Merge pull request #228 from Mac-5/feature/stellar-hash-anchoring

Feature/stellar hash anchoring

Author: llins

.env.sample

@@ -41,6 +41,10 @@ AWS_S3_BUCKET=petchain-files
 STELLAR_WALLET_MASTER_KEY=your-32-byte-base64-key
 STELLAR_DEFAULT_NETWORK=TESTNET
 
+# Stellar Hash Anchoring — dedicated keypair for medical record anchoring
+# Generate with: stellar-sdk keypair generate (or use Stellar Laboratory)
+STELLAR_ANCHOR_SECRET_KEY=your-stellar-secret-key-for-anchoring
+
 # Application Configuration
 NODE_ENV=development
 PORT=3000

backend/src/modules/blockchain/blockchain-sync.module.ts

@@ -1,6 +1,7 @@
 import { Module } from '@nestjs/common';
 import { TypeOrmModule } from '@nestjs/typeorm';
 import { BlockchainSync } from './entities/blockchain-sync.entity';
+import { MedicalRecordAnchor } from './entities/medical-record-anchor.entity';
 import { BlockchainSyncService } from './blockchain-sync.service';
 import { BlockchainSyncController } from './blockchain-sync.controller';
 import { StellarService } from './stellar.service';
@@ -10,10 +11,15 @@ import { ContractManagementService } from './contract-management.service';
 import { ContractInteractionService } from './contract-interaction.service';
 import { PaymentAutomationService } from './payment-automation.service';
 import { ContractEventMonitorService } from './contract-event-monitor.service';
+import { HashAnchoringService } from './hash-anchoring.service';
+import { HashAnchoringController } from './hash-anchoring.controller';
+import { MedicalRecord } from '../medical-records/entities/medical-record.entity';
 
 @Module({
-  imports: [TypeOrmModule.forFeature([BlockchainSync])],
-  controllers: [BlockchainSyncController],
+  imports: [
+    TypeOrmModule.forFeature([BlockchainSync, MedicalRecordAnchor, MedicalRecord]),
+  ],
+  controllers: [BlockchainSyncController, HashAnchoringController],
   providers: [
     BlockchainSyncService,
     StellarService,
@@ -23,6 +29,7 @@ import { ContractEventMonitorService } from './contract-event-monitor.service';
     ContractInteractionService,
     PaymentAutomationService,
     ContractEventMonitorService,
+    HashAnchoringService,
   ],
   exports: [
     BlockchainSyncService,
@@ -32,6 +39,7 @@ import { ContractEventMonitorService } from './contract-event-monitor.service';
     ContractInteractionService,
     PaymentAutomationService,
     ContractEventMonitorService,
+    HashAnchoringService,
   ],
 })
 export class BlockchainSyncModule {}

backend/src/modules/blockchain/entities/medical-record-anchor.entity.ts

@@ -0,0 +1,69 @@
+import {
+  Entity,
+  PrimaryGeneratedColumn,
+  Column,
+  CreateDateColumn,
+  UpdateDateColumn,
+  Index,
+} from 'typeorm';
+
+export enum AnchorStatus {
+  PENDING = 'pending',
+  QUEUED = 'queued',
+  ANCHORED = 'anchored',
+  CONFIRMED = 'confirmed',
+  FAILED = 'failed',
+}
+
+@Entity('medical_record_anchors')
+export class MedicalRecordAnchor {
+  @PrimaryGeneratedColumn('uuid')
+  id: string;
+
+  @Column()
+  @Index()
+  recordId: string;
+
+  /** SHA-256 of the canonical record payload */
+  @Column()
+  recordHash: string;
+
+  @Column({ type: 'enum', enum: AnchorStatus, default: AnchorStatus.PENDING })
+  @Index()
+  status: AnchorStatus;
+
+  /** Stellar transaction hash once submitted */
+  @Column({ nullable: true })
+  txHash: string;
+
+  /** Ledger sequence number of confirmed transaction */
+  @Column({ type: 'bigint', nullable: true })
+  ledgerSequence: number;
+
+  /** Fee paid in stroops */
+  @Column({ nullable: true })
+  feePaid: string;
+
+  /** Batch ID when anchored as part of a batch */
+  @Column({ nullable: true })
+  @Index()
+  batchId: string;
+
+  @Column({ default: 0 })
+  retryCount: number;
+
+  @Column({ type: 'text', nullable: true })
+  lastError: string;
+
+  @Column({ type: 'timestamp', nullable: true })
+  anchoredAt: Date;
+
+  @Column({ type: 'timestamp', nullable: true })
+  confirmedAt: Date;
+
+  @CreateDateColumn()
+  createdAt: Date;
+
+  @UpdateDateColumn()
+  updatedAt: Date;
+}

