Secret Health Data

A revolutionary blockchain-based healthcare data management system that leverages Fully Homomorphic Encryption (FHE) to store and manage sensitive health information with unprecedented privacy and security. Built on Ethereum Sepolia testnet using Zama's FHEVM technology.

Table of Contents

• Overview
• Key Features
• Technology Stack
• Problem Statement
• Solution & Advantages
• Architecture
• Smart Contract Design
• Frontend Application
• Getting Started
  • Prerequisites
  • Installation
  • Environment Setup
  • Running the Project
• Deployment
• Usage Guide
• Testing
• Security Considerations
• Future Roadmap
• Contributing
• License
• Acknowledgments

Overview

Secret Health Data is a decentralized application (dApp) that enables individuals to securely store their health information on the blockchain using Fully Homomorphic Encryption (FHE). Unlike traditional healthcare systems where data is stored in centralized databases vulnerable to breaches, this system ensures that sensitive health metrics remain encrypted at all times - even during computation and storage on-chain.

The platform allows users to:

• Store personal health data (birth year, blood pressure, height, ALT levels, WBC count) in encrypted form
• Maintain complete ownership and control over their health information
• Selectively decrypt and share their data when needed
• Benefit from blockchain's immutability and transparency without compromising privacy

Key Features

Privacy-First Design

• End-to-End Encryption: All sensitive health data is encrypted using Zama's FHEVM technology before being stored on the blockchain
• Confidential Computing: Encrypted data can be processed without decryption, maintaining privacy during computation
• User-Controlled Decryption: Only the data owner can decrypt their information using cryptographic signatures

Blockchain Security

• Immutable Records: Health data stored on Ethereum blockchain cannot be altered or deleted
• Decentralized Storage: No central authority controls the data, reducing single points of failure
• Transparent Access Control: Access permissions are managed on-chain with cryptographic guarantees

User-Friendly Interface

• Modern Web Interface: Built with React and RainbowKit for seamless wallet integration
• Responsive Design: Glass morphism UI design that works across all devices
• Two-Mode Operation:
  • Create Profile: Input and encrypt health data
  • View Profile: Retrieve and decrypt your stored information

Self-Sovereign Identity

• Wallet-Based Authentication: No usernames or passwords - access controlled by Ethereum wallet
• Personal Data Ownership: Users have complete control over their health information
• Portable Identity: Data is tied to wallet address, not a platform

Technology Stack

Smart Contract Layer

• Solidity ^0.8.24: Smart contract programming language
• FHEVM (Zama): Fully Homomorphic Encryption Virtual Machine
  • @fhevm/solidity ^0.8.0: FHE library for Solidity
  • @zama-fhe/oracle-solidity ^0.1.0: Oracle integration
  • encrypted-types ^0.0.4: Encrypted type definitions
• Hardhat ^2.26.0: Ethereum development environment
• TypeChain ^8.3.2: TypeScript bindings for smart contracts

Frontend Stack

• React 19.1.1: Modern UI framework
• TypeScript 5.8.3: Type-safe development
• Vite 7.1.6: Next-generation build tool
• Wagmi ^2.17.0: React hooks for Ethereum
• RainbowKit ^2.2.8: Wallet connection UI
• Viem ^2.37.6: TypeScript interface for Ethereum
• Ethers.js ^6.15.0: Ethereum library
• @zama-fhe/relayer-sdk ^0.2.0: Client-side encryption library

Development Tools

• Hardhat Deploy ^0.11.45: Deployment management
• Hardhat Gas Reporter ^2.3.0: Gas usage analysis
• Mocha & Chai: Testing framework
• ESLint & Prettier: Code quality tools
• Solhint: Solidity linter

Network & Infrastructure

• Ethereum Sepolia Testnet: Development blockchain
• Infura: Ethereum node provider
• Zama Gateway Chain (55815): FHE operations
• Zama Relayer: Encrypted input processing

