Decentralized Health & Wellness Powered by Stellar
VitaStellar is a decentralized health and wellness platform built on the Stellar ecosystem. The platform enables users to track health goals, manage wellness activities, receive personalized insights, and maintain ownership of health-related data through secure and transparent blockchain infrastructure.
Built on Soroban smart contracts for the Stellar blockchain, VitaStellar provides a comprehensive suite of smart contracts for:
- Health goal tracking and wellness habit management
- Patient-controlled medical records with role-based access
- Wellness achievements and incentive programs
- Secure, encrypted on-chain data storage
- Decentralized governance and audit trails
- Community health initiatives
- Project Overview
- Setup Instructions
- Features
- Architecture
- Visual Documentation
- Project Structure
- Usage Examples
- Deployment
- Developer Guide
- CLI Guide
- Helpful Links
- Contribution Guidelines
- Contract Review Checklist
- Troubleshooting
- FAQ
- License
VitaStellar transforms medical record management by leveraging Stellar's blockchain infrastructure to create an immutable, secure, and patient-centric healthcare data ecosystem. The system addresses critical healthcare challenges including data breaches, interoperability issues, and patient privacy concerns through cryptographic security and decentralized governance.
Key Benefits:
- Enhanced Security: Military-grade encryption protects sensitive medical data
- Patient Control: Patients grant and revoke access to their records
- Interoperability: Standardized format enables seamless data exchange
- Audit Trail: Complete, immutable history of all record access and modifications
- Cultural Respect: Support for traditional healing practices and metadata
Target Users:
- Healthcare providers and hospitals
- Medical research institutions
- Health insurance companies
- Patients seeking control over their medical data
- Traditional medicine practitioners
The project includes an advanced Contract Optimization Recommendations Engine that analyzes smart contracts and provides actionable recommendations for:
- Gas Optimization: Reduce transaction costs through efficient code patterns
- Storage Efficiency: Optimize data storage and access patterns
- Algorithm Optimization: Improve computational efficiency
- Batching Opportunities: Group operations to minimize overhead
- Parallelization Possibilities: Identify opportunities for concurrent execution
The engine integrates with CI/CD pipelines to automatically review pull requests and track recommendation accuracy over time.
Before you begin, ensure you have the following installed:
- Rust 1.78.0+ - Install Rust
- Soroban CLI v21.7.7+ - Install Soroban
- Git - For version control
- Make - For using the provided Makefile (optional but recommended)
Get up and running in under 5 minutes:
# Clone the repository
git clone https://github.com/your-org/VitaStellar-Contracts.git
cd VitaStellar-Contracts
# Run the automated setup script
chmod +x setup.sh
./setup.sh
# Or use the Makefile for step-by-step setup
make setupThe setup.sh script handles everything automatically:
./setup.shThis script will:
- Install Rust 1.78.0 and required targets
- Install Soroban CLI v21.7.7
- Set up project structure
- Configure Soroban networks (local, testnet, futurenet)
- Build the project and run tests
- Generate default identity
# Install Rust targets and components
rustup target add wasm32-unknown-unknown
rustup component add rustfmt clippy rust-src
# Install Soroban CLI
cargo install --locked --version 21.7.7 soroban-cli
# Configure Soroban
soroban config identity generate default
soroban config network add local \
--rpc-url http://localhost:8000/soroban/rpc \
--network-passphrase "Standalone Network ; February 2017"
# Build the project
cargo build --all-targets
# Run tests to verify setup
cargo test --allEnsure everything is working correctly:
# Run all tests
make test
# Or use cargo directly
cargo test --all
# Run specific test types
make test-unit # Unit tests only
make test-integration # Integration tests only
# Test the optimization engine
./scripts/test_optimizer.sh
# Run optimization analysis
make optimize
# Generate optimization report
make analyze-optimizations
# View optimization metrics
make optimization-metricsThe project supports multiple Stellar networks:
# Start local development network
make start-local
# or
soroban network start local
# Deploy to local network
make deploy-local
# Stop local network
make stop-localAvailable Networks:
- Local:
http://localhost:8000/soroban/rpc(Development) - Testnet:
https://soroban-testnet.stellar.org:443(Testing) - Futurenet:
https://rpc-futurenet.stellar.org:443(Staging)
We've created extensive visual documentation using Mermaid.js to help you understand the complex interactions between contracts and system components.
