A BLOCKCHAIN-BASED APPROACH TO PREVENT HIDDEN CONTAGION OF COVID-19

The unprecedented outbreak of COVID-19 has become a grave concern worldwide because of its highly infectious nature. Besides extensive research on developing vaccine or medicine to prevent this virus attack, many technology-based solutions are also getting more importance as no one knows till date how to put a full stop on it. Being first conceptualized in 2008, blockchain technology gained enormous popularity in the cryptocurrency domain. However, nowadays, blockchain has also become popular in the healthcare domain as a privacy-preserving and data authenticity technique. The primary goal of our experiment is to develop a framework which can utilize the features of permissioned blockchain and maintain the fully controlled sharing of confidential health record to exhibit the health status and COVID-19 history of a patient using a mobile QR code based solution. So, the administrative team of any public place can be aware of the health condition of any people who are using this platform to prevent the unaware and hidden contagion of COVID-19. This article is the first of its kind to propose such a method to aid in solving this crisis. In our experiment, we have shown that Hyperledger Fabric as a base technology along with a robust user registration algorithm and data accessibility can solve the problem under consideration with a minimal health record of the patient. The proposed architecture also offers the patient more control over the health record, where the healthcare service provider assures the authenticity of the data, and the intrinsic feature of the blockchain technology makes it immutable. Keyword: COVID-19, Blockchain, Hyperledger Fabric, QR Code, Cloud Service


Introduction
The year 2019 ended with one of the growing threats to date to human civilization, COVID-19, a SARS-CoV-2 virus commonly known as Coronavirus causes this highly contagious respiratory syndrome. Being first identified in Wuhan city of Hubei province in China, so far, 188 countries and territories are affected by COVID-19, with more than 19.4 million confirmed cases and 723,000 demises [1]. Figure 1 shows the count of confirmed COVID-19 cases daily reported to the World Health Organization (WHO) until 5 August 2020, which depicts that COVID-19 is going to be a long-lasting case.
As informed by WHO, there is no specific treatments and vaccine for COVID-19 to date. Consequently, WHO highly prescribes an overall prevention mechanism like clearly knowing about the COVID-19, the syndrome it causes, and the way it spreads [2]. Despite the low mortality rate (<4%) worldwide, lack of proper knowledge to deal with pandemic situations, COVID-19's highly infectious nature, social distancing, curfew in the profoundly affected area, worldwide death toll, misinformation and fake news in social media, a growing number of daily cases, the socio-economic conditions has made the situation more frightening and stressed the mass people worldwide. People are so panicked and stumbled by the situation that we have experienced many cases in the different parts of the world that patients with COVID-19 like symptoms are running away from the hospital premises just knowing the fact that they are going to be examined for COVID-19, risking many other people's life including his own [3] [4]. Figure 1. Daily Cases Reported to WHO [5] We have also experienced much shocking and pathetic news that because of inadequate space and facilities, infected people are being refused to get admission into the hospital for treatment even in severe conditions resulting in them visiting many hospitals at a time and face unexpected deaths [6] [7]. Besides, the report by WHO says that almost 80% of the infected people are asymptomatic or experience mild symptoms [8], which worsens the situation because people remain unaware of the hidden contagion. On the other side, people are hiding their health condition and COVID-19 like syndromes to avoid social harassment [9]. Also, many patients are found COVID-19 positive after getting admission to the hospital for some other reasons [10]. Furthermore, there are also alarming cases where someone infected may have spread the virus unconsciously among a big community. Like, a deliveryman of ele.me, a leading food delivery platform in Beijing, was found COVID-19 positive, who usually delivers 50 orders per day [11]. Another compelling case is the autopsy report of George Floyd, who died a very controversial death in recent times in the USA, also had tested COVID-19 positive before. However, he remained asymptomatic [12], and a small team of Minneapolis police went to arrest him without any safety precaution for COVID-19. There is no doubt that all the incidents, not limited only to the discussion above, may cause unconscious hidden contagion of COVID-19, which may ultimately lead to the community transmission of this deadly virus as the WHO never denied the fact that pre-symptomatic and asymptomatic case can still spread the virus.
All the countries affected by COVID-19 have taken various measures at their level best based on their health policies to fight against its community transmission. In contrast, we have also found that the automatic central reporting system to track contagions and tackle any pandemic, developed by China after SARS, failed to figure out COVID-19 at an early stage [13]. Despite China's success in the battle against COVID-19, another technology-based attempt by them to reduce the contagion among the community also raised personal information security concerns by its users [14], where the Chinese government introduced "Health Code," which generates a location-specific, color-coded QR code depicting the health status and travel story of each user of it. This software service runs in Wechat, and Alipay platform. Any local authority can scan the QR code on demand. Though this "Health Code" serves its primary purposes, the users of this platform are not sure, how it works and which user data it stores. Based on the problems discussed above we are motivated to conduct our research with the following primary goals,  To reduce the hidden contagion by identifying the current and historical COVID-19 status of a patient in realtime wherever needed using a convenient blockchainbased solution.  To protect the confidential health records of a patient from unauthorized access.  To ensure the health record be authentic, protected, and unaltered.  To enhance the authority of the end-user or patient so that he/she can decide which access right to give to whom to access the health records. The proposed blockchain-based architecture in this paper gives the user full freedom of choosing with whom to share health records with what type of access permission. There is also a provision for revoking access rights. So, a patient does not need to face any social harassment or taboo. Being a blockchain-based model, it does not require any central monitoring. The model suggests preserving the current health status and COVID-19 history data of the patient, which only a healthcare service provider can update, making this information more authentic. Most public blockchain faces scalability issues like hardware limitations, low response time in the validation process, higher computing power, and transaction fees. Building the solution based on Hyperledger Fabric (HLF), we avoided the financial and computation cost of proof-of-work. Utilizing the chaincode feature in HLF, the low response time issue is also addressed. Moreover, the Mobile QR code-based solution has made the patient's information available wherever needed, checking which the authority of any public place can take necessary steps if they find any COVID-19 positive or suspected case.
This article is further organized as follows, Section-II includes a brief survey of the related research works, Section-III describes the proposed system architecture in details. Section-IV enlists the limitations and future work of this research work. Finally, we concluded our experiment in Section-V.