Problem Statement

Healthcare Data Privacy Crisis

Modern healthcare systems face critical challenges in managing sensitive patient data:

1. Centralized Vulnerabilities

   • Healthcare data breaches exposed 45 million patient records in 2023 alone
   • Centralized databases create honeypots for attackers
   • Single points of failure compromise entire patient populations

2. Patient Disempowerment

   • Patients lack control over their own health information
   • Data sharing between providers requires complex consent processes
   • No transparent record of who accesses personal health information

3. Privacy vs. Utility Trade-off

   • Current systems either encrypt data at rest (making it unusable) or decrypt for processing (exposing it)
   • Researchers cannot access health data for studies without privacy risks
   • Insurance verification requires full data disclosure

4. Interoperability Issues

   • Different healthcare providers use incompatible systems
   • Patient data fragmented across multiple institutions
   • Difficult to maintain comprehensive health history

5. Trust Deficit

   • Patients unsure who has access to their records
   • No verifiable audit trails of data access
   • Third-party data sales without patient knowledge

Solution & Advantages

How Secret Health Data Solves These Problems

1. True Privacy with Utility

• FHE Technology: Zama's FHEVM allows encrypted data to remain encrypted even during processing
• No Plaintext Exposure: Health data never exists in unencrypted form on-chain
• Selective Decryption: Users can decrypt specific fields only when needed

2. User Sovereignty

• Wallet-Controlled Access: Ethereum wallet serves as the master key
• Granular Permissions: Fine-grained access control via smart contract ACLs
• Transparent Audit Trail: All access recorded immutably on blockchain

3. Decentralized Security

• No Central Database: Data distributed across Ethereum network
• Cryptographic Guarantees: Security based on mathematics, not trust
• Resilient Architecture: No single point of failure

4. Blockchain Benefits

• Immutability: Records cannot be altered or deleted
• Transparency: All operations auditable on blockchain
• Interoperability: Standard Ethereum interfaces enable integration
• Portability: Users can take their data anywhere

Advantages Over Traditional Systems

Feature	Traditional Systems	Secret Health Data
Data Storage	Centralized servers	Decentralized blockchain
Encryption	At-rest only	Always encrypted (FHE)
Data Ownership	Healthcare provider	Patient
Access Control	Provider-managed	User-managed (cryptographic)
Interoperability	Limited	Blockchain-native
Breach Risk	High (single point)	Low (distributed)
Privacy	Vulnerable during processing	Preserved during computation
Audit Trail	Opaque	Transparent on-chain
Portability	Locked-in	Wallet-based

Advantages Over Other Blockchain Solutions

1. Better than Traditional Blockchain Storage

   • Standard blockchain: Data is public and transparent
   • Secret Health Data: Data encrypted even from blockchain nodes

2. Superior to Off-Chain Storage

   • IPFS/Arweave solutions: Encryption keys vulnerable
   • Secret Health Data: Keys managed by threshold cryptography

3. More Advanced than Zero-Knowledge Proofs

   • ZK solutions: Can prove properties but cannot compute on encrypted data
   • FHE: Enables full computation on encrypted data