- System Architecture Overview - Complete system architecture with all contracts and their interactions
- Payment Flow Diagrams - Healthcare payment processing, escrow, and settlement flows
- Identity Verification Flow - W3C DID-based identity management and verification
- Cross-Chain Interaction Flow - Multi-chain data synchronization and access patterns
- Data Access Patterns - Secure data access control and privacy protection flows
graph TD
A[Patient] -->|Consent| B[Consent Contract]
B -->|Access Grant| C[Medical Records]
C -->|Log Access| D[Audit Contract]
- GitHub: Automatic rendering in README files
- VS Code: Install "Markdown Preview Mermaid Support" extension
- Web: Add Mermaid.js to your HTML pages
- Documentation: See docs/DIAGRAMS_INDEX.md for complete guide
These diagrams provide essential context for understanding:
- How contracts interact with each other
- Data flow and access patterns
- Cross-chain synchronization processes
- Payment and settlement mechanisms
- Identity verification workflows
- Encrypted on-chain medical records storage
- Role-based access control (patients, doctors, admins)
- Immutable timestamping and full history tracking
- Integration of traditional healing metadata
- Public key-based identity verification
- Fully testable, modular, and CI-enabled
- Gas-efficient contract design
- Decentralized governance with Governor + Timelock (proposals, voting, queued execution)
- Upgrade-safe deprecation tracking for legacy contract entrypoints with warning events and migration guides
See docs/CLI_GUIDE.md for advanced transaction management commands and examples.
VitaStellar-Contracts/
β
βββ contracts/
β βββ medical_records/
β βββ src/
β β βββ lib.rs # Main contract logic
β βββ Cargo.toml # Contract dependencies
β
βββ scripts/ # Deployment and interaction scripts
β βββ deploy.sh # Contract deployment
β βββ interact.sh # Contract interaction
β βββ test_scripts/ # Test utilities
β
βββ tests/
β βββ integration/ # Integration tests
β βββ unit/ # Unit tests
β
βββ docs/ # Documentation
β βββ api.md # API reference
β βββ architecture.md # Architecture details
β
βββ .github/
β βββ workflows/
β βββ ci.yml # Continuous integration
β
βββ setup.sh # Automated setup script
βββ makefile # Build automation
βββ dockerfile # Docker support
βββ Cargo.toml # Workspace configuration
βββ README.md # This file
# Deploy the medical records contract
./scripts/deploy.sh medical_records local
# Initialize the contract with admin
./scripts/interact.sh <CONTRACT_ID> local initialize
# Register a new patient
./scripts/interact.sh <CONTRACT_ID> local register_patient \
--patient-id "P12345" \
--public-key "GD5..."
# Add a medical record
./scripts/interact.sh <CONTRACT_ID> local write_record \
--patient-id "P12345" \
--doctor-id "D67890" \
--encrypted-data "QmXxx..." \
--metadata "traditional_healing"# Complete development workflow
make dev-deploy
# Individual steps
make build # Build contracts
make test # Run tests
make start-local # Start local network
make deploy-local # Deploy contracts# Quick deployment to local network
make dev-deploy
# Step-by-step deployment
make clean
make build-opt
make dist
make start-local
make deploy-local# Configure testnet (if not already configured)
soroban config network add testnet \
--rpc-url https://soroban-testnet.stellar.org:443 \
--network-passphrase "Test SDF Network ; September 2015"
# Build for deployment
make build-opt
# Deploy to testnet
./scripts/deploy.sh medical_records testnetFor production deployment on Stellar Mainnet:
- Ensure you have sufficient XLM for deployment
- Configure mainnet network settings
- Use optimized builds:
make build-opt - Consider using the provided Dockerfile for consistent builds
# Build production Docker image
docker build -t vitastellar-contracts .
