The Health Wall: Proof Without Exposure

[Proposal setup] Proposal title

Please provide your proposal title

The Health Wall: Proof Without Exposure

[Proposal Summary] Time

Please specify how many months you expect your project to last

3

[Proposal Summary] Translation Information

Please indicate if your proposal has been auto-translated

No

Original Language

en

[Proposal Summary] Problem Statement

What is the problem you want to solve?

Health verifications require sharing full medical records or full medical test results, risking privacy, breaches, misuse, and loss of user control while exposing far more data than necessary.

[Proposal Summary] Supporting Documentation

Supporting links

• https://github.com/ThePaapyK/GalamseyWatch
,
• https://drive.google.com/file/d/1v5qstL-2mZW2B9hWvXJfu62NcoVlZDpM/view?usp=sharing
,
• https://github.com/ThePaapyK/Final-Year-Project
,
• https://github.com/GADDO387
,
• https://github.com/Susuadzo

[Proposal Summary] Project Dependencies

Does your project have any dependencies on other organizations, technical or otherwise?

No

Describe any dependencies or write 'No dependencies'

No dependencies

[Proposal Summary] Project Open Source

Will your project's outputs be fully open source?

Yes

Please provide here more information on the open source status of your project outputs

Our project will be fully open source under the Apache License 2.0 ensuring all code is publicly available, reusable, and extendable.

[Theme Selection] Theme

Please choose the most relevant theme and tag related to the outcomes of your proposal

Healthcare

[Campaign Category] Category Questions

What is useful about your DApp within one of the specified industry or enterprise verticals?

Our dApp provides privacy-preserving health verification across multiple sectors, including employment, insurance, travel, and public health compliance. Traditionally, users must share full medical records or tests with organizations, exposing sensitive personal data. Using Midnight’s zero-knowledge proof framework, the dApp allows individuals to prove they meet specific health requirements without revealing the underlying medical details. This ensures data privacy, regulatory compliance, and trust, while enabling organizations to verify health credentials securely and efficiently. By leveraging Compact smart contracts, selective disclosure, and proof servers, the dApp supports auditable, privacy-first verification workflows suitable for any industry where health validation is needed.

What exactly will you build? List the Compact contract(s) and key functions/proofs, the demo UI flow, Lace (Midnight) wallet integration, and your basic test plan.

We will build a privacy-preserving Health Eligibility Verification DApp using Cardano’s Midnight chain, Compact smart contracts, and Zero-Knowledge Proofs (ZKPs). The DApp enables individuals to prove compliance with health requirements—such as TB-free status, fitness-to-work, vaccination validity, or recent medical clearance—without disclosing any underlying medical test results or personal health information.

The solution simulates real-world participants (clinics/labs issuing credentials, users proving compliance, and verifiers such as employers, insurers, airlines, universities). It demonstrates a reusable privacy framework for health verification using selective disclosure principles.

Compact Smart Contracts and Key Functions

Contracts to be developed:

• HealthCredentialContract — Registers medical credential hashes and validates issuer signatures.
• EligibilityProofContract — Verifies health conditions without revealing test results (e.g., TB-negative, BP below threshold).
• RecencyValidationContract — Proves a medical test was taken within an accepted time period without revealing the actual dates.
• DisclosureController (simulation) — Models selective data disclosure and explicit consent.

Key functions/proofs:

prove(), verify(), isValid(), validateTimeRange(), disclose(), revoke().

Uses opaque types, witness commitments, zkSNARKs, and principle of least disclosure.

Demo & UI Flow

• Issuer Simulation (Clinic Portal): User enters sample test data (mocked). The system generates a signed credential commitment stored in the Lace wallet.
• Wallet Handling: Lace wallet protects witness files and allows selection of what to prove (eligibility only, not raw results).
• Proof Generation: User generates a ZK proof demonstrating compliance: e.g., “TB Negative”, “Medical test taken < 30 days ago”, “Meets fitness requirements”.
• Proof Submission: Proof submitted to simulated verifier portal or directly to the Compact contract.
• Verification Result: Smart contract responds with YES/NO eligibility without revealing any medical or identity data.