Literature Review
Blockchain is a promising technology to develop a various small scale to large scale solutions using which people can share their data securely. Technology-based healthcare solution development is a thriving research area where end-to-end data and network security need to be assured. Still, there are lots of healthcare issues that need research focus, and many technological obstacles need to overcome. In [15], considering different aspects to develop a digital healthcare solution, e.g., user privacy, data security, access control, cost to run the platform, the authors discussed the applicability of blockchain technology in the real-world healthcare sector, its future, and challenges. Besides discussing the existing blockchain-based cryptocurrency technology and general features of blockchain, [16] also describes the nonfinancial sectors where DLT (Distributed Ledger Technology) can be applied. They also took the advantage to show the comparison between the traditional database and the blockchain technology for biomedical/healthcare applications. Finally, they came into conclusion with the probable challenges and their solutions while adopting blockchain technology in biomedical/healthcare. [17] proposed a model utilizing blockchain technology for exchanging healthcare data effectively and securely beyond institutional boundaries. Emphasizing the necessity of data structure and semantics of the data, the authors also proposed an alternative network consensus algorithm named "Proof of Interoperability," which avoids the "Proof of Work" based model, minimizes the computational power requirement, still ensures blockchain consistency. The model proposed in this article considers public blockchain, and the access control mechanism could have been addressed more precisely with enhanced user authority. In contrast, emphasizing more on the access control mechanism while sharing e-Health data among different stakeholders, the researchers in [18] proposed an approach that store transactions of health information and access control policies in a consortium blockchain. Patientory [19] represents a patient-centric health information exchange protocol based on Ethereum blockchain. Here, the researchers proposed a secure way to manage healthcare data and interact with medical care teams. Data privacy is contingent on cryptography methods. Another healthcare data sharing solution involving ethereum blockchain is proposed in [20]. Here, the author also addressed the security of the sensitive healthcare data. Moreover, while deploying the solution they took diverse hospital environment, smartcontract with its containerized solution, encryption algorithm like Elliptic Curve Integrated Encryption System (ECIS), and distributed microservice architecture into consideration to facilitate portability, data security and easier installation and maintenance of the system. MedRec [21] record management system to operate electronic medical records use blockchain technology as a basis. They recruit medical stakeholders as "miners" in the blockchain network, and grant access to aggregate, anonymized medical data as a reward for mining. Besides, improving the access control mechanism and consensus algorithm, imposing various privacy-preserving techniques on the public blockchain to improve the efficiency and tailor it for the healthcare sector, researchers are also exploring the potential of semiprivate or private blockchain technology in the healthcare domain. Also, there is a growing interest in adopting blockchain for m-Health applications, e.g., researchers in [22] proposed an m-Health application for collecting and sharing personal health records built on Hyperledger Fabric (HLF), a permissioned blockchain technology. Regardless of their properly designed data integrity and security mechanism, the proposed architecture still has scope to combine personal health data and medical data. Moreover, this proposed system considers a broader scope to serve general-purpose healthcare issues with only data sharing and collaboration mechanisms.
With its strong footprint in the general health sector, to combat the COVID-19 situation, blockchain is also providing a base for many practical and conceptual solutions. An ethereum-based solution, introducing the new Digital Medical Passport and Immunity Certificates concepts, is articulated in [23] to facilitate the timely reporting of infections and reduce the impact, especially when people are traveling. Applying four different purpose smart-contracts, self-sovereign identity (SSI), re-encryption proxies, and InterPlanetary File System (IPFS) in system architecture, the researchers also simulated their concepts. Notably, ethereum is a public blockchain that also involves a cost in the mining process. On the other side, considering the social security of the patient, mobility and availability of the information, and the financial condition of the country, we proposed an HLF-based solution. Moreover, the basic purpose of a digital medical passport and immunity certificate is addressed by a single and authentic mobile QR-based solution. We also went through another innovative approach to identify COVID-19 propagation and contagion, activating four major components, Infection Verification System, Blockchain Platform, P2P Mobile Application, and Mass-Surveillance System [24]. The infection Verification System creates and represents infection patterns and infection instances. It also verifies infection patterns and instances based on the data of confirmed COVID-19 cases from the blockchain platform. The authors also introduced a noble P2P-Mobile application to make people aware of the infection risk in surrounding places. The Mass-Surveillance System is able to identify a specific infected person, the person he met, and the place he visited. However, considering public blockchain, this paper did not include cost analysis. Also, Mass-Surveillance System requires a nationwide surveillance system like China or the USA, which is not feasible for most of the developing countries.

