The decentralized web enables the common person to own and sell their own data. Dassha showcases this possibility with the use of health data. It's about time that the world stops misusing our data, and instead, gives the power back to the people!
What it does
- A user is collecting health data about him/herself, say for example, on a Fitbit
- Fitbit, a technologically aware entity that wants to embrace the oncoming change of blockchain, securely stores a public/private, RSA keypair for each customer (we know, this is a "web2.5" solution)
- At the end of each month, Fitbit encrypts each customer's health data (in their name)
- The data itself is stored on a permissioned side chain, where nodes are trusted health data buyers
- Pointers to where the data lives, who owns it, and who has permission to view it are stored in Event logs on an Ethereum main chain (in this demo we use Ropsten)
- Nodes in the permissioned network can buy the health records, leveraging the metadata describing the encrypted records to find important/relevant data points that could help advance science
- When a buyer wants to buy a medical record, they send Eth to the data's owner (the data's owner and identity are recorded on a main chain)
- A permission gets added to the medical record in the name of the buyer
- The data gets re-encrypted with the buyer's public key, and is now locatable via Ropsten event logs and accessible via the side chain
- Everyone goes home happy - Fitbit, for giving data back to the customers; the buyers - for getting more, in vivo health data; and of course, the customer - for passively earning income from their data.
How we built it
- Linna smart contracts that are deployed on Ropsten testnet (serving as a placeholder for the Ethereum main chain) store pointers to where encrypted data lives (on another, permissioned side chain), who the data is owned by, and who has permission to view it.
- Our side chain is a Geth permissioned blockchain running on Kaleido, where nodes are an alliance of trusted buyers of medical data. Their incentive is to further medical science
- We leverage The Graph protocol to query event data throughout the relevant ropsten contracts (to get records and permissions).
- The app is mobile responsive, and can be used with Coinbase Wallet.
Challenges we ran into
The process of handling edge cases when it comes to economic exchanges of data and bad actors was and still is tough. Aligning incentives and making sure that the seller can't
Accomplishments that we're proud of
We are proud of the overall architecture we built - using a permissioned side chain can be a real-world scaling solution for Ethereum. These side chains can better serve the needs of specific players in the space (larger block sizes, faster block intervals...etc)
What we learned
We learned a lot about permissioned blockchains and scalability problems. We also learned that the difficulty of cross-chain communication.
APIs / protocols we used
- We use a permissioned Geth/POA chain created on kaleido.io
- We fetch all of our event data via The Graph protocol
- We built this app to be mobile responsive with Coinbase wallet
What's next for Dassha
We would like to include a better staking system and incentive structure for the transfer of medical data. Additionally, there are a few different protocols we would like to explore in this realm to help ease the process of selling data and make the process safer and more secure.
In terms of The Graph, we'd love to integrate the web socket connection for real-time updates.