Wallet (Lace/Midnight) Integration

• Stores credential hashes and witnesses locally.
• Generates zkSNARKs for proof of compliance.
• Provides selective disclosure using disclose() and derived keys.
• Signs proof submissions without exposing private data.
• Prevents behavioral linkage through key non-reuse.

Basic Test Plan

1. Unit Testing: Test Compact circuits for eligibility logic, timestamp validation, credential authenticity, revocation handling.
2. Integration Testing: Wallet → proof generation → smart contract verification → auditability.
3. Security Testing: Confirm zero leakage of raw health data, timestamps, identity, or metadata via logs/UI/network requests.
4. PoC Functional Testing: Simulate multiple verification use cases: employment, travel, insurance, university medical vetting.

Why This Requires Midnight + Compact

This use case **cannot be implemented on a public blockchain **due to privacy, compliance, and sensitive data protection requirements. Midnight offers:

• zkSNARK integration with Compact smart contracts
• Opaque types to prevent data structuring leakage
• Private witness handling and local proof generation
• Mandatory explicit disclosure
• Privacy-by-default ledger architecture

It introduces a new reusable building block: a generalized health eligibility zk-proof system that can be adapted for employment, insurance, travel, immigration, and regulatory compliance.

How will other developers learn from and reuse your repo? Describe repo structure, README contents, docs/tutorials, test instructions, and extension points. Which developer personas benefit, and how will you gauge impact (forks, stars, issues, remixes)?

Other developers will learn from and reuse the repository through a clear structure, detailed documentation, and modular Compact contract design modeled after best practices from Midnight developer training Modules 4–7. The repo will include dedicated folders for contracts, circuits, witnesses, front-end demo, proof server setup, and integration with Lace wallet via Midnight.js. The README will explain: project purpose, architecture overview (Compact contracts, state model, selective disclosure logic, ZKP flow), setup instructions (Docker, Node.js, Lace wallet connection), test execution (local TestNet-02), and instructions to simulate verifier roles.

Comprehensive docs will include diagrams showing ledger state, contract flow, and how proofs are generated, verified, and selectively disclosed. Tutorials will walk developers through creating their own privacy-preserving claims (e.g., vaccination, insurance eligibility) and extending the contract for new domains like KYC or student credentials. Extension points will be clearly documented—such as adding new proof circuits, modifying disclosure policies, or integrating with external APIs.

Key developer personas include:

• Privacy DApp developers: learn how to use Compact to build selective disclosure applications.
• zk-curious developers: understand witness generation, proof server, and ZKP workflows without complex math.
• Enterprise integrators: see how Midnight enables secure, privacy-preserving compliance for regulated industries like health and insurance.

To measure impact, we will track forks, stars, GitHub issues, documentation feedback, and downstream remixes (e.g., someone adapting it for travel or education verification). Clear documentation, modularity, and simulation-based verifier logic make it highly reusable and an attractive reference for new builders entering the Midnight ecosystem.

[Your Project and Solution] Solution

Please describe your proposed solution and how it addresses the problem

This project addresses a critical real-world problem: individuals often lack a secure, privacy-preserving way to prove health status—such as vaccination validity, test results, or time-sensitive medical compliance—without revealing unnecessary personal data. In healthcare, employment, travel, insurance, and licensing, users are forced to overshare sensitive information beyond what is required, leading to privacy risks, data breaches, and compliance challenges.

Our approach uses Midnight’s Compact framework, zero-knowledge proofs, and selective disclosure to transform medical verification into private, user-controlled attestations. Instead of sharing full medical records, the user proves exactly what is required—such as “I took a valid PCR test within the last 72 hours” or “I meet health eligibility criteria”—without exposing personal identity, underlying test details, or medical history.