backend/src/modules/blockchain/hash-anchoring.controller.ts

@@ -0,0 +1,27 @@
+import { Controller, Get, Post, Param, Body } from '@nestjs/common';
+import { HashAnchoringService } from './hash-anchoring.service';
+
+@Controller('medical-records/anchor')
+export class HashAnchoringController {
+  constructor(private readonly anchoringService: HashAnchoringService) {}
+
+  @Post(':recordId')
+  queue(@Param('recordId') recordId: string) {
+    return this.anchoringService.queueAnchor(recordId);
+  }
+
+  @Post('batch')
+  queueBatch(@Body('recordIds') recordIds: string[]) {
+    return this.anchoringService.queueBatch(recordIds);
+  }
+
+  @Get(':recordId/status')
+  status(@Param('recordId') recordId: string) {
+    return this.anchoringService.getAnchorStatus(recordId);
+  }
+
+  @Get(':recordId/verify')
+  verify(@Param('recordId') recordId: string) {
+    return this.anchoringService.verifyAnchor(recordId);
+  }
+}

backend/src/modules/blockchain/hash-anchoring.service.ts

@@ -0,0 +1,245 @@
+import { Injectable, Logger } from '@nestjs/common';
+import { InjectRepository } from '@nestjs/typeorm';
+import { Repository, In } from 'typeorm';
+import { Cron, CronExpression } from '@nestjs/schedule';
+import * as crypto from 'crypto';
+import * as StellarSdk from '@stellar/stellar-sdk';
+import { ConfigService } from '@nestjs/config';
+import { MedicalRecordAnchor, AnchorStatus } from './entities/medical-record-anchor.entity';
+import { MedicalRecord } from '../medical-records/entities/medical-record.entity';
+
+const MAX_OPS_PER_TX = 100; // Stellar max operations per transaction
+const MAX_RETRIES = 3;
+const MEMO_PREFIX = 'MR:'; // memo prefix to identify medical record batches
+
+@Injectable()
+export class HashAnchoringService {
+  private readonly logger = new Logger(HashAnchoringService.name);
+  private server: StellarSdk.Horizon.Server;
+  private keypair: StellarSdk.Keypair;
+  private networkPassphrase: string;
+
+  constructor(
+    @InjectRepository(MedicalRecordAnchor)
+    private readonly anchorRepo: Repository<MedicalRecordAnchor>,
+    @InjectRepository(MedicalRecord)
+    private readonly recordRepo: Repository<MedicalRecord>,
+    private readonly configService: ConfigService,
+  ) {
+    const horizonUrl =
+      this.configService.get<string>('STELLAR_TESTNET_HORIZON_URL') ||
+      'https://horizon-testnet.stellar.org';
+    this.server = new StellarSdk.Horizon.Server(horizonUrl);
+
+    const network = this.configService.get<string>('STELLAR_DEFAULT_NETWORK') || 'TESTNET';
+    this.networkPassphrase =
+      network === 'PUBLIC'
+        ? StellarSdk.Networks.PUBLIC
+        : StellarSdk.Networks.TESTNET;
+
+    const secret = this.configService.get<string>('STELLAR_ANCHOR_SECRET_KEY');
+    if (secret) {
+      this.keypair = StellarSdk.Keypair.fromSecret(secret);
+      this.logger.log(`HashAnchoringService ready — account: ${this.keypair.publicKey()}`);
+    } else {
+      this.logger.warn('STELLAR_ANCHOR_SECRET_KEY not set — anchoring disabled');
+    }
+  }
+
+  // ─── Public API ────────────────────────────────────────────────────────────
+
+  /** Queue a single medical record for anchoring */
+  async queueAnchor(recordId: string): Promise<MedicalRecordAnchor> {
