Data Ownership and Storage

DecentraFit is designed around the principle that users are the absolute owners of their data. All biometric information, sensor outputs, and proof statements are generated, encrypted, and verified locally before any interaction with the blockchain. This model ensures full data sovereignty while allowing cryptographically verifiable participation in the decentralized health economy.

Local-First Data Model

  • Raw health data never leaves the device. Every measurement, including heart rate, motion entropy, and recovery analytics, is processed and encrypted on-device. Only zero-knowledge proofs and minimal metadata are transmitted to the Layer-2 verifier for validation and reward issuance. This architecture guarantees complete separation between user identity, biometric content, and blockchain activity.

Optional Off-Chain Encrypted Vault

  • Users who wish to back up or aggregate their data can opt into an off-chain encrypted vault hosted on IPFS.

  • Files are encrypted using AES-256-GCM with a user-generated key derived from local device entropy.

  • The encryption key is never transmitted or recoverable by DecentraFit or any third party.

  • Vault files can only be decrypted through the user’s private key, ensuring that even IPFS node operators cannot access the contents.

This off-chain layer offers long-term data persistence and interoperability with future AI health assistants or research programs, without ever exposing unencrypted metrics.

Blockchain Record Schema

Field
Description

Proof Hash

The Merkle root of the zero-knowledge proof attesting to activity authenticity.

Timestamp

Block-level submission time for proof finality and sequencing.

Validator Signature

A cryptographic signature from the verifying node confirming successful proof validation.

DFIT Reward Metadata

Encoded record of reward distribution, including epoch ID and token emission rate.

This minimal-data schema ensures transparency and accountability while maintaining user anonymity.

Data-Access NFTs

To facilitate secure and temporary data sharing, DecentraFit introduces Data-Access NFTs (dNFTs). Each dNFT represents a revocable permission token that grants specific entities time-limited access to encrypted user data stored in the vault.

  • The NFT is minted by the user and bound to a designated public key belonging to a research institution, healthcare provider, or data collaborator.

  • Access is cryptographically scoped — permissions define what can be read (for example, “average heart-rate trend over 30 days”) without granting decryption rights to full datasets.

  • Once the access period ends, the NFT is burned, automatically revoking permissions and invalidating decryption keys associated with that session.

This mechanism transforms data sharing into a user-controlled, auditable, and reversible process, creating a foundation for ethical and decentralized health research.

PreviousThe SolutionNextDevice Layer

Last updated