Generion

1. What is Generion?

Generion is blockchain-based, decentralized infrastructure for safe and anonymous storing, using and sharing personal data. The current MVP is aimed to healthcare domain. However, the architecture can be used in any sphere that accumulates and operates user’s personal information.

2. Current problems

The majority of healthcare organizations have electronic databases with patient’s treatment history, but they are hardly ever synchronized with each other. Besides of the high level of bureaucracy in processing and storing medical data it can lead to far more serious problems. According to the National Center for Health Statistics, medical error is the third leading cause of death in the United States after heart attack and cancer [1]. Thousands of lethal cases were caused by giving the patients wrong treatment after going from one hospital to another without learning patient's treatment history and allergic reactions.

Another big issue in the field is security. During the last few years we have seen numerous cyber attacks and breaches of medical databases [2].

3. Solution

By using blockchain we can facilitate a secure way to medical records storing, sensitive data protection, and giving patients control over their personal information with just using the mobile app. Patients will be able to share their data to any healthcare organization they trust without asking their local clinic to send the data by mail. This ensures no one can rewrite the patient’s health record after one was created.

Electronic health record market is very wide, it mostly covered by the interest of research and statistic purposes. Thousands of pharmacy sponsors all around the word are seeking the candidates for clinical trials. Decentralized infrastructure will facilitate the aggregation process, that can automatically compile verified statistics and trial’s candidate selections, so medical institutions will not have to put so much effort to collect the info from scattered databases.

The mobile app is the first step in facilitating patients’ ability to monetize their data by having direct offers from interested parties. Data sellers and buyers can execute smart contracts and transfer the specified data directly. Identity of the patient is never revealed to the data buyer without the patient’s agreement. As a result, buyers get accurate data from the direct source.

4. Technical

• SmartContract. Written in python. Compiled with neo-boa 0.3.3

• Middleware. Written in python. Based on neo-python 0.5.3

• DataSource. Written on Java + Cassandra

• Mobile Application. Youtube demo on COZ testnet

5. Smart – contract

The smart contract stores following records: {usr_adr (user's address), data_pub_key (public key, with which data is encrypted), creator_adr (who has written the data), is_verified (whether the record is confirmed by the user), data_encr (the encrypted data itself, including the data store address, the address of the document in this store, and the private key with which you can decrypt it document)}.

Everyone can access records (but not the encrypted contents inside!) of everyone, which provides the possibility to track the history of changes and ensures transparency of ongoing operations. Confidentiality is maintained by cryptography with public key, it is assumed that each user has a pair of keys: private and public. The public key encrypts the data in such a way that only he can decrypt the data, possessing a private key. Sharing the public key allows other parties to write data to user's address. However, the record should be verified by the data owner in order to avoid mistakes and to guarantee the integrity of the data.

There is a possibility to sell data. To do this person can leave a request containing a list of records that he wants to sell, indicating at the same time the reward that he wants to receive. The party interested in purchasing the data can track the orders that are relevant for him, and buy the actual information by sending a transaction to blockchain with a token, containing a unique application identifier and a public key to which the data stored in the record should be encrypted. The information about all the transactions carried out is stored in blockchain and is completely transparent to everyone.

6. API

• getUserList [] = Get list of all users having their records
• setUserPubKey [usr_adr, pub_key] = Set user's public key
• getUserPubKey [usr_adr] = Get user's public key
• getRecordList [usr_adr] = Get list of the contents of all records of the specific user
• getRecordIdList [usr_adr] = Get list of the ids of all records of the specific user
• createRecord [creator_adr, usr_adr, data_pub_key, data_encr] = Create a new record (access restricted)
• verifyRecord [record_id] = Verify the record is correct (access restricted)
• getRecord [record_id] = Get the specific record
• deleteRecord [record_id] = Delete the specific record (access restricted)
• getOrderList [] = Get list of contents of all orders in the system
• getOrderIdList [] = Get list of ids of all orders in the system
• createOrder [usr_adr, record_id_list, price] = Create a new order (access restricted)
• getOrder [order_id] = Get the specific order)
• deleteOrder [order_id] = Delete the specific order (access restricted)
• purchaseData [order_id, pub_key] –attach-neo={} = Acquire the specific order and attach neo tokens

7. Future

Our vision for this project is to become self-sustaining global network to achieve flawless transparency and independency.

8. Instructions

1. Install dependencies. Follow instructions from neo-python
2. Open CLI

python prompt.py -c protocol.coz.json

3. Open wallet, do wallet rebuild and wait until 100% synchronization

neo> open wallet ./identity-wallets/coz-test-wallet.db3
neo> wallet rebuild

4. You may invoke SmartContract methods from inside CLI

neo> testinvoke 1bc5b3eda086169dac515353e5d914c20cf08c56 getUserList []

3. You can also run middleware to use REST API

python identity/api.py