Skip to main content

What is Salud Health Records?

Salud Health Records is a privacy-preserving medical records management system built on the Aleo blockchain using the Leo programming language. It enables patients to:
  • Store encrypted medical records as private records on-chain
  • Grant temporary access to healthcare providers via secure tokens
  • Revoke access automatically after expiration (block height based)
  • Maintain full control over their health data

Key Features

Privacy by Design

The smart contract leverages Aleo’s zero-knowledge architecture to ensure:
  • Private Medical Records: Health data is stored in private records, only visible to the owner
  • Public Access Verification: Access grants are stored in public mappings for transparent verification
  • Cryptographic Access Tokens: Tokens are generated using secure hash functions to prevent prediction
  • Automatic Expiration: Access automatically expires based on block height, no manual cleanup required

Security Model

program salud_health_records_v6.aleo {
    // @admin allows upgrades during testnet development
    // Change to @noupgrade before mainnet deployment
    @admin(address = "aleo1gl4a57rcxyjvmzcgjscjqe466ecdr7uk4gdp7sf5pctu6tjvv5qs60lw8y")
    async constructor() {}
    
    // ... rest of program
}
The contract implements multiple layers of security:
Security LayerImplementationPurpose
Private RecordsAleo record typeOnly patient can view encrypted health data
Access VerificationPublic mappingsDoctors verify their access permissions
Token GenerationBHP256 hash + nonceUnpredictable, unique access tokens
Expiration EnforcementBlock height comparisonAutomatic, immutable access timeouts

Program Constants

The contract defines three critical constants for access duration management: 
// Default access duration: ~24 hours worth of blocks
// Aleo produces ~1 block per 15 seconds = 4 blocks/minute = 5760 blocks/day
const DEFAULT_ACCESS_DURATION_BLOCKS: u32 = 5760u32;

// Maximum access duration: ~7 days (for extended care scenarios)
const MAX_ACCESS_DURATION_BLOCKS: u32 = 40320u32;

// Minimum access duration: ~1 hour (for quick consultations)
const MIN_ACCESS_DURATION_BLOCKS: u32 = 240u32;

Block Time Calculations

Aleo blockchain produces approximately 1 block every 15 seconds, which translates to:
  • 4 blocks per minute
  • 240 blocks per hour
  • 5,760 blocks per day
  • 40,320 blocks per week
These constants ensure access grants are bounded within reasonable timeframes for medical consultations and treatment periods.

Core Workflow

The typical user journey follows three main steps:
1

Create Record

Patient encrypts medical data client-side and stores it as a private record on-chain.
const record = await createMedicalRecord({
  encryptedData: chunks,
  recordType: 2, // Lab results
  dataHash: hash,
  nonce: randomNonce,
  makeDiscoverable: true
});
2

Grant Access

Patient grants temporary access to a healthcare provider by generating an access token.
const accessToken = await grantAccess({
  medicalRecord: record,
  doctorAddress: "aleo1...",
  durationBlocks: 5760, // 24 hours
  nonce: randomNonce
});
3

Verify Access

Doctor scans QR code containing access token and verifies access on-chain.
const isValid = await verifyAccess({
  accessToken: token,
  doctorAddress: myAddress,
  recordId: recordId
});

Data Privacy Guarantees

Medical Data

Stored in private records - only the patient can decrypt and read the contents. Not visible to validators or other network participants.

Access Grants

Stored in public mappings - anyone can verify if a doctor has valid access, but the actual medical data remains private.

Access Tokens

Cryptographically generated using BHP256 hash function with patient-provided nonces to prevent prediction attacks.

Expiration

Enforced via block height comparison - mathematically guaranteed expiration without requiring off-chain systems.

Record Types

The contract supports 10 different categories of medical records: 
async transition create_record(
    // ... parameters ...
    record_type: u8,
    // ... more parameters ...
) -> (MedicalRecord, Future) {
    // Validate record_type is within acceptable range (1-10)
    assert(record_type >= 1u8 && record_type <= 10u8);
    
    // ... rest of function
}
TypeCategoryUse Case
1General HealthRoutine checkups, physical exams
2Laboratory ResultsBlood tests, urinalysis, biopsies
3PrescriptionsMedication records, dosage info
4Imaging/RadiologyX-rays, MRIs, CT scans
5Vaccination RecordsImmunization history
6Surgical RecordsOperation notes, procedures
7Mental HealthTherapy notes, assessments
8Dental RecordsDental exams, treatments
9Vision/OphthalmologyEye exams, prescriptions
10Other/MiscellaneousUncategorized records

Why Leo on Aleo?

The choice of Leo language and Aleo blockchain provides unique advantages for healthcare:
Aleo’s zero-knowledge architecture means private records are truly private - not just encrypted, but invisible to all network participants except the owner.
On-chain execution costs are deterministic and predictable, making it feasible for healthcare organizations to budget for blockchain operations.
Leo’s strongly-typed system prevents many common smart contract vulnerabilities at compile time, critical for medical applications.
All access verifications are cryptographically provable, providing an immutable audit trail for compliance purposes.

Next Steps

Architecture

Dive deep into the smart contract architecture, data structures, and state management

Functions

Explore all available transitions and their parameters

Integration

Learn how to integrate the contract with your frontend application

Testing

Run tests and deploy your own instance

Build docs developers (and LLMs) love

Get started for freeTalk to us