Blockchain Overview
This section starts with a formal definition of blockchain technology. Blockchain is a shared ledger that is append-only, immutable, and secured [25] [26]. This shared ledger is maintained utilizing a distributed network of nodes [27] where these participating nodes called peers may have full or partial viewability of all the transactions in a blockchain. Blockchain is immutable in the sense that no participant can alter, tamper, or conceal a recorded transaction. However, blockchain is updateable via carefully crafted consensus arrangements among peers. The primary purpose of blockchain is to record transactions and tracking assets where the assets may be tangible, like a house or cash, or it may be intangible like intellectual property [25]. To ease the implementation of the concepts as mentioned earlier, blockchain can be defined as the chain of blocks of data containing transaction records where each block points to the previous block in the chain using hashing function [28].
Nevertheless, many researchers have classified blockchain networks based on different considerations. To serve the basis of our research, we broadly divide the blockchain network into two categories, (1) Permissioned Blockchain and (2) Permissionless Blockchain. Moreover, each of these categories can be further classified into Public and Private blockchain based on the reading access and the right to initiate a new transaction [29]. As the name suggests, in permissioned blockchain, only a few preselected trustworthy peers have the writing access, and to facilitate this, each peer in the network is identified by a unique ID [25] [29]. This group of peers can verify a transaction and participate in the consensus process. On the contrary, in the case of permissionless blockchain, writing access is granted to every peer in the network, which gives them the rights of transaction verification, creation, and addition of new block in the blockchain requiring complicated and costly Proof-of-Work [29].
In our experiment, we are going to consider one of the permissioned and private blockchain architectures, more specifically, Hyperledger Fabric [30] [31]. These restrictions to transaction details enable us to store more transactions in the blockchain and provide the authority to the user of the systems to specify which transactions are going to accessible by whom [25]. Also, it reduces the complexity, cost, and time consumption related to Proof-of-Work.

