Inspiration
I've been fascinated by blockchain technology for some time, joining a blockchain community six years ago. My initial contributions were to the marketing team, where I edited livestream videos. Later, I began writing blog articles on fundamental blockchain and ledger system principles.
When considering a hackathon project, a blockchain-based solution wasn't my first thought, nor was I familiar with the Algorand blockchain. However, a visit to my cousin, who runs a medium-sized business, quickly changed that. His primary desire was to reduce micromanagement and streamline the process of getting consent forms to his customers. These forms require signatures and identification for legal purposes and to combat identity fraud, which has been a past issue for him. Having experienced similar painful legal battles myself, I recognised the need for an effective solution.
This led me to devise a way to help him digitise his business and go paperless. It's a common challenge in South Africa, where most businesses, including almost every state-owned and public institution, still rely on paper-based contracts and hand-signed agreements, with many yet to adopt paperless or cloud solutions.
What it does
A digital consent and data collection platform designed to provide a secure, immutable, and verifiable audit trail for form-related events, ensuring compliance with data protection regulations like South Africa's POPIA. It aims to convert traditional physical consent forms to secure digital processes.
It addresses local regulatory gap, specifically tackling the shortcomings in existing South African information regulation regarding proof of consent and data dissemination, where digital solutions need to provide stronger evidence than traditional paper processes.
It discourages the use of unreliable paper systems, which are error-prone, subject to fraud, costly, cause pollution and contribute to carbon emissions. It leverages the note-field innovation by the Algorand blockchain by converting data into a note-field (receipt).
It records every relevant event - from form creation ('campaign' metadata) to individual form submissions (data hash, user ID, timestamp) - is immutably on the Algorand blockchain totalling no more than 181-bytes:
{ "formId": "form_1234567890abcdef", "eventType": "CREATED", "dataHash": "sha256_abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890", "version": 1, "timestamp": 1717881600 }
A system that can legally prove 'that X data was requested at this specific time, by a specific individual, and that has not been altered since' required careful design of the data hashing, blockchain commitment, and the linkage to specific user identities and actions. It is also a low-cost and rewarding solution. The dashboard visualises engagement by using graphs to show how the rate of digital form submissions reduces carbon emissions.
Key functionalities and value propositions include:
No-Code Form Creation: Users can build data collection forms using a select-and-drag interface, offering basic input fields such as Text Input, Email, Phone, Text Area, Dropdown, Checkbox, SA ID Number , Numeric and Date inputs etc.
Specialised Consent Management: It features a dedicated "Consent Block" to clearly present consent text, capture user agreement via a checkbox, and automatically include a timestamp for legal compliance.
Secure Distribution & Collection:
- Forms are distributed via unique, cryptographically secure magic links (JWT-based, single-use, 24-hour expiry).
- Premium users can embed a button on their website for inbound integration, allowing automatic generation of a unique magic link for each request.
Robust Security & Privacy (POPIA-Compliant):
- Prioritises compliance with the POPIA, similar to GDPR, by implementing server-side data encryption for all personal data collected. Sensitive data is encrypted at rest in Supabase, then salted and hashed, making it robust against decryption attempts through pattern analysis.
- Data Masking: Sensitive information (e.g., ID numbers, residential addresses, phone numbers) is redacted on the Manager's dashboard, and the export of unencrypted personal data is disabled.
- Account Access Control: Accounts are managed by a single manager, with no additional administrator access, ensuring oversight while streamlining processes.
- User Validation: Form submissions undergo basic validity checks (one submission per link, unexpired and valid link associated with the platform), with all submission attempts, whether valid or invalid, being recorded.
Blockchain-Powered Audit & Non-Repudiation:
- Utilises Algorand blockchain integration to provide an immutable, verifiable audit trail of form lifecycle events and individual submissions. Algorand's PPOS (Pure Proof-of-Stake) consensus mechanism ensures high availability and a stable network.
- Proof-of-Form Authenticity: Metadata of form creation ('campaign' event) is hashed and recorded, initiating an audit trail at the first request for private information, which enhances accountability.
- Cryptographic Proof for Every Submission: A SHA-256 cryptographic hash of each submitted form's data is generated in the backend and embedded in a self-send transaction's note field on the Algorand blockchain (using 0 ALGO), not exceeding 1 kilobyte. This ensures data integrity and authenticity, detecting any unauthorised modifications.
- Legal-Grade Guarantees: Provides fundamental security guarantees: Authenticity (confirms signer's identity), Integrity (guarantees document unaltered), and Non-repudiation (prevents signer from falsely denying agreement).
- Transparency & Public Verification: Account Managers can verify events within the app. Campaign events are published on the Algorand TestNet. End-users can verify the legitimacy of requested forms via otokia's explorer or AlgoExplorer using a clipboard link on the digital form.