Architecture

System Components

┌─────────────────────────────────────────────────────────────┐
│                        User Browser                          │
│  ┌────────────────┐         ┌──────────────────────┐       │
│  │  React Frontend │────────▶│  Wallet (MetaMask)   │       │
│  │  (Vite + Wagmi) │         │  (Private Keys)      │       │
│  └────────┬───────┘         └──────────┬───────────┘       │
│           │                             │                    │
│           ▼                             ▼                    │
│  ┌────────────────────────────────────────────────┐        │
│  │      @zama-fhe/relayer-sdk (Client)            │        │
│  │  - Encrypt data before sending                 │        │
│  │  - Generate cryptographic proofs               │        │
│  │  - Decrypt data after retrieval                │        │
│  └────────────────────┬──────────────────────────┘        │
└─────────────────────────┼────────────────────────────────┘
                          │
                          ▼
         ┌────────────────────────────────────┐
         │     Zama Relayer Service           │
         │  - Process encrypted inputs        │
         │  - Generate input proofs           │
         │  - Coordinate with Gateway         │
         └────────────┬───────────────────────┘
                      │
                      ▼
     ┌────────────────────────────────────────────┐
     │       Ethereum Sepolia Testnet             │
     │  ┌──────────────────────────────────┐     │
     │  │  HealthDataStorage Contract      │     │
     │  │  - Store encrypted health data   │     │
     │  │  - Manage access permissions     │     │
     │  │  - Handle encrypted operations   │     │
     │  └──────────────┬──────────────────┘     │
     │                 │                          │
     │  ┌──────────────▼──────────────────┐     │
     │  │  FHEVM System Contracts         │     │
     │  │  - ACL Contract (0x6878...)     │     │
     │  │  - KMS Verifier (0x1364...)     │     │
     │  │  - Input Verifier (0xbc91...)   │     │
     │  │  - Executor (0x848B...)         │     │
     │  └──────────────┬──────────────────┘     │
     └─────────────────┼────────────────────────┘
                       │
                       ▼
          ┌────────────────────────────┐
          │  Zama Gateway Chain        │
          │  (Chain ID: 55815)         │
          │  - Input verification      │
          │  - Decryption orchestration│
          │  - FHE computations        │
          └────────────┬───────────────┘
                       │
                       ▼
          ┌────────────────────────────┐
          │  KMS (Key Management)      │
          │  - Threshold cryptography  │
          │  - Key generation          │
          │  - Secure decryption       │
          └────────────────────────────┘

Data Flow

Creating Health Profile

1. User enters health data in React form
2. Frontend validates input locally
3. Relayer SDK encrypts each field using FHE public key
4. Encrypted data + proof sent to blockchain
5. Smart contract verifies proof via Input Verifier
6. Contract stores encrypted data in mapping
7. ACL permissions set (user + contract)

Viewing Health Profile

1. User requests profile from blockchain
2. Contract returns encrypted data handles
3. Frontend generates ephemeral keypair
4. User signs EIP-712 decryption request
5. Relayer coordinates with Gateway
6. KMS decrypts and re-encrypts for user's public key
7. Frontend decrypts with ephemeral private key
8. Plaintext data displayed to user

Smart Contract Design

HealthDataStorage.sol

The core smart contract provides secure storage and retrieval of encrypted health information.

Data Structure

struct HealthData {
    string name;           // Clear text name
    euint64 birthYear;     // Encrypted birth year
    euint64 bloodPressure; // Encrypted blood pressure
    euint64 height;        // Encrypted height (cm)
    euint64 alt;          // Encrypted ALT (liver enzyme)
    euint64 wbc;          // Encrypted white blood cell count
}

Key Functions

setHealthData

Stores or updates user's health profile with encrypted values.

function setHealthData(
    externalEuint64 birthYear,
    externalEuint64 bloodPressure,
    externalEuint64 height,
    externalEuint64 alt,
    externalEuint64 wbc,
    bytes calldata inputProof,
    string calldata name
) external

Process:

1. Validates encrypted inputs using cryptographic proofs
2. Converts external encrypted types to internal FHEVM types
3. Stores encrypted data in mapping by user address
4. Sets ACL permissions (contract and user access)

Getter Functions

Multiple view functions for granular data access:

• getName(address): Returns clear text name
• getBirthYear(address): Returns encrypted birth year handle
• getBloodPressure(address): Returns encrypted BP handle
• getHeight(address): Returns encrypted height handle
• getAlt(address): Returns encrypted ALT handle
• getWbc(address): Returns encrypted WBC handle
• getAll(address): Returns all fields at once

Access Control:

• Any address can call getters
• Encrypted data only decryptable by authorized parties
• ACL enforced at decryption time by KMS

Security Features

1. Input Validation

   • All external encrypted inputs verified with cryptographic proofs
   • Prevents malicious data injection
   • Ensures data encrypted with correct public key