# Deploy using Docker
docker run -it --rm -v $(PWD):/workspace vitastellar-contracts \
make build-opt deploy-mainnetThe project includes a comprehensive CI/CD pipeline for automated testing, building, security scanning, and deployment.
The CI workflow (.github/workflows/ci.yml) runs on every push and pull request:
- Code Formatting: Checks code formatting with
cargo fmt - Linting: Runs Clippy with strict warnings
- Unit Tests: Executes all unit tests
- Integration Tests: Runs integration tests with Soroban CLI
- Build: Builds optimized WASM contracts
- Shell Script Linting: Validates shell scripts with ShellCheck
# View CI status
# Check the "Actions" tab on GitHub or:
gh workflow view ci.ymlThe security workflow (.github/workflows/security.yml) performs automated security checks:
- Dependency Audit: Scans for known vulnerabilities with
cargo-audit - Security-focused Clippy: Checks for security anti-patterns
- Secret Scanning: Detects hardcoded secrets with Gitleaks
- Dependency Review: Reviews dependency changes in PRs
Runs on:
- Every push to main/develop branches
- Pull requests
- Daily at 2 AM UTC (scheduled)
The deployment workflow (.github/workflows/deploy-testnet.yml) automatically deploys to testnet:
Triggers:
- Pushes to
developbranch - Version tags (e.g.,
v1.0.0) - Manual workflow dispatch
Process:
- Runs pre-deployment tests (unless skipped)
- Builds optimized contracts
- Deploys to testnet
- Verifies deployments
- Creates deployment summary
Configuration:
Set up the following GitHub secrets:
TESTNET_DEPLOYER_SECRET_KEY: Secret key for testnet deployment account
# Manual deployment via GitHub Actions
gh workflow run deploy-testnet.yml \
--field contract=medical_records \
--field skip_tests=falseDeploy contracts with automatic backup and rollback support:
# Deploy with rollback enabled (default)
./scripts/deploy_with_rollback.sh medical_records testnet
# Deploy without rollback
./scripts/deploy_with_rollback.sh medical_records testnet default --no-rollbackFeatures:
- Automatic backup of current deployment
- Rollback on deployment failure
- Contract verification after deployment
- Deployment metadata tracking
Deploy all contracts to a specific environment:
# Deploy all contracts to testnet
./scripts/deploy_environment.sh testnet
# Deploy specific contracts
./scripts/deploy_environment.sh testnet --contracts medical_records,identity_registry
# Skip tests (not recommended)
./scripts/deploy_environment.sh testnet --skip-testsEnvironments:
local: Local development networktestnet: Stellar testnetfuturenet: Stellar futurenet (staging)mainnet: Production mainnet (requires confirmation)
Monitor deployed contracts and receive alerts:
# Monitor all deployments on testnet
./scripts/monitor_deployments.sh testnet
# Monitor with alerts on failure
./scripts/monitor_deployments.sh testnet --alert-on-failureFeatures:
- Health checks for all deployed contracts
- Contract verification
- Alert generation for unhealthy contracts
- Deployment status reporting
Rollback a contract to a previous version:
# Interactive rollback (selects latest backup)
./scripts/rollback_deployment.sh medical_records testnet
# Rollback to specific backup
./scripts/rollback_deployment.sh medical_records testnet \
deployments/testnet_medical_records_backup_20240101_120000.jsonProcess:
- Lists available backups
- Verifies backup contract exists
- Restores deployment configuration
- Logs rollback action
View deployment status across all networks:
# Show all deployments
./scripts/deployment_status.sh
# Show deployments for specific network
./scripts/deployment_status.sh testnetInformation displayed:
- Contract names and IDs
- Deployment timestamps
- Rollback status
- Backup availability
- Rollback history
-
Development: Make changes and test locally
make test make build-opt -
CI Validation: Push to branch triggers CI
- Tests run automatically
- Security scans execute
- Build artifacts created
-
Testnet Deployment: Merge to
developtriggers testnet deployment- Contracts deployed automatically
- Verification runs
- Status reported