Simplified Digital Signature Process:
- Path A: Traditional Digital Signature: For users not managing their own cryptographic keys, allowing them to encrypt the document hash using the platform as a notary. Without a private key this is the default setting.
- Path B: Enterprise Passkey Signing: Offers simplified signing via a secure recipient portal, where users authenticate via WebAuthn Passkey. Private key management is handled behind the scenes, generating a private key for the event on the blockchain during signing, providing cryptographic signing without user complexity. This is designed for non-technical users, eliminating wallet seed phrase risk and creating a sense of familiarity.
- Flexible Signing Order: For multi-party agreements, Account Managers can specify if recipients should sign in order or parallel.
- Email Model: Once a transaction is signed, an Account Manager is immediately prompted to share access delaying the initial commit until the manager is authenticated. The manager can add viewers who can act as witnesses but not participate in the signing process.
Addressing Information Regulation Gaps: Physical consent documents/contracts can be backdated or used by "bad actors" due to a lack of proof of information forwarding or destruction. Otokia provides a foundational technical (real-time) audit trail for the exchange of personal information, acting as a notary.
Tiered Solutions:
- Basic Plan: For users needing to reduce carbon footprint by creating simple registration, event, or feedback forms, offering "one-to-many" distribution. Users are prompted to upgrade for blockchain features.
- Premium Solution: Proves that specific data was requested at a specific time by a specific individual, and has not been altered since, creating an immutable trail.
- Enterprise Solution: Tailored for maximum legal security in agreements between 1 to 10 individuals, offering whitelisted IP addresses and authentication via pre-authorised email and Passkeys in a secure recipient portal.
Secure Key Management:
Mnemonics and private keys are never stored directly in the database.
For the platform's own operational keys (e.g., for notarisation transactions on the blockchain), these are securely managed via environment variable storage, ensuring they are not exposed in the codebase or database.
When users choose the 'Traditional Digital Signature' path, where they manage their own cryptographic keys, they are provided with clear, comprehensive guidance on how to securely save and protect their mnemonics/private keys themselves.
How I built it
1. Frontend Development:
Built 100% using bolt
React: Provided specific instructions for ensuring a UI/UX review for consistency, responsiveness, and intuitive navigation.
Further provided instructions to adhere to WCAG 2.1 AA standards for accessibility, screen reader support, sufficient colour contrast, keyboard navigation and form labels and a minimalistic design.
HTML & CSS: For email design and styling of the user interface.
Tailwind CSS: CSS framework to expedite styling and enable rapid development of the clean, intuitive design seen across the form builder, submission dashboard, and user-facing forms.
2. Backend & Data Management:
Supabase: Relies on Supabase (PostgreSQL) backend infrastructure and database management for a robust, scalable, and secure storage environment.
Data Encryption at Rest: Sensitive data collected via forms is encrypted at rest within Supabase.
Enhanced Encryption Security: Encrypted data is further salted and then hashed, which prevents attackers from finding patterns in an attempt to decrypt the information.
3. Secure Link Management and Submission Process Logic:
Unique Magic Links: Generates cryptographically secure, JWT-based magic links for distributing forms.
Single-Use & Expiry: Each magic link is designed for single use and expires within 24 hours to enhance security against interception or reuse.
Validity Window for Multi-Sign: These are atomic multi-signing events that must be completed shortly, within a period of 50 minutes (a single block round) providing sufficient review time to orchestrate the agreement.
Submission Validity Checks: Upon submission, the platform performs basic checks to ensure it's a valid, unexpired link and a single submission.
Comprehensive Logging: All submission attempts, whether valid or invalid, are meticulously recorded for audit purposes.
4. Blockchain Integration for Immutable Audit Trails:
Algorand Blockchain: Integrates with the Algorand blockchain to provide an immutable and verifiable audit trail for all form-related events.
PPoS Consensus: Leverages Algorand's Pure Proof-of-Stake (PPOS) consensus mechanism for its high availability and network stability.
Campaign Metadata Hashing: Form metadata is cryptographically hashed, and this hash is committed to the Algorand blockchain by initiating a 0 ALGO self-send transaction with the hash embedded in the note field (max 168 bytes). This establishes an immutable audit trail from the very first request for private information.
Submission Data Hashing: Each form submission generates a SHA-256 cryptographic hash of the submitted data, which is also recorded on the Algorand blockchain in a transaction's note field.
Public Verification:
- Account Managers can verify relevant blockchain events in-app, or by querying the Pera Explorer TestNet.
- End-users can verify form authenticity and legitimacy via otokia's explorer or AlgoExplorer using a provided clipboard link on the form at Explorer.
5. Advanced Authentication for Enterprise Users:
Secure Recipient Portal: Enterprise users access forms through a dedicated secure recipient portal.