2. Access Control List (ACL)

   • Granular permissions per ciphertext
   • Contract can access for operations
   • User can decrypt their own data
   • Enforced by Zama infrastructure

3. Immutability

   • Once written, data cannot be altered without new transaction
   • Full audit trail on blockchain
   • Historical access transparent

Frontend Application

Components Architecture

App.tsx (Main Application)

• Wallet provider configuration (Wagmi + RainbowKit)
• Query client setup for async operations
• Hash-based routing (Create/Profile pages)
• Responsive header with wallet connection
• Hero section with feature highlights
• Glass morphism design system

CreateProfile.tsx

Purpose: Form interface for inputting and encrypting health data

Features:

• Form validation (all fields required)
• Real-time input handling
• Zama instance loading state
• Encrypted input buffer creation
• Transaction submission
• Success/error feedback

Encryption Process:

// Create encrypted input buffer
const buffer = instance.createEncryptedInput(CONTRACT_ADDRESS, userAddress);
buffer.add64(birthYear);
buffer.add64(bloodPressure);
buffer.add64(height);
buffer.add64(alt);
buffer.add64(wbc);

// Encrypt and get handles
const encrypted = await buffer.encrypt();

// Submit to contract
await contract.setHealthData(
    encrypted.handles[0], // birthYear
    encrypted.handles[1], // bloodPressure
    encrypted.handles[2], // height
    encrypted.handles[3], // alt
    encrypted.handles[4], // wbc
    encrypted.inputProof,
    name
);

Profile.tsx

Purpose: Display and decrypt user's stored health data

Features:

• Fetch encrypted data from blockchain
• Display encrypted data indicators
• One-click decryption with signature
• Real-time decryption progress
• Secure key generation
• EIP-712 signature verification

Decryption Process:

// Generate ephemeral keypair
const keypair = instance.generateKeypair();

// Prepare handles for decryption
const pairs = [
    { handle: birthYearHandle, contractAddress: CONTRACT_ADDRESS },
    { handle: bloodPressureHandle, contractAddress: CONTRACT_ADDRESS },
    // ... other fields
];

// Create EIP-712 signature request
const eip712 = instance.createEIP712(
    keypair.publicKey,
    [CONTRACT_ADDRESS],
    startTimestamp,
    durationDays
);

// Sign decryption request
const signature = await signer.signTypedData(
    eip712.domain,
    { UserDecryptRequestVerification: eip712.types.UserDecryptRequestVerification },
    eip712.message
);

// Decrypt via relayer
const decrypted = await instance.userDecrypt(
    pairs,
    keypair.privateKey,
    keypair.publicKey,
    signature,
    [CONTRACT_ADDRESS],
    userAddress,
    startTimestamp,
    durationDays
);

Custom Hooks

useEthersSigner

Converts Wagmi's Viem client to Ethers.js signer for compatibility.

// Enables use of Ethers.js with Wagmi
const signer = useEthersSigner();
const signedMessage = await signer.signMessage("Hello");

useZamaInstance

Manages FHEVM instance lifecycle and initialization.

const { instance, isLoading, error } = useZamaInstance();
// Returns initialized Zama instance for encryption/decryption

Configuration

Wagmi Setup (config/wagmi.ts)

• Sepolia testnet configuration
• Infura RPC provider
• WalletConnect integration
• MetaMask injected connector

Contract Integration (config/contracts.ts)

• Contract address from deployments
• ABI imports for type-safe calls
• Environment-aware configuration

Styling System

Design Philosophy:

• Glass Morphism: Frosted glass effects with blur
• Gradient Backgrounds: Dynamic animated gradients
• Smooth Animations: Fade-in effects and transitions
• Responsive Layout: Mobile-first design
• Accessibility: High contrast, clear typography

CSS Features:

• Custom CSS variables for theming
• Keyframe animations
• Flexbox/Grid layouts
• Media queries for responsive design

Getting Started

Prerequisites

Required Software:

• Node.js >= 20.0.0
• npm >= 7.0.0
• Git
• MetaMask or compatible Web3 wallet

Required Accounts:

• Ethereum wallet with Sepolia testnet ETH (faucet)
• Infura API key (get one free)
• (Optional) Etherscan API key for contract verification

Installation

1. Clone the repository

git clone https://github.com/yourusername/SecretHealthData.git
cd SecretHealthData

2. Install root dependencies

npm install

3. Install frontend dependencies

cd frontend
npm install
cd ..

