Midnight HealthVault

• 

  Landing Page

• 

  Wallet

• 

  Clinic Portal

• 

  Client Portal

Inspiration

Healthcare data is one of the most sensitive forms of information, yet patients often lack direct control over their records. Centralized systems are prone to breaches, identity leaks, and misuse of personal medical history. I wanted to explore how Zero-Knowledge Proofs (ZKPs) and privacy-first blockchain design (Midnight) could provide patients with verifiable, secure, and private record handling — where clinics can issue proofs of vaccination or test results, and patients can selectively disclose them without revealing their identity.

What I Learned

How Compact, Midnight’s contract language, compiles into ZK circuits to enforce verifiable logic.

Practical use of ZKPs in real-world workflows (e.g., proving vaccination status without exposing full health history).

Integration of a proof server (Dockerized) with a TypeScript CLI to generate and submit valid transactions.

Midnight’s modular SDKs (@midnight-ntwrk/wallet, @midnight-ntwrk/onchain-runtime, @midnight-ntwrk/compact-runtime) for deploying and interacting with smart contracts.

Balancing privacy vs. usability in patient–clinic data flows.

How I Built It

Smart Contract Development

Designed HealthVault.compact using Compact, defining ledger fields for patient records and access rules.

Implemented circuits for record submission, verification, and controlled clearing.

Proof Workflows

Deployed and tested a local proof server (midnightnetwork/proof-server) to generate ZK proofs.

Connected it with the DApp so that sensitive data never leaves the local machine.

TypeScript CLI Integration

Wrote CLI scripts (sign-record.ts, patient-submit.ts, deploy-contract.ts) to handle record signing, patient-controlled submission, and on-chain deployment.

Used pnpm + ts-node to run workflows across different actors (clinic vs. patient).

Deployment on Midnight TestNet

Generated wallet seeds via WalletBuilder.

Acquired tDUST tokens from Lace Wallet and transferred them to CLI wallets.

Successfully deployed and interacted with the HealthVault contract on the Midnight TestNet.

Challenges

Version mismatches: Midnight SDKs and Compact compiler versions are tightly coupled; I had to debug multiple incompatibility errors.

Witness confidentiality: Accidentally disclosed witness values in contract circuits until I learned to mark disclosures explicitly.

Proof server integration: Running it locally in Docker while ensuring CLI scripts connected correctly required debugging port bindings (6300).

Wallet funding: Setting up CLI wallets and transferring funds from Lace took trial-and-error before transactions worked.

Key Takeaway

HealthVault taught me that privacy-first systems are not just about hiding data, but about enforcing verifiable logic without trust assumptions. With ZKPs and platforms like Midnight, it’s possible to build healthcare applications where:

Clinic certifies validity of record ∧ Patient controls disclosure of record Clinic certifies validity of record∧Patient controls disclosure of record

— without either side compromising privacy or correctness.

Built With

• blockchain
• javascript
• midnight
• typescript