WebAuthn & Passkeys: Authentication for enterprise users is performed using WebAuthn and Passkeys, providing a highly secure, phishing-resistant, and password-less experience.
Seamless Cryptographic Signing: During the signing process in the portal, a private key is generated behind the scenes, and the event is immediately recorded on the blockchain. This eliminates the need for users to manage wallets or private keys.
Enhanced Security Checks: The system verifies proper WebAuthn authentication, checks that the link has not been forwarded, and detects interception. It also validates conditions like correct signing order, valid identification numbers, and additional consent clauses before committing events to the blockchain.
Tamper Detection: If any specified conditions are not met (e.g., incorrect signing order, clauses not checked), the Account Manager is alerted via the form audit, indicating that the campaign has been tampered with, and the initial event remains on the blockchain.
6. Data Masking and Access Control:
Dashboard Redaction: Sensitive information on the submissions dashboard (e.g., ID numbers, residential addresses, phone numbers) is redacted/masked by default.
Export Restrictions: The ability to export unmasked sensitive data is disabled.
Single Manager Oversight: Account management is restricted to a single manager, ensuring strict control over personal information.
Identification: South African ID numbers can be validated using a basic algorithm but not against the national population registry. IP addresses are used as identifiers to prevent abuse.

Challenges I ran into
Implementing Functional Blockchain Auditability: Determining the specific data to hash resulted in non-deterministic hashing logic which was too secure and could not be verified for auditing purposes. The application was falsely returning 'Tampered' document for the blockchain audit trail and I had to change the decryption strategy.
Latency issues: After deployment I had to revert back due to unexpected latency issues as multiple queries and functions to Supabase being called at a time. I had to solve the problem to the best of my ability given the limited time.
- Secure Authentication Flows: Creating a multi-tiered authentication system, from basic magic links to advanced WebAuthn/Passkey integration for enterprise users, while ensuring each step is secure against interception and misuse cannot be 100% automated for security reasons, a trusted account manager is required.
- Ensuring End-to-End POPIA Compliance: A core challenge involved deeply integrating POPIA compliance throughout the platform, from server-side data encryption at rest to dynamic data masking on dashboards and strict controls over exposing data without entirely limiting export, to ensure user privacy.
- Balancing Advanced Security with User Simplicity: A recurring challenge was to abstract away the complexities of blockchain, cryptographic signatures, and WebAuthn, making the service intuitive and accessible for non-technical users while providing security guarantees. This includes designing for familiarity with traditional signing processes.
- Managing Form Immutability and Versioning: The decision to disable form updates after publication to ensure a truly immutable audit trail presented a design challenge for handling necessary revisions or "tampered" campaign, requiring the ability to duplicate forms instead of editing them.
- Database Migration: Applying Supabase migrations locally involved setting up local dependencies I was not familiar with.
- Token Budgeting: As the project's codebase expanded (with files exceeding 1000 lines of code), it led to higher token consumption. This eventually limited the number of modifications I could implement within a day.
- Time: I only had about 3 weeks to solve the problem, build the application, find a customer, and to deploy. The above issues and the time constraint forced me team up with bolt and start modifying code together.
- Working Alone: Not having feedback was a challenge; however, I used my past personal experience involving the problem of POPI enforcement to find a solution that could potentially work.
Accomplishments that I'm proud of
I am very proud to have built my first functional application with no development background or experience.
What I learned
Deploy sooner rather than later. I encountered a new set of unexpected issues during production, so I learnt that it's best to deploy early and set up monitoring.
What's next for otokia
- [ ] Work with first Customer
- [ ] Devise a Monetisation Strategy
- [ ] Continue Monitoring
- [ ] Configuration
Configuration
The platform is currently configured to utilise the Algorand TestNet, with a straightforward switch to MainNet simply by altering the configuration settings:
- API Endpoint:
https://testnet-api.algonode.cloud - Replace dispenser (TestNet funding) with an ALGO airdrop.
The benefit of operating on the TestNet is allowing enterprise users to fund their own accounts and this allows for comprehensive platform testing.
Work with first Customer: CCC (Consumer Credit Counseling), requested to have the Magic Link Widget embedded on a website to automate consent form distribution to their potential customers for evaluation.
Devise a Monetisation Strategy: The platform's underlying logic for various plan tiers (Basic, Premium, Enterprise) is already integrated into its feature process, setting the stage for straightforward monetisation.
Continue Monitoring: Sentry is set up to continue performance monitoring post-hackathon.
Built With
- alograndsdk
- css
- html
- ionos
- netlify
- react
- resend
- sentry
- supabase
- tailwind
- typescript
- walletconnect





Log in or sign up for Devpost to join the conversation.