Environment Setup

1. Create root .env file

cp .env.example .env

2. Configure environment variables

# Ethereum Network
INFURA_API_KEY=your_infura_api_key_here
ETHERSCAN_API_KEY=your_etherscan_api_key_here

# Deployment Wallet
PRIVATE_KEY=your_wallet_private_key_here

# Alternative: Use mnemonic
MNEMONIC=your twelve word mnemonic phrase here

# Gas Settings (optional)
REPORT_GAS=true

3. Configure frontend environment

cd frontend
cp .env.example .env

# Frontend Configuration
VITE_CONTRACT_ADDRESS=0xYourDeployedContractAddress
VITE_INFURA_API_KEY=your_infura_api_key_here
VITE_WALLETCONNECT_PROJECT_ID=your_walletconnect_project_id

Security Warning: Never commit .env files with real private keys to version control.

Running the Project

Local Development (Hardhat Network)

1. Start local Hardhat node

npx hardhat node

2. Deploy contracts (new terminal)

npx hardhat deploy --network localhost

3. Start frontend development server

cd frontend
npm run dev

4. Access application Open browser to http://localhost:5173

5. Configure MetaMask

• Add Hardhat network (Chain ID: 31337, RPC: http://localhost:8545)
• Import test account from Hardhat output

Sepolia Testnet Deployment

1. Get Sepolia ETH

• Visit Sepolia Faucet
• Enter your wallet address
• Wait for test ETH to arrive

2. Compile contracts

npm run compile

3. Deploy to Sepolia

npm run deploy:sepolia

4. Update frontend contract address

• Copy deployed contract address from terminal output
• Update frontend/.env with VITE_CONTRACT_ADDRESS
• Update frontend/src/config/contracts.ts if needed

5. Start frontend

cd frontend
npm run dev

6. Configure MetaMask for Sepolia

• Network should auto-detect Sepolia
• Ensure you have Sepolia ETH for gas fees

Deployment

Smart Contract Deployment

Using Hardhat Deploy

The project uses hardhat-deploy for reproducible deployments.

Deploy script: deploy/01_deploy_health_data.ts

const deployed = await deploy("HealthDataStorage", {
    from: deployer,
    log: true,
});

Deployment commands:

# Deploy to local network
npx hardhat deploy

# Deploy to Sepolia
npx hardhat deploy --network sepolia

# Deploy with tags
npx hardhat deploy --tags HealthDataStorage

Verify deployment:

# On Etherscan
npx hardhat verify --network sepolia <CONTRACT_ADDRESS>

Deployment Artifacts

After deployment, artifacts are saved to:

• deployments/sepolia/HealthDataStorage.json - Contract address and ABI
• artifacts/ - Compiled contracts
• types/ - TypeScript type definitions

Frontend Deployment

Build for Production

cd frontend
npm run build

Creates optimized production build in frontend/dist/

Deployment Options

Vercel (Recommended):

1. Connect GitHub repository to Vercel
2. Set root directory to frontend
3. Configure environment variables
4. Deploy automatically on push

Netlify:

cd frontend
npm run build
netlify deploy --prod --dir=dist

IPFS (Decentralized):

cd frontend
npm run build
ipfs add -r dist/

Configure Environment: Ensure production environment variables are set:

• VITE_CONTRACT_ADDRESS: Deployed contract address
• VITE_INFURA_API_KEY: Infura project ID
• VITE_WALLETCONNECT_PROJECT_ID: WalletConnect project ID