This solution is well-suited to Midnight because it relies on core features of the platform: private ledger state, opaque data types, witness generation, and proof verification on-chain. Public blockchains cannot securely handle sensitive health data, nor can they support compliance-friendly privacy controls needed for regulated industries.

The project engages individuals (patients), verifiers (employers, insurers, airport staff, licensing bodies), and developers building compliance-ready privacy DApps. It demonstrates how to keep health data off-chain while proving compliance on-chain, aligning with Midnight’s principles of verifiable privacy, selective disclosure, and data minimization.

What is unique about our solution is its generalization: it is not limited to employment screening but applicable to any scenario requiring privacy-preserving health verification. It also serves as a foundational building block—other developers can extend this for age verification, educational credentials, KYC, licensing, and more.

This is important for Midnight because it showcases a compelling real-world use case where public blockchains fail but Midnight succeeds—demonstrating how privacy, integrity, and compliance can coexist through Compact contracts, ZK proofs, and controlled disclosure.

[Your Project and Solution] Impact

Please define the positive impact your project will have on Midnight ecosystem

Positive Impact on the Midnight Ecosystem

This project introduces a reusable privacy-preserving health verification framework built on Midnight’s Compact protocol, showcasing selective disclosure, time-bound credential validity, and verifiable ZK health attestations. By demonstrating real-world use cases such as employment screening, insurance eligibility, travel health checks, and research participation, the project expands Midnight’s utility beyond payments—into sensitive data governance, identity-verifiable compliance, and privacy-critical digital services.

This proof-of-concept becomes a developer reference point that clearly illustrates how Midnight supports confidential state, witness creation, and off-chain proof generation via the proof server, all tied to Lace wallet interactions. Developers can learn how to build end-to-end privacy DApps using Compact contracts—without exposing underlying medical data or personally identifiable information—thereby reinforcing Midnight’s core value: “Compute with trust, transact with confidentiality.”

Impact Measurement

Quantitative metrics:

• GitHub repository engagement: forks, stars, open issues, pull requests

• Number of developers using or remixing the Compact contracts

• Hackathon adoption or integrations into other Midnight projects

• Number of wallet-attested proof generation interactions simulated using Lace

Qualitative metrics:

• Developer feedback on clarity, ease of reuse, and ZKP concepts

• Inclusion in Midnight developer tutorials, learning pathways, or workshops

Sharing Outputs and Opportunities

• Full open-source repository (Apache 2.0) with modular architecture, including Compact contracts, ZK proof circuits, UI demo, proof server integrations, and Wallet APIs

• Documentation, recorded walkthroughs, and technical tutorials published on GitHub Pages, Cardano Forum, Discord developer channels, and Midnight Academy community call

• Encourage community extension by tagging issues as “good first issues” to help onboarding new devs

• Present as a teaching resource for Midnight’s developer training Module 5–7 (ZK proofs, Compact contract design, witness disclosure flows)

This project demonstrates how Midnight solves real privacy challenges while enabling community developers to build scalable, adaptable, and compliant DApps for health, identity, or other sensitive domains.

[Your Project and Solution] Capabilities & Feasibility

What is your capability to deliver your project with high levels of trust and accountability? How do you intend to validate if your approach is feasible?

I am well-suited to deliver this project because I have a strong background in full-stack software engineering, AI, and system integration, with completed projects including a breast-cancer CNN model, multiple Next.js applications, Flask-based services, and data-driven analytical tools. These demonstrate my ability to design and implement reliable end-to-end technical systems. I also recently participated in the NASA International Space Apps Challenge, where I developed a tool using NASA Earth observation data to detect illegal mining impacts—showcasing my ability to work with complex datasets, scientific APIs, and reproducible workflows.

Beyond technical capability, I bring significant financial stewardship experience, having served as Financial Secretary in four different leadership roles from high school through university. In these positions, I consistently managed budgets, produced accurate accounts, and ensured value-for-money outcomes, which provides a strong foundation for accountability and responsible fund management.