Hyperledger Fabric-based System Architecture
As the traditional blockchain is permissionless and data privacy through access restrictions is one of the critical requirements of our proposed system, Hyperledger Fabric (HLF) is a suitable and feasible solution we have to incorporate in our experiment. HLF is a highly modular, permissioned, Distributed Ledger Technology (DLT) framework for developing blockchain-based enterprise solutions initiated by IBM and Digital Asset as a contribution to the Hyperledger project [26] [32]. Supporting modular architecture, it offers pluggable and interchangeable functionality using container technology (Docker). Moreover, as container technology can host any programming language, we can develop a smartcontract using any programming language in HLF [26]. It is worth mentioning here that the smart-contract is called chaincode in HLF [30] [32] [33]. Besides, as per our proposed system requirements, HLF is also capable of reducing the computation complexity involved in Proofof-Work [25]. Figure 2 shows our proposed system architecture involving HLF.

Figure 2. Overview of HLF-based System Architecture
We can divide our proposed architecture into three sections, (1) Mobile Application and End-user Registration, (2) Client Application, and (3) Hyperledger Fabric Core Network. Next, we would like to briefly describe how these three sections would combinedly work to reach the goal of our experiment.

(1) Mobile Application and End-user Registration:
The functionality of the proposed system starts with end-user or patient registration. The end-user needs to register first using a mobile app with some necessary information. Besides the self-explanatory features of the end-user or patient, "Category" indicates his or her current health status, whether the end-user is COVID-19 Positive, Negative or Suspected. Most importantly, the "Category" of a person is registered as "Suspected" if the person has met any confirmed COVID-19 case or visited any highly infected place, or shows very few primary symptoms. This feature will eventually help the public place administrations to be aware of the hidden prospective infection. "COVID-19 History", which is a boolean feature, reflects whether he or she was a COVID-19 patient ever. Figure 3 shows a detailed flowchart of the end-user registration process. Here we have considered that every person has a unique National Identity (NID) Number, which will eventually be the username of every registered end-user in our system. To prevent fraudulent activities, we have kept provision for NID checking with Central NID Database while signing up and signing in process. After signing up, a genesis block is created and stored in secured cloud storage. Here, the government of a country may arrange to provide this cloud service or the end-user may be responsible for the cloud service subscriptions [22].

Figure 3. Flowchart of Patient Registration
However, we strongly suggest the government of a country providing the secured cloud service to its citizen so that there is no dependency on the personal subscription, which may eventually lead to data loss or unavailability of data after the subscription expires. Based on the information stored in the blockchain in the cloud, a QR code is generated and shared via the mobile application of the end-user. This QR code gives "Read" access to any third party in any public place wherever necessary to show the current COVID-19 Status and COVID-19 History of the end-user. However, the mobile application can generate separate and protected QR code, scanning which any healthcare service provider like a hospital, community clinic, or diagnostic center can get "Write" access in the blockchain stored in the cloud so that they can update the health status of the end-user by adding a new block. To facilitate the update of the health record of the end-user, they also can get a local copy of it. In both cases discussed above, the end-user has the full authority on his health record controlling access permission. On the contrary, as the health record is maintained using blockchain, it is quite impossible to tamper with any information once recorded.
(2) Client Application: Client Application resides at the registered healthcare service provider (HCSP) end, e.g., the hospital. The client application contains SDK, also known as Hyperledger Fabric Client, responsible for interacting with the blockchain network. Besides, we also propose to equip the client application so that it can scan the protected QR code shared by the end-user from his or her mobile application and get "Read" and/or "Write" access to the blockchain containing medical records in the cloud. If the end-user receives any treatment or does any medical test related to COVID-19, the client application will initiate a new block addition with the patient's medical record. Now, a question may arise on how this access permission is managed. For an illustration of this process, we need the concept of the asset in the blockchain technology. From the perspective of blockchain technology, an asset is anything, tangible or intangible, which has value and can be represented digitally and modified using chaincode transactions [34]. In our proposed architecture, we have considered that the health record of the end-user or patient is encrypted using symmetric key encryption and to impose more security while granting and revoking access to HCSP this symmetric key is again encrypted using RSA cryptography [35]. Figure 4 shows the flowchart depicting the client application's access management to the health record of the patient.  [36]. Like standard HLF network, our proposed system also has Endorsing peers and Committing peers denoted by "E" and "C" respectively, in Figure 2. If any update in a patient's health record is required, based on the endorsement policy, the client application calls the selected endorsing peers with a transaction proposal, which enables the endorsing peers to execute the chaincode installed in them independently [37]. As a result, endorsing peers generate transaction response and send it back to the client. However, the generation of this transaction response does not bring any change in the local copy of the blockchain containing the patient's health record. Based on the responses received, the client application then builds a transaction and sends it to the ordering service. Upon receiving this transaction with many other transactions from the network, ordering service then packages these transactions into blocks and send them to all the peers in the network for validation. After successful validation, the peers will update the local copy of the blockchain, the health record of the patient, and send an event notification to the client. Figure 5 depicts the detailed transaction flow of the HLF core.