Usage Guide

Creating Your Health Profile

1. Connect Wallet

   • Click "Connect Wallet" button in header
   • Select MetaMask or other Web3 wallet
   • Approve connection request
   • Ensure you're on Sepolia network

2. Navigate to Create Profile

   • Click "Create Profile" in navigation
   • Form will load once wallet is connected

3. Enter Health Information

   • Full Name: Your name (stored in clear text)
   • Birth Year: Year of birth (e.g., 1990)
   • Height: Height in centimeters (e.g., 175)
   • Blood Pressure: Systolic BP (e.g., 120)
   • ALT Level: Alanine aminotransferase (e.g., 25)
   • WBC Count: White blood cell count (e.g., 7000)

4. Submit Profile

   • Click "Save Health Profile"
   • Wait for encryption process (may take 10-15 seconds)
   • Approve transaction in MetaMask
   • Wait for blockchain confirmation
   • Success message will appear

Costs: Transaction gas fee (typically 0.001-0.003 Sepolia ETH)

Viewing Your Profile

1. Navigate to My Profile

   • Click "My Profile" in navigation
   • Encrypted data will load automatically

2. View Encrypted Data

   • You'll see indicators showing data is encrypted
   • Name is visible (stored in clear text)
   • Other fields show "Encrypted" lock icons

3. Decrypt Your Data

   • Click "Decrypt My Data" button
   • Review EIP-712 signature request
   • Sign the request in MetaMask (no gas fee)
   • Wait for decryption process (10-20 seconds)
   • Your decrypted data will appear

Privacy Note: Decryption happens client-side. Your private key never leaves your browser.

Updating Your Profile

Simply navigate to "Create Profile" and submit new data. This will overwrite your previous profile.

Testing

Running Tests

Smart Contract Tests

# Run all tests
npm test

# Run specific test file
npx hardhat test test/HealthDataStorage.ts

# Run with gas reporting
REPORT_GAS=true npm test

# Run with coverage
npm run coverage

Test Files:

• test/HealthDataStorage.ts: Contract functionality tests
• test/FHECounter.ts: Example FHE counter tests

Frontend Tests

cd frontend
npm run lint        # ESLint checks
npm run build       # Build validation

Test Coverage Goals

Smart Contracts:

• ✅ Storage and retrieval of encrypted data
• ✅ Input proof verification
• ✅ ACL permission management
• ✅ Multiple user isolation
• ⏳ Edge cases and error handling

Frontend:

• ✅ Wallet connection flow
• ✅ Form validation
• ✅ Encryption/decryption process
• ⏳ Component unit tests
• ⏳ E2E user flows

Manual Testing Checklist

Before Production:

• Deploy contract to testnet
• Create profile with all fields
• Verify data stored on blockchain (Etherscan)
• Decrypt profile successfully
• Update profile with new data
• Test with multiple wallet addresses
• Verify ACL prevents unauthorized access
• Test wallet disconnection/reconnection
• Test on mobile devices
• Test on different browsers (Chrome, Firefox, Safari)

Security Considerations

Cryptographic Security

Strong Points:

• ✅ FHE ensures data never decrypted on-chain
• ✅ Threshold cryptography for key management
• ✅ Cryptographic proofs prevent data tampering
• ✅ EIP-712 signatures for decryption authorization

Potential Risks:

• ⚠️ Client-side key generation depends on browser RNG
• ⚠️ Relayer is centralized (mitigation: planned decentralization)
• ⚠️ Name field stored in clear text (design choice for demo)

Smart Contract Security

Audit Status: Not professionally audited (testnet only)

Security Measures:

• ACL prevents unauthorized data access
• Input proof verification prevents malicious encrypted data
• No upgradability (immutable once deployed)

Known Limitations:

• No emergency stop mechanism
• No data deletion functionality (by design)
• No multi-signature requirements

Frontend Security

Best Practices:

