Hygiea MedGuard

Problem Statement

This is a confidential medical records management system built on the Oasis Sapphire blockchain that provides end-to-end encryption for sensitive healthcare data. The system allows patients to securely store their complete medical history on-chain, including personal affiliation data (name, age, blood type, contact information), diagnosed diseases with treatment details, and both personal and family medical background. All data is automatically encrypted using Sapphire's built-in confidentiality features and Trusted Execution Environment (TEE).The platform implements granular access control where patients have full sovereignty over their medical records and can authorize specific doctors to view their encrypted data. Doctors must be explicitly granted permission by patients before accessing any medical information. Once authorized,healthcare providers can view complete patient histories and add new diagnoses or treatments.The system features an intuitive React-based web interface that connects via MetaMask, uses Wagmi for blockchain interactions, and ensures all transactions and storage are encrypted by default. Medical records are immutable and verifiable, creating a permanent audit trail while maintaining patient privacy. This educational demonstration showcases how blockchain technology combined with confidential computing can revolutionize healthcare data management by giving patients control while ensuring data integrity and security.

Solution

This project leverages Oasis Sapphire, a confidential EVM-compatible blockchain, as its core infrastructure. Sapphire's unique feature is automatic encryption of all smart contract storage using a Trusted Execution Environment (TEE), which means sensitive medical data is encrypted at rest and only decrypted inside the secure enclave during execution.Smart Contract Architecture: Built with Solidity, the MedicalRecords.sol contract implements granularaccess control through modifiers that verify patient-doctor authorization before allowing data access. The contract stores three main data structures: patient affiliation data, disease records with severity/treatment information, and medical history (personal and family backgrounds). All struct data in contract storage is automatically encrypted by Sapphire's runtime.Frontend Stack: React application built with Vite for fast development, using Wagmi (Ethereum React hooks library) and Viem for blockchain interactions. The critical integration point is the Sapphire Wrapper around Wagmi, which automatically encrypts all transactions before sending them to the blockchain, ensuring end-to-end confidentiality without manual encryption code.Notable Technical Decisions:Events deliberately emit ONLY non-sensitive data (addresses, timestamps) because Sapphire events are NOT encrypted - this was a crucial security consideration to prevent data leaksAvoided using constant and immutable variables for sensitive data since they're stored in bytecode and aren't encryptedUsed Hardhat with custom network configurations for Sapphire Testnet and Localnet testingImplemented Docker-based Sapphire Localnet for realistic confidential testing before testnet deploymentDevelopment Workflow: Hardhat handles compilation, testing, and deployment with specialized configurations for Sapphire networks. The MetaMask integration required custom RPC configuration (Chain ID 23295) to connect to Sapphire Testnet. The architecture creates a seamless user experience where encryption happens transparently - users just sign transactions, and the Sapphire wrapper handles all cryptographic operations behind the scenes.