MediVault

MediVault: Secure, decentralized medical record vault. Powered by Hedera and Cloud KMS for data sovereignty, tamper-proof audit trails, and encrypted sharing. Your health data, under your control.

Comment

About MediVault: Reclaiming Medical Sovereignty

MediVault (hvault) was born from a simple, frustrating observation: in the digital age, you own your photos, your emails, and your finances but your most sensitive data, your medical history, is locked in proprietary hospital silos.

The Inspiration The inspiration came from seeing patients struggle to transfer records between specialists, often resulting in redundant tests and delayed care. Centralized databases are "honeypots" for hackers. I wanted to build a "Digital Health Passport" a system where the patient holds the keys, and the infrastructure only serves as a secure, verifiable conduit.

How I Built It The project is a TypeScript monorepo powered by Turborepo, designed with a security-first architecture:

  1. The Vault (Next.js & Hono): A sleek dashboard for patients to upload and manage records.
  2. The Cryptography (AWS KMS): I implemented Envelope Encryption. Instead of encrypting files with a single master key, the system generates a unique Data Key ($DK$) for every record.
    • The file is encrypted: $C = E_{DK}(M)$
    • The $DK$ is then encrypted by the Master Key ($MK$): $WDK = E_{MK}(DK)$
    • Only the $WDK$ is stored in the database, ensuring that even a total DB leak yields no usable data without access to the hardware-backed KMS.
  3. The Audit Trail (Hedera Hashgraph): To prevent medical tampering, every upload generates a SHA-256 hash ($H$). This hash is submitted to the Hedera Consensus Service (HCS): $$H = \text{SHA-256}(\text{Record Content})$$ This creates a globally verifiable, immutable timestamp. If a record is altered by even a single bit, the hashes will no longer match: $H_{new} \neq H_{original}$.

Challenges Faced

  • The Latency-Security Tradeoff: Managing AWS KMS calls for every decryption request introduced latency. I had to implement a secure caching layer for session-based access without compromising the "Zero Trust" model.
  • DLT Integration: Interfacing with Hedera required robust error handling for network consensus delays. I built a dedicated hedera-api service to queue and retry transactions asynchronously, ensuring the UI remained snappy.
  • Large File Handling: Encrypting large medical images (DICOMs) in a serverless environment meant hitting memory limits. I shifted to a streaming encryption approach to handle files of arbitrary size.

What I Learned Building MediVault taught me that Security is a Process, not a Product. I learned the intricacies of identity management using Better Auth, the power of Drizzle ORM for type-safe database migrations, and the absolute necessity of rigorous audit logs. Most importantly, I learned that Decentralized Ledger Technology (DLT) has a profound "human" use case: restoring trust in our healthcare data.

Built With

  • aws-kms
  • better-auth
  • biome
  • cloudflare-workers
  • d1-database
  • drizzle-orm
  • hedera-hashgraph
  • hono
  • ky
  • next.js-16
  • pnpm
  • tailwind-css
  • tanstack-query
  • turborepo
  • typescript
  • zod
Share this project:

Updates