• Never stores private keys
• All encryption done in memory
• Sensitive data cleared after use
• HTTPS required for production

User Responsibilities:

• Keep wallet seed phrase secure
• Verify contract address before interacting
• Use hardware wallet for production
• Don't share decryption signatures

Privacy Considerations

What's Private:

• Birth year, blood pressure, height, ALT, WBC (encrypted)
• Decrypted data only visible to owner

What's Public:

• Your wallet address
• Name field (clear text)
• Transaction history
• Gas spent on transactions

Metadata Leakage:

• Transaction timestamps visible on-chain
• Can infer when profile was created/updated
• Cannot infer actual health data values

Recommendations for Production

1. Professional Audit

   • Security audit of smart contracts
   • Penetration testing of frontend
   • Cryptographic review of encryption implementation

2. Bug Bounty Program

   • Incentivize security researchers
   • Responsible disclosure process

3. Gradual Rollout

   • Limited beta with test users
   • Monitoring and incident response plan
   • Mainnet deployment only after thorough testing

4. User Education

   • Clear documentation of privacy guarantees
   • Wallet security best practices
   • Transparent risk disclosure

Future Roadmap

Phase 1: Core Enhancements (Q2 2024)

• Additional Health Metrics

  • Heart rate, glucose levels, cholesterol
  • Medical history and allergies
  • Vaccination records

• Multiple Profile Management

  • Support for family members
  • Dependents under guardian control
  • Organization accounts (hospitals, clinics)

• Enhanced UI/UX

  • Health metrics visualization (charts/graphs)
  • Historical data tracking
  • Export to standard formats (HL7 FHIR)

Phase 2: Interoperability (Q3 2024)

• Healthcare Provider Integration

  • Doctor verification system
  • Temporary access grants
  • Audit logs for provider access

• Data Sharing

  • Granular permission system
  • Time-limited access tokens
  • Conditional access (e.g., only if BP > 140)

• Cross-Chain Support

  • Polygon, Arbitrum, Optimism
  • Bridge encrypted data between chains
  • Multi-chain identity

Phase 3: Advanced Features (Q4 2024)

• Confidential Computing

  • Encrypted analytics on health data
  • AI diagnostics without data exposure
  • Population health studies preserving privacy

• Insurance Integration

  • Zero-knowledge proofs for insurance eligibility
  • Selective disclosure of health conditions
  • Premium calculation on encrypted data

• Emergency Access

  • Dead man's switch for family access
  • Emergency medical override mechanism
  • Tamper-evident emergency logs

Phase 4: Ecosystem Growth (2025)

• Developer Tools

  • SDK for healthcare app developers
  • API for EHR system integration
  • Plugin for existing healthcare platforms

• Governance

  • DAO for protocol upgrades
  • Community-driven feature prioritization
  • Decentralized relayer network

• Mainnet Deployment

  • Professional security audit
  • Gas optimization
  • Production-ready infrastructure

• Mobile Applications

  • Native iOS and Android apps
  • Biometric authentication
  • Offline encrypted storage with sync

Research Directions

• Advanced FHE Operations: Machine learning on encrypted health data
• Privacy-Preserving Matching: Find similar health profiles without revealing data
• Regulatory Compliance: HIPAA, GDPR compatibility framework
• Quantum Resistance: Post-quantum cryptography integration

Contributing

We welcome contributions from the community! Whether you're fixing bugs, adding features, improving documentation, or suggesting enhancements, your help is appreciated.

How to Contribute

1. Fork the Repository

   • Click "Fork" button on GitHub
   • Clone your fork locally

2. Create a Branch

git checkout -b feature/your-feature-name
# or
git checkout -b fix/your-bug-fix

3. Make Your Changes

   • Write clean, documented code
   • Follow existing code style
   • Add tests for new features
   • Update documentation as needed

4. Test Your Changes

npm test              # Run smart contract tests
npm run lint          # Check code style
cd frontend && npm run build  # Verify frontend builds

5. Commit Your Changes

git add .
git commit -m "feat: add support for glucose tracking"
# Use conventional commits: feat, fix, docs, style, refactor, test, chore

6. Push and Create Pull Request

git push origin feature/your-feature-name

Then create a Pull Request on GitHub with a clear description.

