Architecture Overview
Oneliac's architecture combines cryptography, blockchain, and distributed systems to create a privacy-preserving healthcare platform. This document provides a high-level overview of the system components and their interactions.
System Architecture Diagram
┌─────────────────────────────────────────────────────────────┐
│ Patient Layer │
│ ┌──────────────────┐ ┌──────────────────┐ │
│ │ Patient Data │→ │ Encryption │ │
│ └──────────────────┘ │ (Fernet) │ │
│ └──────────────────┘ │
└─────────────────────────────────────────────────────────────┘
↓
┌─────────────────────────────────────────────────────────────┐
│ IPFS Storage Layer │
│ ┌────────────────────────────────────────────────┐ │
│ │ Encrypted Patient Records │ │
│ │ - Content Identifier (CID) │ │
│ │ - SHA256 Hash Registry │ │
│ └────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────┘
↓
┌─────────────────────────────────────────────────────────────┐
│ Zero-Knowledge Proof Layer │
│ ┌─────────────────────────────────────────────┐ │
│ │ Circom Circuit Compilation │ │
│ │ ↓ │ │
│ │ Private Inputs Processing │ │
│ │ (patient_id, medical_history_hash) │ │
│ │ ↓ │ │
│ │ Groth16 Proof Generation │ │
│ │ ↓ │ │
│ │ Verifiable Proof Output (256 bytes) │ │
│ └─────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────┘
↓
┌─────────────────────────────────────────────────────────────┐
│ Blockchain Layer (Solana) │
│ ┌──────────────────┐ ┌──────────────────┐ │
│ │ Smart Contract │ │ On-Chain │ │
│ │ (Anchor) │──→ │ Verifier │ │
│ └──────────────────┘ └──────────────────┘ │
│ ↓ ↓ │
│ ┌────────────────────────────────────────────┐ │
│ │ IPFS Hash Registry │ │
│ │ (Immutable Record of Patient Transactions) │ │
│ └────────────────────────────────────────────┘ │
│ ↓ │
│ ┌────────────────────────────────────────────┐ │
│ │ Healthcare Oracle Events │ │
│ │ (Triggers agent actions) │ │
│ └────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────┘
↓
┌─────────────────────────────────────────────────────────────┐
│ AI Agent Layer │
│ ┌──────────────────────────────────────────────┐ │
│ │ Federated Learning Coordinator │ │
│ │ - Encrypted Gradient Aggregation │ │
│ │ - Differential Privacy Injection │ │
│ │ - Model Updates │ │
│ └──────────────────────────────────────────────┘ │
│ ↓ ↓ ↓ │
│ ┌────────────┐ ┌──────────┐ ┌───────────────┐ │
│ │ Eligibility│ │Diagnosis │ │ Prescription │ │
│ │ Agent │ │ Model │ │ Validator │ │
│ └────────────┘ └──────────┘ └───────────────┘ │
└─────────────────────────────────────────────────────────────┘
↓
┌─────────────────────────────────────────────────────────────┐
│ FastAPI REST Interface │
│ ┌──────────────────────────────────────────────┐ │
│ │ /verify-eligibility │ │
│ │ /validate-prescription │ │
│ │ /submit-federated-update │ │
│ │ /health, /status │ │
│ └──────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────────┘
↓
┌─────────────────────────────────────────────────────────────┐
│ External Healthcare Systems │
│ ┌───────────────┐ ┌──────────┐ ┌─────────────┐ │
│ │ Insurance │ │ Pharmacy │ │ EHR │ │
│ │ Provider │ │ Systems │ │ Systems │ │
│ └───────────────┘ └──────────┘ └─────────────┘ │
└─────────────────────────────────────────────────────────────┘
Core Components
1. Patient Layer
Responsibility: Input and encryption of sensitive patient data
- Receives raw patient information
- Applies Fernet symmetric encryption
- Computes SHA256 hash of medical history for ZK proofs
- Uploads encrypted data to IPFS
2. IPFS Storage Layer
Responsibility: Decentralized, immutable patient record storage
- Stores encrypted patient data
- Generates Content Identifier (CID) for retrieval
- Maintains tamper-proof audit trail
- Accessible only with decryption key
3. Zero-Knowledge Proof Layer
Responsibility: Privacy-preserving verification without exposing data
