EASE eHealth

The Problem
Prior authorization in US healthcare is broken. When a doctor wants to perform a procedure, they have to get approval from the patient's insurance company first. Today that process involves phone calls, faxes, and manual
 reviews — it takes 30-90 days on average, costs the industry ~$35B/year in admin overhead, and results in opaque denials that patients and providers can't easily audit or challenge.                      
          
 What EASE eHealth Does

 It replaces that manual process with an automated, transparent, on-chain pipeline:
 1. Provider submits a prior auth request (procedure, patient consent, policy info)
 2. Chainlink CRE workflows running on a decentralized oracle network (DON) handle the entire decision pipeline — verifying consent, checking policy coverage, evaluating medical necessity, and writing the result on-chain
 3. Smart contracts enforce a deterministic state machine (SUBMITTED → APPROVED → PAID or SUBMITTED → DENIED) — every transition is auditable, immutable, and trustless
 4. Settlement happens automatically via an ERC-20 escrow contract — approved claims get paid in seconds, not months

 How It Works (the stack)
 - 5 Solidity contracts handle consent, policy, claim decisions, and escrow payouts
 - 6 backend services serve as adapters between the traditional healthcare world (EHR data in Synthea format) and the on-chain system
 - 8 Chainlink CRE workflows orchestrate everything — from routine approvals, to consent revocation cascades, to automated compliance challenges, to medication benefit checks
 - All sensitive medical data stays off-chain (only hashes and state go on-chain) — CRE's confidential compute ensures PHI is encrypted end-to-end through the DON

 Why It Matters
 - Speed: Claims settle in <120 seconds vs. 30-90 days
 - Transparency: Every decision is on-chain and auditable — no hidden denials
 - Patient control: Consent is explicit and revocable in real-time (triggers cascading claim challenges and payout cancellations)
 - Cost: Eliminates manual phone/fax prior auth workflows
 - Privacy: Zero PHI on-chain — the system proves compliance without exposing patient data

Here's the architecture, layer by layer:                                                                                
 Smart Contracts (Solidity 0.8.24, Foundry)
                                                                                                                 
 Five contracts on Base Sepolia, all using OpenZeppelin role-based access control:
                                                                                                                 
 - MockUSDC — ERC-20 token (6 decimals) used for settlement
 - ConsentRegistry — manages patient consent lifecycle (ACTIVE/REVOKED/EXPIRED)
 - PolicyRegistry — stores policy version hashes and activation windows
 - ClaimDecisionRegistry — the core state machine that enforces valid claim transitions
 - ClaimEscrow — holds USDC, schedules payouts on approval, releases on finality, cancels on challenge

 Every claim gets a deterministic ID (keccak256(payer_id | provider_hash | encounter_hash | procedure_code | service_date)) — same inputs always produce the same claim, duplicates revert.

 Backend Services (Node.js/TypeScript, Express)

 Six services running on ports 3001-3006 in an npm workspaces monorepo:

 - provider-adapter-api — ingests prior auth submissions, serves Synthea EHR data (patients, encounters, claims, medications)
 - consent-service — grant/revoke consent endpoints
 - policy-service — deterministic policy rules + payer enrollment data
 - proof-service-stub — simulates medical necessity verification (returns proof hash + result + denial reason bitmap). ZK circuits are deferred post-hackathon
 - credential-service — provider/organization registry and NPI validation
 - decision-callback-service — webhook delivery for state transitions

 All payloads are EIP-712 signed with anti-replay fields (nonce, issued_at, expires_at) and a correlation_id that propagates end-to-end.

 CRE Workflows (Chainlink Compute Runtime Environment, TypeScript/Bun)
 Eight workflows running on the decentralized oracle network, using all three CRE capabilities:

WF-001 (Cron) runs the full prior auth pipeline — fetches an EHR claim, checks consent, verifies policy, evaluates the proof, then submits, approves, and pays the claim on-chain.
WF-002 (HTTP trigger) handles consent revocation cascades — when a patient revokes consent, it revokes on-chain, challenges any affected claims, and cancels pending payouts.
WF-003 (Log trigger, fires on ProofEvaluated events) is an automated compliance gate that checks risk signals and auto-challenges suspicious claims.
WF-004 (Cron) is the reconciliation monitor — it cross-references off-chain BILLED claims against on-chain state to catch anything stuck or mismatched.
WF-005 (Cron) is an encrypted credential audit that makes 5 AES-GCM encrypted HTTP calls plus on-chain reads to verify provider credentials.
WF-006 (Cron) handles medication prior auth with formulary coverage and amount cap checks across 8 predicates.
WF-007 (Log trigger, fires on ClaimSubmitted events) reactively settles transfer claims as soon as they appear on-chain.
WF-008 (HTTP trigger) provides on-demand prior auth via a signed HTTP payload, bypassing cron delay for immediate processing.

Sensitive data is fetched via ConfidentialHTTPClient (AES-GCM encrypted through the DON). On-chain writes go through EVMClient. Public reads use HTTPClient. All three CRE capability types in one project.

 Data Layer
 Synthetic healthcare data in Synthea CSV format (10 files: patients, providers, payers, encounters, procedures, claims, etc.) loaded at service startup. This is the same format real EHR systems export, so the integration
 pattern is production-realistic.

 Tooling
 - Foundry (forge/anvil/cast) for contracts — 52 tests including fuzz and invariant
 - npm workspaces for the service monorepo
 - Bun for CRE workflow builds
 - Makefile orchestrates everything — make demo-full runs the entire stack end-to-end
 - Next.js dashboard for visual demo