Decentralized patient health records powered by blockchain β where every medical document is an NFT owned entirely by the patient.
Live Demo Β· Smart Contracts Β· API Docs Β· Report a Bug Β· Request Feature
- The Problem
- Our Solution
- Architecture
- Tech Stack
- Features
- Smart Contracts
- Getting Started
- Project Structure
- API Reference
- How It Works
- Roadmap
- Team
- Acknowledgements
- License
India's healthcare system suffers from a critical, largely invisible crisis: fragmented, inaccessible, and fraud-prone medical records.
| Pain Point | Impact |
|---|---|
| ποΈ Records scattered across hospitals | Doctors repeat tests, patients pay twice |
| π Centralized hospital databases | Single point of failure, data breach risk |
| π Paper-based prescriptions | Easily forged, lost, or tampered with |
| πΈ Insurance fraud | βΉ45,000 Cr lost annually to fraudulent claims |
| π« No patient ownership | Hospitals own your data β you don't |
| π Zero interoperability | Apollo records can't talk to AIIMS systems |
"70% of Indian patients cannot produce a complete medical history when visiting a new doctor." β NITI Aayog Health Report
MediChain solves all of the above by giving patients true, verifiable ownership of their health data using blockchain technology.
Patient visits doctor β Doctor mints record as NFT β Patient owns it in their wallet
Doctor needs access β Requests via smart contract β Patient approves with expiry
Insurer checks claim β Verifies hash on-chain β Zero fraud possible
Every medical record on MediChain is:
- Patient-owned β minted as an ERC-721 NFT in the patient's wallet
- Tamper-proof β content hash stored immutably on Polygon blockchain
- Encrypted β actual files stored on IPFS, encrypted with the patient's public key
- Permissioned β doctors request access via smart contracts with time-bound expiry
- Verifiable β insurers can verify claim authenticity without seeing raw data
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β FRONTEND LAYER β
β React + Vite β Ethers.js β MetaMask Wallet β
β Patient Portal β Doctor Portal β Insurer Panel β
ββββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββ
β REST API + Web3 Calls
ββββββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββββββ
β BACKEND LAYER β
β Spring Boot 3 β JWT Auth β Web3j Library β
β Auth Service β Record Service β IPFS Client β
β Access Control β Audit Logger β Encryption Svc β
ββββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββ
β Smart Contract Calls
ββββββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββββββ
β BLOCKCHAIN LAYER β
β MedRecordNFT.sol β AccessRegistry.sol β ClaimVerifier.sol β
β ERC-721 Records β Doctor Permissions β Insurance Logic β
ββββββββββββββββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββ
β Content Hash References
ββββββββββββββββββββββββββββββββΌβββββββββββββββββββββββββββββββββββ
β STORAGE LAYER β
β IPFS / Filecoin β PostgreSQL β Redis Cache β
β Encrypted Files β User Metadata β Sessions β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
| Technology | Purpose |
|---|---|
| React 18 + Vite | UI framework with fast HMR |
| TailwindCSS | Utility-first styling |
| Ethers.js v6 | Ethereum/Polygon wallet interactions |
| React Query | Server state management + caching |
| Framer Motion | Animations and transitions |
| MetaMask SDK | Wallet connection and signing |
| Technology | Purpose |
|---|---|
| Spring Boot 3 | REST API framework |
| Web3j | Java β Ethereum/Polygon bridge |
| Spring Security | JWT auth + wallet signature verification |
| PostgreSQL | User metadata, audit logs |
| Redis | Session tokens, access cache |
| Java IPFS Client | Encrypted file storage |
| Technology | Purpose |
|---|---|
| Solidity 0.8.20 | Smart contract language |
| OpenZeppelin | ERC-721, security primitives |
| Hardhat | Development, testing, deployment |
