marleymarl
commented
4 years ago Based on comment from @finneykewa we should look to add a Whitelister role (e.g. that would be used by a verifiedOrganization testing center) that would enable them to add individuals to the whitelist to add geotimelines to the blockchain. In this case the individuals would be in essence verifiedOrganizations but could be limited to the number of geotimelines they can add (e.g. 1 per address). In practical terms this could be bundled with a wallet (mobile or browser-based) that a testing center could issue to the individual being tested as part of the testing workflow.
BaNazari
As drafted here: https://github.com/marleymarl/EIPs/edit/eip-2611/EIPS/eip-2611.md
Content below.
eip: 2611 title: Geotimeline Contact Tracing Data Standard author: Greg Marlin (@marleymarl) discussions-to: https://github.com/marleymarl/geotime/issues/95 status: Draft type: Standards Track category: ERC created: 2020-04-23
Simple Summary
A standard interface for storing to and retrieving from the blockchain historical points of location and time, collectively those points forming a geotimeline for individuals, for the purpose of contact tracing for COVID-19 and any other pandemic, in an anonymous and private way, while at the same time ensuring data integrity.
Abstract
This standard outlines a smart contract interface for recording and retrieving geotimelines for the purpose of contact tracing. The key issue is that it is important to share this data and at the same time maintain privacy and anonymity of both confirmed cases of COVID and of those people wanting to check their geotimelines against that data. At the same time it is important to provide a way to ensure that the data is entered through trusted parties. The Geotimeline standard enables contact tracing organizations to be whitelisted before securely, anonymously and privately storing this information and making it available for retrieval.
Motivation
Contact tracing is a critical activity for reducing the spread of COVID-19 and other pandemic viruses, and in helping to mitigate risks after the end of quarantine periods. Key issues related to contact tracing include data integrity and availability, as well as individual privacy and anonymity.
The GeoTimeline international team of volunteers have been working on an open source map data input front-end component library that makes it easy to capture geotimelines, points of location and time that each represent a set of historical footprints that identify to one person but protect privacy and anonymity through the assignment of random uuids.
Contact tracing workers capture this information by clicking on a map and adding a date and time to associate with that latitude and longitude point using a pop-up modal form. After a set of these points with date and time are collected, they are saved as one geotimeline.
The GeoTimeline Application can be used by contact tracing organization that are typically made up of many human team members interviewing people and recording the information.
This standard addresses the issues of privacy and anonymity as well as data integraty and availability in the following ways:
By applying this standard, GeoTimeline will integrate secure signing and authentication of a trusted party through the integration of an Ethereum wallet on the frontend (using MetaMask / web3.js) to be used to prove the organization entering the data is a verified organization. The geotimelines will be represented on the blockchain as an address with associated geotimeline bounding box coordinates and status (confirmed case, suspect, not suspect, recovered). Nothing will be able to be tied back to an individual's personal identity by looking at the blockchain. At the same time they key information that is needed to be open and available will be there and queryable, namely the geotimeline information.
Specification
Methods
geotimeline
Returns the hash of set of footprints associated with a timeline address, along with it geotimeline bounding box values (2 geohashes representing top-left and bottom-right lat/lon values and 2 timestamps representing earliest time and latest time)
getAllGeoTimelines
Returns all timeine addresses that fall within geotimeline bounding box values (timestamps falling in between earliestTime and lastestTime and geohashes falling in between upperLeftGeoHash and bottomRightGeoHash)
addGeoTimeline
Saves a timeline using an IPFS hash representing all footprints in a geotimeline, along with its bounding box values of start date/time, end date/time, upper-left geohash and bottom-right geohash as well as status (confired case, not suspect, suspect, recovered)
addVerifiedOrganization
Adds the wallet address of a contact tracing organization to a list of approved addresses that can add geotimeline data
isVerifiedOrganization
Adds the wallet address of a contact tracing organization to a list of approved addresses that can add geotimeline data
updateTimelineStatus
Updates the status of a given timeline to reflect a new value (non suspect, suspect, confirmed, recovered)
Events
GeoTimelineAdded
MUST trigger when a new geotimeline is added.
VerifiedOrganizationAdded
MUST trigger when a new verifiedOrganization is added.
VerifiedOrganizationRemoved
MUST trigger when a verifiedOrganization is removed.
ConfirmedCaseUpdate
MUST trigger when the status of a geotimeine is updated to confirmed.
Rationale
The proposed solution was designed to provide a way to address key issues of data integrity and availability, while at the same time ensuring anonymity and privacy of the individuals whose geotimelines are being stored on and retrieved from the blockchain.
By creating an EIP, we hope to increase the use of Ethereum as an open immutable data store for contact tracing data and encourage contact tracing organizations to thus make this data open and available while preserving privacy and anonymity.
Test Cases
GeoTimeline will be implementing this within its project and will be approaching contact tracing organizations to use it within the framework of the overall contact tracing solution. This section will be updated when GeoTimeline has deployed a smart contract based on this standard to the Ropsten test network.
Implementation
Copyright
Copyright and related rights waived via CC0.