> Frankly, I'd like to have ACLs and a way to verify the public key of the
> user
>

do you mean ACL query on narrow map of user/contact documents collection?