by Edward Burton, Developer
Having outlined the rationale for using Blockchain as an emergency response system for the COVID-19 epidemic here: How Blockchain could help fight the coronavirus, we have gone one step further and built a demonstration system with a simplified architecture to demonstrate the value that blockchain technology could bring in establishing a secure, distributed system in our fight against the global epidemic. This demo system allows us to do the following:
- Pseudo-anonymously register citizens on a blockchain, sharing as much medically relevant data as required, immediately and trustless.
- Search a register of citizens’ statuses, and use the system to allow authorities to immediately implement a traffic light alert system that would allow secure, anonymous and immediate communications with citizens based on their location and medical history.
- Immediately propagate and process information that is posted on the blockchain, allowing live processing and access to all medically relevant data. This can be seen by the immediate propagation of new data (see statistics for the website)
Technologies used in the prototype:
- Open source blockchain engine multichain.
- ExpressJs as a reverse proxy to perform read/write operations to the blockchain (CRUD isn’t quite the right terminology in blockchain land!)
- ReactJs to draw up some extremely fast and lightweight prototypes ( I’m doing this system in my spare time in enforced quarantine, so please excuse the rough edges!)
- AWS / Nginx to spin up virtual machines and connect the blockchain nodes with web interfaces…
I will go through each component part of the demo system in detail, explaining ‘why’ blockchain is an appropriate system and outlining the benefits this architecture gives us over existing technological solutions.
A trustless system means that the participants involved do not need to know or trust each other or a third party for the system to function. In a trustless environment, there is no single entity that has authority over the system, and the consensus is achieved without participants having to know or trust anything but the system itself.
PART 1: A web-based user interface to allow users to pseudo-anonymously register with the blockchain.
First, let us understand the difference between what we are doing and a centralised system:
Bitcoin is not entirely anonymous. … It is anonymous in the sense that the components of Bitcoin, such as addresses, private and public keys, and transactions, are all read in text strings, such as a public address, that in no way directly link to anyone’s personal identity. — link
Let’s imagine the Spanish government wanted to set up a COVID-19 database for their entire population. They could do so, everyone in Spain theoretically (if they are legal residents) will have a national identity number or equivalent. Great you say, well let’s just use that then? Add an extra table in the ‘data-bank’ and away we go…
Except now you have a problem because although a national identity number is a great way of identifying someone, it is also linked to personal data, raising security concerns. The same identity number from the health ministry would be linked to your identification number in the driving ministry, which could end up with some personal data from the tax office, and before you know it, you’ve basically ended up bundling a great amount of personal data into your ‘Covid’ response before you have even started.
Even if you randomise user data using hashing, for example, you still have to trust the participants in this system that they won’t leak the information that would associate the ID with the “real” person. Essentially, any centralised database has a problem with the separation of concerns, you would need a secure, reliable way to deal with the data, make it anonymous and ensure that only permissioned people have access. All of these things take time, money and more importantly, cooperation. Let us remember, we don’t usually have “a government office”, we generally have a tax office, a police department, a local government registry, a public health record, a land registry. There is no easy way to share data between these units with different interests, and even if there were, security and reliability would be a mammoth concern…
Even disregarding for a moment the political and logistical issues outlined above; if you have a central database with personal information, you have to implement a secure API (application interface) to make sure that only trusted parties can access the information and only the correct permissioned information. This is getting complicated already. Trying to link up data from the police, with data from the hospitals, with data from the local council, while ensuring the integrity and security of that data is an almost impossible feat, especially when we are in the midst of a global pandemic where time is of the essence.
This is blockchain comes in handy, demonstrated in our WebUI.
This WebUI would allow trusted sources (imagine you are a hospital or local doctor) to write to the blockchain, creating an immutable and digitally verified ledger that is permanent. What this means in layman’s terms, is that once created, this entity will be there forever and cannot be changed. So we will know that a certain authorised person, at a timestamped date, has created a certain piece of information. We know this because everyone in the network agrees about this fact. This doesn’t stop somebody lying or cheating, but it does create a permanent record or witness to the data that is distributed. So for example, we could assume that a doctor is not uploading false information, but if it was shown by people using the network that he actually was, we would have a permanent immutable record of this dishonesty. This is a massive improvement on a data bank, where we don’t have any transparency into the flow and control of the data and have to blindly place our trust in the administrators (in this case extremely biased politically motivated actors).
Therefore, if we use the assumption that the authorised people writing to the blockchain are not acting maliciously, we now have a distributed system of reliable, immutable information. A permanent record of this turbulent, devastating epidemic that cannot be warped to suit political interests or the targets of a biased intermediary. Trying to build this system between all the relevant government authorities would take years even if it were politically possible. Even then we probably wouldn’t trust the data. Using pseudo-anonymity to create neutral, filtered information on a blockchain; we get the data the worlds medics need, and we get it now.
So, hopefully, that has explained “why” you would want to have authorised portals registering people on a blockchain. Remember that the blockchain address that is generated upon registering would be permanent and unique. So next, you have to imagine that this address is given to the patient registered (in the form of bracelet or id card for example), and this can be used to ‘pseudo-anonymously’ hold their history on the blockchain, pseudo-anonymously because they can also prove it is their history by ownership of the address, but no-one can know it was them by observing the data of the system. That is blockchain in a nutshell!