| Polygon Mumbai | Testnet (low gas, EVM-compatible) |
| IPFS + Filecoin | Decentralized file storage |
- π Wallet-based login β no passwords, no forms. Your MetaMask wallet IS your identity
- πͺ NFT health records β every document minted as ERC-721, visible in your wallet
- π Access control dashboard β approve, revoke, and set expiry on doctor access in one click
- π± QR health card β shareable emergency QR that reveals only pre-approved information
- π Complete audit trail β see exactly who accessed your records and when, on-chain
- π Access request flow β request patient records via smart contract (patient approves)
- βοΈ Mint new records β upload prescriptions, lab results, scans directly to patient's wallet
- β±οΈ Time-bound access β access auto-expires after the approved duration
- π Verified history β view a patient's complete, tamper-proof medical history
- β On-chain claim verification β verify document hashes without seeing raw patient data
- π« Fraud elimination β forged documents fail hash verification instantly
- π Automated claim processing β smart contract logic for straight-through processing
// Each NFT = one medical record, owned by the patient
function mintRecord(
address patient,
string memory ipfsCID,
string memory recordType
) external returns (uint256 tokenId)Deployed: 0x742d35Cc6634C0532925a3b8D4C9F3456a4b1234 (Polygon Mumbai)
// Patient grants a doctor time-limited access
function grantAccess(address doctor, uint256 durationSeconds) external
// Patient revokes access instantly
function revokeAccess(address doctor) external
// Anyone can verify current access status
function hasAccess(address patient, address doctor) public view returns (bool)Deployed: 0x8Ba1f109551bD432803012645Hac136c34567890 (Polygon Mumbai)
// Verify a document hash without revealing contents
function verifyDocument(uint256 tokenId, bytes32 documentHash) external view returns (bool)Deployed: 0x9Cd2f110662eE543914156Ibd247d45678901234 (Polygon Mumbai)
View all contracts on Polygon Mumbai Explorer β
node >= 18.0.0
java >= 17
postgresql >= 14
redis >= 7
metamask browser extensiongit clone https://github.com/your-org/medichain.git
cd medichaincd medichain-contracts
# Install dependencies
npm install
# Copy environment file
cp .env.example .env
# Add your PRIVATE_KEY and POLYGONSCAN_API_KEY to .env
# Compile contracts
npx hardhat compile
# Run tests
npx hardhat test
# Deploy to Polygon Mumbai
npx hardhat run scripts/deploy.js --network mumbaicd medichain-backend
# Copy environment config
cp src/main/resources/application.example.yml src/main/resources/application.yml
# Update application.yml with your values:
# - database.url, username, password
# - blockchain.rpc-url (Alchemy/Infura Mumbai endpoint)
# - blockchain.contract-addresses (from step 2)
# - ipfs.api-url
# - jwt.secret
# Run with Maven
./mvnw spring-boot:run
# Or build and run JAR
./mvnw clean package
java -jar target/medichain-0.0.1-SNAPSHOT.jarBackend starts at http://localhost:8080
cd medichain-frontend
# Install dependencies
npm install
# Copy environment file
cp .env.example .env.local
# Update .env.local:
# VITE_API_URL=http://localhost:8080
# VITE_CONTRACT_NFT=<MedRecordNFT address>
# VITE_CONTRACT_ACCESS=<AccessRegistry address>
# VITE_CONTRACT_CLAIMS=<ClaimVerifier address>
# VITE_CHAIN_ID=80001
# Start dev server
npm run devFrontend starts at http://localhost:5173
spring:
datasource:
url: jdbc:postgresql://localhost:5432/medichain
username: your_db_user
password: your_db_password
blockchain:
rpc-url: https://polygon-mumbai.g.alchemy.com/v2/YOUR_KEY
contracts:
nft: 0x...
access-registry: 0x...
claim-verifier: 0x...
ipfs:
api-url: https://ipfs.infura.io:5001
jwt:
secret: your_jwt_secret_min_32_chars
expiry-ms: 86400000VITE_API_URL=http://localhost:8080
VITE_CONTRACT_NFT=0x...
VITE_CONTRACT_ACCESS=0x...
VITE_CONTRACT_CLAIMS=0x...