-
Production Deployment: Manual deployment to mainnet
./scripts/deploy_environment.sh mainnet
If a deployment fails or issues are detected:
-
Identify Issue: Check deployment logs and monitoring
./scripts/monitor_deployments.sh testnet
-
Review Backups: List available backups
./scripts/rollback_deployment.sh medical_records testnet
-
Execute Rollback: Restore previous version
./scripts/rollback_deployment.sh medical_records testnet <backup_file>
-
Verify: Confirm rollback success
./scripts/monitor_deployments.sh testnet
Deployment information is stored in the deployments/ directory:
deployments/
βββ testnet_medical_records.json # Current deployment
βββ testnet_medical_records_backup_*.json # Backup files
βββ rollback_log.json # Rollback history
βββ alerts.log # Alert log
Deployment File Format:
{
"contract_name": "medical_records",
"contract_id": "C...",
"network": "testnet",
"deployer": "deployer-testnet",
"deployed_at": "2025-01-15T10:30:00Z",
"wasm_hash": "...",
"commit_sha": "..."
}- Always run tests locally before pushing
- Review CI results before merging PRs
- Monitor deployments after each release
- Keep backups for critical deployments
- Use rollback when issues are detected
- Document any manual deployment steps
- Formatting errors: Run
cargo fmt --all - Clippy warnings: Fix warnings or add
#[allow(...)]with justification - Test failures: Review test output and fix issues
- Build failures: Check Rust version and dependencies
- Network issues: Verify network connectivity and RPC endpoints
- Insufficient funds: Fund deployment account
- Contract errors: Check contract logs and verify WASM file
- Identity issues: Ensure identity is properly configured
- No backups: Previous deployments weren't backed up
- Invalid backup: Backup file may be corrupted
- Contract not found: Backup contract may have been removed
For more help, check the GitHub Issues or Discussions.
- API Reference - Complete contract API documentation and stability guarantees
- Architecture Guide - System design and patterns
- Type Safety Guidelines - Best practices for Soroban type safety
- Contract Resource Limits - Storage, execution, and batch constraints for all contracts
- Soroban Documentation - Official Soroban docs
- Stellar Developer Portal - Stellar ecosystem
- Contracts - Smart contract source code
- Scripts - Deployment and utility scripts
- Tests - Test suites and examples
- CI/CD - GitHub Actions workflows
- Stellar Laboratory - Transaction builder and explorer
- Stellar Expert - Blockchain explorer
- Rust Documentation - Rust language reference
We welcome contributions from the community! Please follow these guidelines to ensure smooth collaboration.
- Fork the repository on GitHub
- Clone your fork locally:
git clone https://github.com/your-username/VitaStellar-Contracts.git cd VitaStellar-Contracts - Add upstream remote:
git remote add upstream https://github.com/original-org/VitaStellar-Contracts.git
-
Create a feature branch:
git checkout -b feature/your-feature-name
-
Make your changes following our coding standards:
- Use
cargo fmtfor formatting - Run
cargo clippyfor linting - Ensure all tests pass:
cargo test
- Use
-
Review the contract review checklist in docs/contract-review-checklist.md
-
Test thoroughly:
make test # Run all tests make check # Run formatting, linting, and tests
-
Commit your changes:
git commit -m "feat: add your feature description" -
Push to your fork:
git push origin feature/your-feature-name
-
Create a Pull Request with:
- Clear description of changes
- Links to relevant issues
- Test results
- Documentation updates (if applicable)
- Rust: Follow official Rust style guidelines
- Documentation: Include doc comments for all public functions
- Tests: Maintain >80% code coverage
- Commits: Use Conventional Commits format
All PRs undergo:
- Automated checks (CI/CD pipeline)
- Code review by maintainers
- Integration testing on testnet
- Security audit for significant changes
Review contract submissions using the shared checklist at docs/contract-review-checklist.md.