So go on, imagine you are a doctor or a policeman, or any ‘authorised’ member of the blockchain and load up the WebUI. Then we are going to see what else this system can achieve…
PART 2: I’ve registered, what now…
Congratulations, your doctor has filled out a 30-second form, now after clicking ‘refresh_stats’ you see something like this on the screen:
“status”: “Patient has not been affected”,
What does this tell us? This is a json representation of our immutable data.
Essentially the PUBLISHER is telling us that we have digital proof that this was written by this ID: 1Vq6RBPRhAXBWVqdvDEYnt3PMPwQpJsEhCMshs, so a doctor or a policeman; whichever actor was authorised to join the permissioned blockchain as a registered node with write access.
The KEYS are giving us semantic data to organise and structure our data later on and do beautiful and informative web interface’s to help create the traffic light system. Just a free flow of semantically organised and structured data would be so helpful for the many volunteers working day and night to analyse this critical data. The DATA in JSON format is giving us structured medical data that can be processed by anyone with access to the blockchain, so basically a live feed of key information who needs to understand the situation.
The rest of the object is blockchain properties ensuring the integrity of the information, telling us that when the information was published, and whether it has been accepted by the blockchain as a whole. Explaining how blockchain validates and makes data tamper-proof is out of the scope of this article, interested people should go here: https://www.investopedia.com/tech/how-does-blockchain-work/
For now, you will just have to believe me, this data is almost instant and it is reliable, so we are already miles ahead of most systems… Now we can see how it is a distributed system. For this, you will have to copy the ‘stream’ address that the web_ui is displaying for you, you can see a screenshot here:
The fact that any distributed node can interact with the blockchain is what makes this system so powerful, you can have any number of volunteers with any number of ideas, interacting with the system without the risk of compromise. That means you can open up the flow of your data, we can innovate and analyse, observe and create until people find the missing links and formulas that will arm our scientists with the tools to fight back against the pandemic…
Speaking of which… “Let’s butcher your civil liberties!”
PART 3: Let’s butcher your civil liberties
So, we now have a unique address that has been assigned to us; so let’s imagine we are a policeman! You can be a mayor, the prime minister! Whatever your poison… Now we imagine that science has predicted a cluster near where you live (we know that because we now have a reliable knowledge bank of standardized key medical data, age, and COVID-19 status shared on a distributed system!) The next step is:
We need you to know that you can’t go out, ASAP!
Quick, let’s go to the site.
We’ve already used a separate (hypothetical) filtering node to find all people affected, we didn’t use AI and Machine-learning to create a super-smart neutral control system, but in the right hands in this distributed system that would frankly be child’s play. Instead, we used an ‘autocomplete’ filter to find your address.
“message”: “Sorry, papa gotta stay at home! “,
We immediately know that a KEY of ALERT has arrived from a PUBLISHER approved as a POLICEMAN and has verified at a CERTAIN TIME, and it contains a message that you cannot leave the house. Your proverbial traffic light is flashing red, no shopping for you today, sorry about that. If you did go out, authorities could immediately scan your address and find out your status*, (sorry cheats!).
*For the fraudulently minded of you, you would need to have a pretty good doppelganger to not be identified by the original data of the stream (assuming you we cheating by for example stealing somebody else’s blockchain address!).
So anyway, quite exciting stuff, we’ve registered and been told by the authorities that we aren’t allowed to leave our house. It is all distributed, allowing collaboration between public and private authorities that would never normally have the ability to collaborate in such a large-scale system, and even if they did, it is hard to see the system executed without compromising civil liberties and cyber-security… The fact that different parties with different purposes and different politically interests can immediately trust and use a distributed system would be a game-changer in this context.
Even if we were using my prototype as a simple alert system distributed between trustless parties for pseudo-anonymously implementing a nationwide COVID-19 response system, that would be a pretty amazing tool.
Even if we didn’t use AI / Ml algorithms to mathematically control the liberties of the participants (which would not be difficult) then it would still be valuable.
But the best part of this system can be seen in the final block of the proof of concept. The live sharing trustless medical data. So for that, let’s hop on over to the final component of the system.
PART 4: Let’s beat this virus, (click on refresh statistics)
This is a permissioned blockchain, that means that it isn’t open to the public, only ‘verified’ actors. Basically, you or I cannot join, only someone who has been authorised. But the good news is that anyone who is authorised has immediate access to all the data flowing through the system, and this data cannot be tampered with by anyone on the network.
In simple terms, we can share this data internationally, and the international actors can access and process a live stream of reliable data while being unable to extrapolate sensitive personal data or interfere with the working of the system. It is internet equivalent of an open-kitchen, the world can see what we are cooking but we don’t have to worry about them sneezing in the soup…
You’ll have to excuse me, I’m capable of building some great-looking data visualisation tools, I do it as a day job… However, in the few hours I’ve had to build this prototype I’m afraid I’ve stuck to the MVP principals, you can ‘see’ the actors you’ve added to the blockchain added to a table.
You will have to use your imagination to visualise the processing of treatment data, time to recovery, number of illnesses broken down into geography and all the vital data that the international medical community requires to beat this thing.
You can also imagine a record of police prosecutions per area, merged with infection rates, merged with trending medical statistics. This is a step further than a nationalised open API, this would be a distributed, transparent data feed that wouldn’t allow for easy political manipulation.
The really great thing is that we could open up our system and give access to everything to the international community; we could allow direct access to a live feed of the latest, tamper-proof medical data.