I built an early prototype exploring whether self-custody medical records can work in practice, using cryptographic proofs without putting sensitive health data on-chain.
The problem I’m testing against is healthcare data fragmentation in Indonesia, where patient records are siloed across hospitals and often unavailable in emergencies.
Blockchain is used only as an immutable audit layer; the system is designed to work even if the chain changes.
Key design choices: - No medical data on-chain (hashes only, for verification and audit) - All records encrypted off-chain - Patients control access via QR-based sharing (doctors don’t touch crypto) - Blockchain treated as a verification layer, not storage
Lessons learned so far: - Hospitals won’t run blockchain infrastructure - Doctors won’t manage private keys - UX matters more than cryptography - Key recovery is harder than expected - Regulation shapes architecture early
This is not production-ready and doesn’t solve regulation, key recovery, or hospital interoperability yet.
I’m mainly looking for critical feedback: - Where this approach is fundamentally flawed - What simpler designs I should consider instead - Healthcare practitioners’ reality checks
Repo and technical details are in the README. Happy to answer questions.
A few quick clarifications up front: - No medical data is stored on-chain (hashes only) - This is a prototype to test assumptions, not a compliant system - Hospitals are not expected to run blockchain infrastructure - The design is intentionally chain-agnostic
If you think blockchain is unnecessary here, I’d genuinely like to hear what simpler alternative you’d recommend.