- Circom circuit compilation for eligibility/prescription rules
- Private inputs: patient_id, medical_history_hash
- Public inputs: procedure/drug code, insurance provider ID
- Groth16 proof generation (256-byte proofs)
- Proof verification before blockchain submission
4. Blockchain Layer (Solana)
Responsibility: Immutable transaction record and proof verification
- Anchor smart contracts for proof verification
- On-chain verifier validates ZK proofs
- IPFS hash registry for patient records
- Healthcare oracle emits events for agent triggers
- Ensures data integrity and auditability
5. AI Agent Layer
Responsibility: Core healthcare logic and intelligence
Eligibility Agent
- Checks insurance coverage for procedures
- Verifies patient eligibility using ZK proofs
- Queries insurance provider databases
- Returns coverage percentages and authorization requirements
Prescription Validator
- Validates drug prescriptions
- Checks drug interactions against medical history
- Queries LayerZero cross-chain oracle for pharmacy availability
- Ensures patient eligibility before approval
Federated Learning Coordinator
- Aggregates encrypted gradients from healthcare providers
- Applies differential privacy (Gaussian noise injection)
- Updates diagnosis model without centralizing data
- Maintains model hash for verification
6. FastAPI Interface
Responsibility: REST API for client integration
- Type-safe Pydantic request/response models
- CORS support for cross-origin access
- Automatic API documentation (Swagger, ReDoc)
- Async/await for concurrent request handling
Data Flow
Eligibility Verification Flow
1. Client submits encrypted patient data + procedure code
2. Eligibility Agent verifies patient eligibility
a. Generate ZK proof (private: patient_id, medical_history)
b. Submit proof to Solana smart contract
c. Contract verifies proof on-chain
3. Query insurance coverage database
4. Return coverage percentage + authorization requirements
Prescription Validation Flow
1. Client submits encrypted patient data + drug code
2. Prescription Validator checks eligibility (same as above)
3. Check drug interaction rules from database
4. Query LayerZero oracle for cross-chain pharmacy confirmation
5. Return validation status + oracle result
Federated Learning Flow
1. Multiple healthcare providers submit encrypted patient data
2. FederatedLearningCoordinator receives batch
3. For each provider:
a. Compute gradient from patient data
b. Add Gaussian noise (differential privacy)
c. Encrypt gradient with Fernet
4. Securely aggregate (decrypt, average, re-encrypt)
5. Update global diagnosis model
6. Increment round number
7. Return model hash for verification
Security Properties
| Layer | Security Mechanism | Benefit |
|---|---|---|
| Patient | Fernet Encryption | Only decryption key holder can access data |
| IPFS | Content Hash | Tamper detection via SHA256 verification |
| ZK Proof | Groth16 | Verify eligibility without exposing medical data |
| Blockchain | Solana Smart Contract | Immutable proof verification record |
| Federated Learning | Differential Privacy | Gradient noise prevents individual patient identification |
| Network | CORS + TLS | Secure client-server communication |
Key Technologies
- Cryptography: Fernet (symmetric), SHA256 (hashing), Circom + Groth16 (ZK proofs)
- Blockchain: Solana, Anchor framework
- Storage: IPFS
- Web Framework: FastAPI, Pydantic
- ML: PyTorch, NumPy
- Cross-Chain: LayerZero Oracle
- Async: asyncio, aiohttp
Scalability Considerations
- Async/await: Non-blocking API calls support concurrent requests
- Federated Learning: Distributed computation across providers
- IPFS: Distributed storage prevents single point of failure
- Solana: High-throughput blockchain (65k TPS)
- Proof Generation: Can be pre-computed off-chain