You can make those web .md notes embedded with iframes from CryptPad and the user will only manually give access (read only) to those you want after a simple email registration. It’s really simple if the user is allowed to choose whether to embed certain .md notes from CryptPad (or other services) on the website, I think.