@santisbon In a nutshell yes, but there are two things to keep in mind with that approach.
The first one is that even if you do that, the SPARQL endpoint is not part of the spec. So applications that want to work against any spec-compliant POD couldn't take advantage of that feature. They could use it and fall back to the spec-compliant rest API if the SPARQL endpoint is not available, though.
@santisbon But the second, more important one, is that permissions are defined at a document-level, not on triples. And you need to make sure that the SPARQL endpoint respects those permissions. So that could be challenging to implement properly.
There has been this discussion about the document model vs the graph model, but for now it's all in theory. The current spec is using a document model. If you're interested, you can learn more about it in this blog post: https://ruben.verborgh.org/blog/2022/12/30/lets-talk-about-pods/