+    const existing = await this.anchorRepo.findOne({
+      where: { recordId, status: In([AnchorStatus.PENDING, AnchorStatus.QUEUED, AnchorStatus.ANCHORED]) },
+    });
+    if (existing) return existing;
+
+    const record = await this.recordRepo.findOne({ where: { id: recordId } });
+    if (!record) throw new Error(`Medical record ${recordId} not found`);
+
+    const recordHash = this.hashRecord(record);
+    const anchor = this.anchorRepo.create({ recordId, recordHash, status: AnchorStatus.QUEUED });
+    return this.anchorRepo.save(anchor);
+  }
+
+  /** Queue multiple records — returns immediately, processing is async */
+  async queueBatch(recordIds: string[]): Promise<{ queued: number; batchId: string }> {
+    const batchId = crypto.randomUUID();
+    const records = await this.recordRepo.findBy({ id: In(recordIds) });
+
+    const anchors = records.map((r) =>
+      this.anchorRepo.create({
+        recordId: r.id,
+        recordHash: this.hashRecord(r),
+        status: AnchorStatus.QUEUED,
+        batchId,
+      }),
+    );
+
+    await this.anchorRepo.save(anchors);
+    return { queued: anchors.length, batchId };
+  }
+
+  /** Get anchor status for a record */
+  async getAnchorStatus(recordId: string): Promise<MedicalRecordAnchor | null> {
+    return this.anchorRepo.findOne({
+      where: { recordId },
+      order: { createdAt: 'DESC' },
+    });
+  }
+
+  /** Verify a record's current hash matches what's on-chain */
+  async verifyAnchor(recordId: string): Promise<{
+    verified: boolean;
+    currentHash: string;
+    anchoredHash: string;
+    txHash: string;
+    confirmedAt: Date;
+  }> {
+    const anchor = await this.anchorRepo.findOne({
+      where: { recordId, status: AnchorStatus.CONFIRMED },
+      order: { createdAt: 'DESC' },
+    });
+
+    if (!anchor) throw new Error(`No confirmed anchor found for record ${recordId}`);
+
+    const record = await this.recordRepo.findOne({ where: { id: recordId } });
+    const currentHash = this.hashRecord(record);
+
+    return {
+      verified: currentHash === anchor.recordHash,
+      currentHash,
+      anchoredHash: anchor.recordHash,
+      txHash: anchor.txHash,
+      confirmedAt: anchor.confirmedAt,
+    };
+  }
+
+  // ─── Batch Processing (cron every 5 min) ───────────────────────────────────
+
+  @Cron(CronExpression.EVERY_5_MINUTES)
+  async processPendingQueue(): Promise<void> {
+    if (!this.keypair) return;
+
+    const pending = await this.anchorRepo.find({
+      where: { status: AnchorStatus.QUEUED },
+      order: { createdAt: 'ASC' },
+      take: MAX_OPS_PER_TX,
+    });
+
+    if (!pending.length) return;
+
+    this.logger.log(`Processing batch of ${pending.length} anchors`);
+    await this.anchorBatch(pending);
+  }
+
+  /** Poll ANCHORED records to confirm ledger inclusion */
+  @Cron(CronExpression.EVERY_MINUTE)
+  async confirmPendingTransactions(): Promise<void> {
+    if (!this.keypair) return;
+
+    const anchored = await this.anchorRepo.find({
+      where: { status: AnchorStatus.ANCHORED },
+    });
+
+    for (const anchor of anchored) {
+      await this.confirmTransaction(anchor);
+    }
+  }
+
