I'm currently working on capability based access control system that provides a formal schema for the tokens with digital signature that can aggregate trust from multiple capability providers.
https://github.com/DotFox/capbac-bls
It is kinda in the same field but more about internal security for decentralised systems. Not sure I can give you any pointer but feel free to ask any questions :)