Figure 5. Transaction Flow in HLF
Finally, the client application will update the blockchain in the cloud with its "write" access. Here, we propose to include the committing peer in the network for validating and committing a new block, and future auditing purposes. However, besides the patient's health record update operation, these healthcare service providers may need to perform query operation. Query operation, in this case, is comparatively less complicated where any peer can respond to it based on the local copy of the blockchain, without consulting any other peers in the network.
Channel is an essential concept in our proposed architecture to accommodate the access of multiple users. Unlike peers, channels are more like logical arrangements allowing different users to maintain separate blockchains using the same network [26] [22]. It is worth mentioning here that peers can join more than one channel concurrently, and each channel maintains its blockchain. Another crucial module in our network is the Membership Service Provider (MSP), which provides and maintains the identity of all participating nodes and authenticate their operations in the HLF architecture using a digital certificate. It also can define different user and operation-specific access types in the certificate during channel establishment. Another fundamental component of the HLF network is chaincode, which is a smart-contract, to be very specific, a computer code, installed in endorsing peers [37]. However, a Docker container keeps the execution of chaincode isolated from the peer and ordering service processes. The primary benefit of chaincode is that it eradicates the involvement of any intermediary making the transaction execution faster [34].

Conclusion
The scarcity of medical and technological resources, combined with the growing number of COVID-19 confirmed cases worldwide, overburdened healthcare systems, and medieval health policy put most of the countries in a position where only all-pervading solutions in every domain can help them to tackle the COVID-19 situation. As still there is no accurate vaccine or medicine for COVID-19, a better prevention strategy can help to reduce infection spreading. It is observed that social distancing or lockdown in a worse case can drastically lessen the number of active cases. However, it is challenging to maintain in the long run in lower-income and densely populated countries. As a result, people become habituated in their daily affairs again and gradually become unaware of the hidden contagion, which in turn is a big threat to public health.
Even though the blockchain application in the healthcare domain is still in the embryonic stage, it has shown how to transform the existing centralized and quite susceptible healthcare system into a decentralized and secured platform. User and data privacy with authentic access permission is always a prime concern in any healthcare solution. The Hyperledger Fabric, as a permissioned blockchain, brings two essential benefits to our proposed model. Firstly, it makes the data transparent among the relevant stakeholders only using MSP and channel concepts. Secondly, comparing with the public blockchain solutions, it reduces the computing cost of the system, utilizing the endorsement policy and chaincode, which is necessary to tackle any emergency situation. Our proposed model also ensures a convenient mobile-based user registration incorporating agile cloud services to make the data available wherever needed. Not only this system establishes the user authority to control access in health records with different access permission, but it also reinforces the participation of the healthcare service providers to authenticate the health records. The system requires very few and specific health information of its user to serve the purpose. It is also capable of showing the condition of the patient in realtime using the QR code. The use of QR code also facilitates to grant necessary access rights to the HCSP or any other third party. As a result, the authority of any public place may come to know about any person whether he/she is COVID-19 positive or negative or suspected and take necessary steps if they find any positive or suspected case to mitigate further unaware infection.

Limitation and Future Work
So far, in our proposed model, the data stored is textual. However, in the future, we have a plan to incorporate storing medical images, e.g., X-ray, CT scan, securely in the cloud so that any HCSP can access them agilely for treatment purposes. There is also scope to include medication and treatment details for future appointments with the doctor. As the current objective of this article is to avoid unaware infection of COVID-19 and tackle community transmission by identifying a patient's health condition, we have discarded all the measures related to treatment and insurance claiming.