Skip to main content

Overview

Salud Health is built with privacy-first principles using Aleo blockchain’s zero-knowledge technology. Your medical data is encrypted end-to-end, and only you control who can access it.
Salud achieves HIPAA-grade encryption through client-side encryption, zero-knowledge proofs, and blockchain-enforced access control.

Privacy Architecture

Three-Layer Security Model

1

Client-Side Encryption

Data is encrypted in your browser before it ever leaves your device
2

Blockchain Storage

Encrypted data is stored as private records on Aleo blockchain
3

Zero-Knowledge Verification

Access permissions are verified without revealing medical data

End-to-End Encryption

Data encrypted before leaving your browser, decrypted only by authorized users

Zero Server Knowledge

Backend servers never see your unencrypted medical data

Blockchain Immutability

Records permanently stored with cryptographic integrity

Granular Access Control

You control exactly who can access each record and for how long

Data Flow and Privacy

Creating a Medical Record

Your medical data is encrypted using your private key directly in the browser. The plaintext never leaves your device.
// Encrypt medical data client-side
const encryptedData = await encryptWithPatientKey(medicalData);
const chunks = splitIntoFields(encryptedData); // Split into 4 field elements
Encrypted data is split into Aleo field elements (~253 bits each) for blockchain storage.Storage Capacity: ~126 bytes total across 4 fields
The backend facilitates the blockchain transaction, but cannot read the encrypted data.
create_record(
  data_part1, data_part2, data_part3, data_part4,
  record_type,
  data_hash,
  nonce,
  make_discoverable
)
The record is stored on Aleo blockchain as a private record, visible only to the owner.Result: Your medical data is now permanently stored on blockchain, encrypted and accessible only by you.

Privacy Model

What’s Private vs. Public

Data TypeVisibilityWho Can See
Medical RecordsPrivateOnly the record owner (patient)
Encrypted Data FieldsPrivateOnly owner can decrypt
Access GrantsPublicAnyone can verify, but data stays encrypted
Access TokensSemi-publicShared via QR code, verifiable on-chain
Record MetadataOptionalPublic only if patient opts in
Transaction HashesPublicStandard blockchain transparency
Even though access grants are publicly visible on blockchain, they only contain addresses and token hashes - no medical data is exposed.

Encryption Details

Private Key Security

Your private key is the master key to all your medical records:

Browser Session Only

Private key stored in memory only during active session

Never Transmitted

Private key never sent over network or stored on servers

User-Controlled

You manage your private key - no password recovery

Standard Aleo Format

Compatible with all Aleo wallets and tools
NEVER share your private key with anyone! Anyone with your private key can decrypt all your medical records. Store it securely in a password manager.

View Key Encryption

When sharing records, view keys enable decryption: 
// From ShareRecordModal.tsx:120-124
// 1. Generate or retrieve view key for the record
const viewKey = user.viewKey || generateViewKey(user.address);

// 2. Derive doctor's public key from their address
const doctorPublicKey = derivePublicKey(doctorAddress);

// 3. Encrypt view key with doctor's public key
const encryptedViewKey = encryptWithPublicKey(viewKey, doctorPublicKey);
Security Properties:
  • Only the specified doctor can decrypt the view key
  • View key is unique per patient
  • Encrypted using elliptic curve cryptography
  • Included in QR code for seamless sharing

Access Control

Time-Limited Access

Access grants automatically expire based on block height: 
// From ARCHITECTURE.md:142-145
const DURATION_BOUNDS = {
  minimum: 240 blocks,    // ~1 hour
  maximum: 40320 blocks,  // ~7 days  
  default: 5760 blocks    // ~24 hours
}
Block-based expiration is enforced at the blockchain protocol level and cannot be bypassed, even by malicious actors.

Revocation

You can instantly revoke access before expiration: 
async transition revoke_access(access_token: field) -> Future
Security Guarantees:
  • Only the patient who granted access can revoke it
  • Revocation is immediate and irreversible
  • Blockchain verifies patient signature
  • Doctor loses access in next verification attempt

Security Features

Attack Vector Mitigation

Mitigation: Client-provided nonces ensure tokens are unpredictable
transition compute_access_token(
    record_id: field,
    doctor: address,
    patient: address,
    nonce: field  // Random value from client
) -> field
Each access token is unique and cannot be guessed or pre-computed.
Mitigation: Unique tokens per grant, verified against blockchain stateAccess tokens are single-use credentials tied to specific record/doctor pairs.
Mitigation: Multi-layer verification on blockchain
// Checks performed:
- Record ownership verification
- Access token exists in mapping
- Doctor address matches (if specified)
- Record ID matches
- Not revoked
- Not expired (block height check)
Mitigation: Cryptographic hash verification
record MedicalRecord {
  data_hash: field,  // Hash of original data
  // ...
}
Any modification to encrypted data will fail hash verification.
Mitigation: Block height-based automatic expirationAccess is checked against current block height every time:
assert(current_block_height < grant.expires_at)

Blockchain Security

Aleo’s Zero-Knowledge Technology

Salud leverages Aleo’s unique privacy features:

Private Transactions

Transaction details are hidden using zero-knowledge proofs

Private Records

Record contents only visible to owner, not other blockchain nodes

Public Verification

Anyone can verify transactions without seeing private data

Programmable Privacy

Smart contract controls precisely what’s public vs. private

Smart Contract Security

The Salud smart contract includes several security measures: 
// Prevent self-grants
assert(self.caller != doctor);

// Verify ownership
assert(medical_record.owner == self.caller);

// Enforce duration bounds
let clamped_duration = clamp(duration_blocks, 240u32, 40320u32);

// Compute expiration
let expires_at = current_block + clamped_duration;

Data Integrity

Hash Verification

Every record includes a hash for integrity checking: 
record MedicalRecord {
    data_hash: field,      // Hash of original data
    data_part1: field,     // Encrypted segment 1
    data_part2: field,     // Encrypted segment 2
    data_part3: field,     // Encrypted segment 3  
    data_part4: field,     // Encrypted segment 4
    // ...
}
Process:
  1. Original data is hashed before encryption
  2. Hash is stored in the record
  3. Upon decryption, hash is recalculated
  4. If hashes don’t match, data was tampered with
If hash verification fails, the record should not be trusted. This indicates data corruption or tampering.

Privacy Best Practices

For Patients

1

Secure Your Private Key

  • Store in a password manager
  • Never share with anyone
  • Keep backup in secure location
  • Consider hardware wallet for maximum security
2

Minimize Access Duration

  • Grant shortest access time needed
  • Revoke immediately after appointment
  • Review active grants regularly
3

Verify Doctor Identity

  • Confirm doctor’s Aleo address before sharing
  • Use doctor-specific grants (not generic QR codes)
  • Check blockchain explorer to verify grants
4

Monitor Access

  • Review Shared Access page regularly
  • Check for unexpected active grants
  • Revoke suspicious or unused access

For Healthcare Providers

1

Protect Your Private Key

  • Use dedicated device for medical records access
  • Never expose private key on shared computers
  • Log out after each session
2

Verify Patient Identity

  • Confirm patient address matches records
  • Verify QR code is from official Salud app
  • Check expiration time before relying on data
3

Handle Data Responsibly

  • Don’t screenshot or save decrypted data
  • Access records only when necessary
  • Follow HIPAA guidelines for data handling

Comparison with Traditional Systems

Salud vs. Centralized EHR

FeatureSalud (Blockchain)Traditional EHR
Data ControlPatient-ownedHospital/provider-owned
EncryptionEnd-to-endUsually at-rest only
Access ControlCryptographicDatabase permissions
Data PortabilityFully portableLocked to system
Single Point of FailureNoYes (central database)
Audit TrailImmutable blockchainModifiable logs
PrivacyZero-knowledgeTrust-based
InteroperabilityUniversal (blockchain)Limited (proprietary)
While traditional EHRs rely on trusting the system administrator, Salud uses cryptography to enforce privacy - you don’t have to trust anyone.

Known Limitations

Current Security Considerations

Limitation: Private keys stored in browser memory during sessionRisk: Browser vulnerabilities could expose keysMitigation: Keys cleared on disconnect, use trusted browsers, keep browser updated
Limitation: Frontend code must be trustedRisk: Compromised frontend could steal keysMitigation: Use official Salud deployment, verify code integrity, open-source transparency
Limitation: Block times are approximate (~15 seconds)Risk: Expiration times may vary slightlyMitigation: Use conservative durations, check blockchain time before relying on access
Limitation: ~126 bytes per recordRisk: Large files need multiple recordsMitigation: Store file hashes on-chain, actual files in encrypted IPFS/storage

Security Auditing

How to Verify Security

1

Review Open Source Code

All Salud code is open source - audit the encryption implementation
2

Check Smart Contract

Review the Leo smart contract for security vulnerabilities
3

Verify on Blockchain

Use Aleo blockchain explorer to verify records and grants
4

Test in Demo Mode

Try the system in demo mode before using with real data

Blockchain Explorer

Verify your records and access grants on-chain:
  • Testnet Explorer: https://explorer.aleo.org/
  • Search by: Address, transaction hash, or record ID
  • Verify: Record creation, access grants, revocations
All blockchain transactions are publicly verifiable, but medical data remains encrypted and private.

Compliance and Standards

Privacy Regulations

Salud’s architecture supports compliance with:

HIPAA

End-to-end encryption and access controls meet HIPAA technical safeguards

GDPR

Patient data ownership and right to revoke access align with GDPR

21 CFR Part 11

Blockchain audit trail provides required record-keeping

SOC 2

Cryptographic access controls and audit logs support SOC 2 compliance
While Salud’s technology supports compliance, organizations must still implement proper policies and procedures. Consult legal counsel for your specific jurisdiction.

Future Security Enhancements

Planned security improvements:
  • Hardware Wallet Integration: Support for Ledger/Trezor for key storage
  • Multi-Signature Records: Require multiple approvals for sensitive data
  • Biometric Authentication: Fingerprint/FaceID for access
  • Zero-Knowledge Proofs: Prove record attributes without revealing data
  • Decentralized Identity: Integration with DID standards

Get Help

Report Security Issue

Found a vulnerability? Email [email protected]

Community Support

Join Aleo Discord for privacy-tech discussions

Build docs developers (and LLMs) love

Get started for freeTalk to us