with timestamps
Users can revoke or update consent at any time
Service providers can verify consent status before accessing data
Integrates with Personal Data Monetization Vault, AI Training Data Licensing, or AI Agent Payment Contract
Dashboards show active consents, revoked permissions, and consent history

      // SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;

import "@openzeppelin/contracts/access/Ownable.sol";

/**
 * @title SmartPrivacyConsent
 * @author Nam
 * @notice Manages on-chain privacy consents for personal data
 */
contract SmartPrivacyConsent is Ownable {

    struct Consent {
        string purpose; // e.g., "AI training", "marketing"
        string service; // service or app name
        uint256 timestamp;
        bool active;
    }

    mapping(address =&gt; Consent[]) private userConsents;

    // -------------------- EVENTS --------------------

    event ConsentGranted(address indexed user, uint256 consentId, string purpose, string service);
    event ConsentRevoked(address indexed user, uint256 consentId);

    // -------------------- CONSENT MANAGEMENT --------------------

    function grantConsent(string calldata _purpose, string calldata _service) external {
        Consent memory c = Consent({
            purpose: _purpose,
            service: _service,
            timestamp: block.timestamp,
            active: true
        });

        userConsents[msg.sender].push(c);
        uint256 consentId = userConsents[msg.sender].length - 1;

        emit ConsentGranted(msg.sender, consentId, _purpose, _service);
    }

    function revokeConsent(uint256 _consentId) external {
        require(_consentId &lt; userConsents[msg.sender].length, &quot;Invalid consent ID&quot;);
        userConsents[msg.sender][_consentId].active = false;

        emit ConsentRevoked(msg.sender, _consentId);
    }

    // -------------------- VIEW FUNCTIONS --------------------

    function getUserConsents(address _user) external view returns (Consent[] memory) {
        return userConsents[_user];
    }

    function isConsentActive(address _user, uint256 _consentId) external view returns (bool) {
        require(_consentId &lt; userConsents[_user].length, &quot;Invalid consent ID&quot;);
        return userConsents[_user][_consentId].active;
    }
}