Permissionless, yet Secure Execution of Smart Contracts


I am wondering if there's a way for users to be able to interact with assets on my ERC1155 contract in a permissionless way, so users have full-control of their assets. But at the same time, we would like users to only interact with our dapp, instead of executing functions on etherscan or something (because our assets will be backed by offchain entities which we will need to regulate). I have though of a few ideas:

  1. Create an admin address onchain that will be our dapp's custodial address, and use its private key to approve the execution of transactions on the contract, and create a boolean flag that turns true when dapp address approves it.

  2. Create multi-sig authority to sign transactions (dapp custodial address + user's address) with the user's address as the signer address.

What is the best action to take? Thanks!