+  // ─── Core Anchoring Logic ──────────────────────────────────────────────────
+
+  private async anchorBatch(anchors: MedicalRecordAnchor[]): Promise<void> {
+    // Group by batchId (or treat as one batch if mixed)
+    const batchId = anchors[0].batchId || crypto.randomUUID();
+
+    try {
+      const account = await this.server.loadAccount(this.keypair.publicKey());
+
+      // Cost optimisation: pack up to MAX_OPS_PER_TX manageData ops in one tx
+      const builder = new StellarSdk.TransactionBuilder(account, {
+        fee: StellarSdk.BASE_FEE,
+        networkPassphrase: this.networkPassphrase,
+      }).setTimeout(60);
+
+      for (const anchor of anchors) {
+        // manageData key max 64 bytes — use first 28 chars of hash (hex) + prefix
+        const key = `MR:${anchor.recordHash.substring(0, 28)}`;
+        // value: full 64-char hex hash (32 bytes)
+        builder.addOperation(
+          StellarSdk.Operation.manageData({
+            name: key,
+            value: Buffer.from(anchor.recordHash, 'hex'),
+          }),
+        );
+      }
+
+      const tx = builder.build();
+      tx.sign(this.keypair);
+
+      const result = await this.server.submitTransaction(tx);
+      const txHash = result.hash;
+
+      // Mark all as ANCHORED
+      await this.anchorRepo.save(
+        anchors.map((a) => ({
+          ...a,
+          txHash,
+          batchId,
+          status: AnchorStatus.ANCHORED,
+          anchoredAt: new Date(),
+          lastError: null,
+        })),
+      );
+
+      this.logger.log(`Batch anchored — txHash: ${txHash}, records: ${anchors.length}`);
+    } catch (error) {
+      this.logger.error(`Batch anchor failed: ${error.message}`);
+      await this.anchorRepo.save(
+        anchors.map((a) => ({
+          ...a,
+          status: a.retryCount >= MAX_RETRIES ? AnchorStatus.FAILED : AnchorStatus.QUEUED,
+          retryCount: a.retryCount + 1,
+          lastError: error.message,
+        })),
+      );
+    }
+  }
+
+  private async confirmTransaction(anchor: MedicalRecordAnchor): Promise<void> {
+    try {
+      const tx = await this.server.transactions().transaction(anchor.txHash).call();
+      if (tx.successful) {
+        await this.anchorRepo.save({
+          ...anchor,
+          status: AnchorStatus.CONFIRMED,
+          ledgerSequence: tx.ledger,
+          feePaid: tx.fee_charged,
+          confirmedAt: new Date(),
+        });
+        this.logger.log(`Confirmed anchor for record ${anchor.recordId} at ledger ${tx.ledger}`);
+      }
+    } catch {
+      // Transaction not yet in ledger — will retry next cron tick
+    }
+  }
+
+  // ─── Hash Generation ───────────────────────────────────────────────────────
+
+  /** Canonical SHA-256 hash of a medical record's immutable fields */
+  hashRecord(record: Partial<MedicalRecord>): string {
+    const payload = JSON.stringify({
+      id: record.id,
+      petId: record.petId,
+      vetId: record.vetId,
+      recordType: record.recordType,
+      visitDate: record.visitDate,
+      diagnosis: record.diagnosis,
+      treatment: record.treatment,
+      notes: record.notes,
+      version: record.version,
+    });
+    return crypto.createHash('sha256').update(payload).digest('hex');
+  }
+}