A contribution is complete when:
- β
All tests pass (
cargo test) - β
Code is formatted (
cargo fmt) - β
No linting warnings (
cargo clippy) - β Documentation is updated
- β CI/CD pipeline passes
- β Security review completed (if applicable)
This project is licensed under the MIT License - see the LICENSE file for details.
Copyright Β© 2025 VitaStellar Contributors
Problem: Rust installation fails
# Solution: Use rustup installer
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source ~/.cargo/envProblem: Soroban CLI not found
# Solution: Install with specific version
cargo install --locked --version 21.7.7 soroban-cliProblem: Permission denied on setup.sh
# Solution: Make script executable
chmod +x setup.sh
./setup.shProblem: WASM target not found
# Solution: Add WASM target
rustup target add wasm32-unknown-unknownProblem: Contract compilation fails
# Solution: Clean and rebuild
make clean
make buildProblem: Local network won't start
# Solution: Check if port is in use
netstat -tulpn | grep :8000
# Kill existing process if needed
sudo kill -9 <PID>
# Restart network
make start-localProblem: Testnet deployment fails
# Solution: Check account balance
soroban config account show
# Fund account if needed
# (Use Stellar Laboratory or friendbot on testnet)Problem: Contract not found after deployment
# Solution: Verify contract exists
soroban contract invoke --id <CONTRACT_ID> --network testnet \
--wasm target/wasm32-unknown-unknown/release/<CONTRACT_NAME>.wasm \
-- function_name="get_version"Problem: Transaction timeout
# Solution: Increase timeout or use local network
soroban contract invoke --id <CONTRACT_ID> --network local \
--timeout 300 \
-- function_name="your_function"If you encounter issues not covered here:
- Check the logs: Look at the full error output
- Search existing issues: Check GitHub Issues
- Ask for help: Start a GitHub Discussion
- Join our community: Connect with other developers
Q: What is VitaStellar? A: VitaStellar is a decentralized health and wellness platform built on the Stellar ecosystem that empowers individuals to manage health goals, track wellness activities, maintain ownership of health-related data, and participate in blockchain-powered wellness incentive programs.
Q: Why use blockchain for medical records? A: Blockchain provides immutability, security, audit trails, and patient control over data access - all critical for healthcare data.
Q: Is this HIPAA compliant? A: The system is designed with privacy and security principles that align with HIPAA requirements, but compliance depends on implementation and usage.
Q: What programming languages are used? A: Smart contracts are written in Rust using the Soroban framework. The project also includes shell scripts for deployment and automation.
Q: Can I run this on my own infrastructure? A: Yes, you can deploy to your own Stellar node or use the public testnet/mainnet networks.
Q: How are medical records encrypted? A: Records are encrypted using public key cryptography before being stored on-chain. Only authorized parties with the correct keys can decrypt the data.
Q: What about traditional medicine? A: The system includes metadata fields specifically designed to support traditional healing practices and indigenous medical knowledge.
Q: How do I contribute? A: See the Contribution Guidelines section. We welcome bug reports, feature requests, and code contributions.
Q: What's the best way to test changes?
A: Use the local development network for testing: make start-local && make deploy-local
Q: Are there any gas fees? A: Yes, Stellar transactions require small fees in XLM, but they are significantly lower than other blockchain platforms.
Q: Can I deploy to mainnet? A: Yes, but ensure thorough testing on testnet first. Mainnet deployment involves real costs and should be done carefully.
Q: How do I handle contract upgrades? A: The system includes upgrade-safe deprecation tracking and migration guides for legacy contracts.
Q: What about data privacy? A: All sensitive medical data is encrypted before storage, and access is controlled through patient consent mechanisms.
- Issues: GitHub Issues
- Discussions: GitHub Discussions
- Documentation: Project Docs
Built with β€οΈ for the healthcare community