My co-proposer, Adam, has hands-on experience with JavaScript for dynamic data visualizations and interactive user interfaces, particularly through his work on data insights for the Daily Choo app under KCIH. During the development of his automated plant growth chamber, he used JavaScript and PHP to retrieve and store real-time sensor data, enabling seamless user interaction and feedback. He has also built secure backend systems using MERN and Django, and implemented logging and control environments on Raspberry Pi and Arduino. This blend of backend architecture, real-time data handling, and interactive frontend work positions him well to contribute meaningfully to a privacy-preserving ZKP-based health verification system.

Our second co-proposer, Susu Boni, will contribute valuable UI/UX design and data analytics expertise essential for this proposal. Her design skills will ensure that the issuer, holder, and verifier flows in the health-verification DApp are intuitive and accessible, even with complex concepts such as selective disclosure and zero-knowledge proof steps. Her data analytics background will support clear visual feedback, structured flow design, and documentation that will help developers easily understand and reuse the reference implementation. Her contribution will ensure the DApp is both technically sound and practical for real-world adoption.

[Final Pitch] Budget & Costs

Please provide a cost breakdown of the proposed work and resources

Cost Breakdown of the Proposed Work and Resources

Costs reflect the required effort for Compact contract development, frontend and wallet integration, proof generation flows, documentation, testing, and final delivery. All work is done directly by the project team in accordance with Catalyst Fund Rules.

Cost Summary

Total Budget: 7,000 USDM

Milestone 1 — 1,400 USDM

• Compact contract (logic, ZK constraints, timestamps)

• Repo setup, licensing, initial docs

• Local Midnight stack configuration

Milestone 2 — 2,100 USDM

• UI (issuer/holder/verifier)

• Lace Wallet + proof server integration

• Documentation expansion

• TestNet-02 deployment

Milestone 3 — 3,500 USDM

• Automated test suite

• Debugging + refinement

• Completion Video

• Final technical report

Total: 7,000 USDM

[Final Pitch] Value for Money

How does the cost of the project represent value for the Midnight ecosystem?

We believe the 7,000 USDM budget represents strong value for the Midnight ecosystem because it delivers a complete, open-source reference DApp demonstrating one of Midnight’s most important capabilities: privacy-preserving verification using Compact contracts and zero-knowledge proofs. This project produces practical, reusable patterns—selective disclosure, timestamp-based requirements, credential validation, proof generation flows, and Lace wallet integration—that future developers can adopt without rebuilding foundational logic.

Our work directly addresses a core ecosystem need: helping new builders understand how to combine Compact smart contracts, witness functions, proof-server interactions, private data handling, and frontend integration. By making all outputs open-source under Apache 2.0, we provide a long-lasting technical asset that other developers can run locally, fork, extend, and use as a reference for their own privacy-preserving applications.

This project is also excellent value for funds because our team is delivering a specialized ZK- and Compact-based DApp at well below typical market rates. Across three months of work, each team member effectively earns less than ~17 USDM/hour—significantly lower than industry rates for developers working on zero-knowledge proofs, blockchain security, and smart contract development (often 50–120+ USD/hour). This means the ecosystem receives a high-quality, technically advanced reference implementation at a fraction of the normal cost.

[Self-Assessment] Self-Assessment Checklist

I confirm that the proposal clearly provides a basic prototype reference application for one of the areas of interest.

Yes

I confirm that the proposal clearly defines which part of the developer journey it improves and how it makes building on Midnight easier and more productive.

Yes

I confirm that the proposal explicitly states the chosen permissive open-source license (e.g., MIT, Apache 2.0) and commits to a public code repository.

Yes

I confirm that the team provides evidence of their technical ability and experience in creating developer tools or high-quality technical content (e.g., GitHub, portfolio).

Yes

I confirm that a plan for creating and maintaining clear, comprehensive documentation is a core part of the proposal's scope.

Yes

I confirm that the budget and timeline (3 months) are realistic for delivering the proposed tool or resource.

Yes

[Required Acknowledgements] Consent & Confirmation

I Agree

Yes