Development Guidelines

Code Style:

• Use TypeScript for new code
• Follow existing formatting (Prettier)
• Write descriptive variable names
• Add comments for complex logic

Testing:

• Write tests for all new features
• Ensure all tests pass before submitting PR
• Test on both local network and Sepolia

Documentation:

• Update README for user-facing changes
• Add inline comments for complex code
• Update API docs if applicable

Commit Messages: Follow Conventional Commits:

• feat: New feature
• fix: Bug fix
• docs: Documentation only
• style: Formatting, missing semicolons, etc.
• refactor: Code restructuring
• test: Adding tests
• chore: Maintenance tasks

Reporting Issues

Bug Reports:

• Use GitHub Issues
• Include steps to reproduce
• Provide error messages and logs
• Specify environment (OS, browser, wallet)

Feature Requests:

• Clearly describe the feature
• Explain the use case
• Consider impact on privacy/security

Community

• Discussions: Use GitHub Discussions for questions and ideas
• Discord: Join our community
• Twitter: @SecretHealthData

License

This project is licensed under the BSD-3-Clause-Clear License.

Copyright (c) 2024 Secret Health Data Contributors
All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted (subject to the limitations in the disclaimer
below) provided that the following conditions are met:

* Redistributions of source code must retain the above copyright notice,
  this list of conditions and the following disclaimer.
* Redistributions in binary form must reproduce the above copyright notice,
  this list of conditions and the following disclaimer in the documentation
  and/or other materials provided with the distribution.
* Neither the name of the copyright holder nor the names of its contributors
  may be used to endorse or promote products derived from this software
  without specific prior written permission.

NO EXPRESS OR IMPLIED LICENSES TO ANY PARTY'S PATENT RIGHTS ARE GRANTED BY
THIS LICENSE. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT
OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
OF SUCH DAMAGE.

Why BSD-3-Clause-Clear?

• Permissive open-source license
• Allows commercial use
• Provides patent protection clarity
• Maintains attribution requirements

Third-Party Licenses

This project uses open-source libraries with their own licenses:

• Zama FHEVM: BSD-3-Clause-Clear
• React: MIT
• Ethers.js: MIT
• Hardhat: MIT
• See package.json for complete list

Acknowledgments

Core Technologies

• Zama: For pioneering FHE technology and FHEVM
• Ethereum Foundation: For the blockchain infrastructure
• Hardhat: For excellent Ethereum development tools

Libraries & Frameworks

• React Team: For the powerful UI framework
• Wagmi: For React hooks for Ethereum
• RainbowKit: For beautiful wallet connection UI
• Vite: For blazing-fast development experience

Community & Resources

• Zama Community: For FHE development support and documentation
• Ethereum Community: For extensive resources and support
• Open Source Contributors: For the amazing ecosystem of tools

Inspiration

This project was inspired by the need for privacy-preserving healthcare solutions and the potential of blockchain technology to empower individuals with control over their personal data.

Special Thanks

• Zama team for technical guidance on FHEVM integration
• Early testers and community feedback
• Healthcare professionals who advised on real-world use cases

---

Contact & Support

Get Help

• Documentation: You're reading it!
• GitHub Issues: Report bugs or request features
• GitHub Discussions: Ask questions and share ideas

Connect

• Website: secrethealthdata.io
• Twitter: @SecretHealthData
• Discord: Join our community
• Email: support@secrethealthdata.io

Links

• Live Demo: https://app.secrethealthdata.io
• Documentation: https://docs.secrethealthdata.io
• GitHub: https://github.com/yourusername/SecretHealthData

---

Built with ❤️ for privacy and healthcare

⭐ Star us on GitHub | 🐦 Follow us on Twitter | 💬 Join Discord