VITE_CHAIN_ID=80001
VITE_CHAIN_NAME=Mumbaimedichain/
β
βββ π medichain-contracts/ # Solidity smart contracts
β βββ contracts/
β β βββ MedRecordNFT.sol # ERC-721 medical record token
β β βββ AccessRegistry.sol # Doctor permission management
β β βββ ClaimVerifier.sol # Insurance claim verification
β βββ scripts/
β β βββ deploy.js # Hardhat deployment script
β βββ test/
β β βββ MediChain.test.js # Contract unit tests
β βββ hardhat.config.js
β
βββ π medichain-backend/ # Spring Boot REST API
β βββ src/main/java/com/medichain/
β βββ auth/
β β βββ WalletAuthController.java
β β βββ SignatureVerifierService.java
β β βββ JwtService.java
β βββ records/
β β βββ RecordController.java
β β βββ RecordService.java
β β βββ RecordRepository.java
β βββ access/
β β βββ AccessController.java
β β βββ AccessService.java
β βββ blockchain/
β β βββ Web3jConfig.java
β β βββ ContractService.java
β β βββ IpfsService.java
β βββ encryption/
β βββ EncryptionService.java
β
βββ π medichain-frontend/ # React + Vite application
β βββ src/
β βββ pages/
β β βββ PatientDashboard.jsx
β β βββ DoctorPortal.jsx
β β βββ InsurerPanel.jsx
β βββ components/
β β βββ RecordCard.jsx
β β βββ AccessControl.jsx
β β βββ WalletConnect.jsx
β βββ hooks/
β β βββ useWallet.js
β β βββ useContract.js
β β βββ useRecords.js
β βββ services/
β βββ api.js
β βββ contracts.js
β
βββ README.md
Authenticate using a wallet signature. No password required.
// Request
{
"walletAddress": "0xabc123...",
"message": "MediChain login: 1718000000000",
"signature": "0xdef456...",
"role": "PATIENT"
}
// Response 200
{
"token": "eyJhbGciOiJIUzI1NiJ9...",
"walletAddress": "0xabc123...",
"role": "PATIENT"
}Full API docs available at
http://localhost:8080/swagger-ui.htmlwhen running locally.
1. Patient opens MediChain β clicks "Connect Wallet"
2. MetaMask prompts to sign a login message (no gas fee)
3. Backend verifies signature β issues JWT
4. Patient dashboard loads their NFT records from chain
5. Patient approves doctor access β signs smart contract tx
6. Access auto-expires after set duration
1. Doctor logs in with their wallet
2. Searches patient by wallet address or QR code
3. Requests access β patient gets notification
4. Once approved, doctor views decrypted records
5. Doctor uploads new record β minted as NFT to patient wallet
6. Patient is notified of new record on-chain
1. Patient shares claim token (tokenId + document hash)
2. Insurer calls ClaimVerifier.verifyDocument()
3. Contract checks hash matches on-chain record
4. Returns true/false β no raw data ever leaves patient control
- ERC-721 medical record NFTs on Polygon
- Smart contract access registry with expiry
- Wallet-based authentication (no passwords)
- IPFS encrypted file storage
- Patient + Doctor + Insurer portals
- On-chain claim verification
- Mobile app (React Native + WalletConnect)
- ABHA ID integration (Ayushman Bharat Health Account)
- Multi-chain support (Ethereum mainnet, Solana)
- Zero-knowledge proof for privacy-preserving queries
- AI-powered health insights from aggregated anonymized data
- Hospital ERP integration (HL7 FHIR standard)
- Emergency access QR with geofencing
Built with β€οΈ for Code Veda 2.0 at ADGIPS β Geek Room Hackathon
| Name | Role | GitHub |
|---|---|---|
| [Your Name] | Blockchain + Smart Contracts | @github |
| [Teammate 2] | Backend β Spring Boot + Web3j | @github |
| [Teammate 3] | Frontend β React + Ethers.js | @github |
| [Teammate 4] | UI/UX + Presentation | @github |
- OpenZeppelin β battle-tested smart contract libraries
- Hardhat β Ethereum development environment
- Polygon β low-cost, EVM-compatible L2
- Web3j β Java and Ethereum integration
- IPFS β decentralized file storage
- Alchemy β blockchain node infrastructure
- Geek Room Γ ADGIPS for organizing Code Veda 2.0
MIT License
Copyright (c) 2025 MediChain Team
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software...
See LICENSE for the full text.
Made with β€οΈ for a healthier, more transparent India
β Star this repo Β· π Report Bug Β· π‘ Request Feature
