Shiora

Sovereign health data. Verifiable AI. Zero-knowledge privacy.

App · Docs · API Reference · Discord · Contributing

---

Overview

Shiora is a decentralized women's health AI platform built on Aethelred — a sovereign Layer 1 optimised for verifiable AI computation. It gives individuals full sovereignty over their medical records, reproductive health data, and AI-driven health insights using zero-knowledge proofs, trusted execution environments, and on-chain consent management.

Status — Pre-mainnet. 13 smart contracts deployed to testnet, 393 tests passing across 20 suites.

---

Table of Contents

Overview Features Architecture Tech Stack Quick Start Project Structure Smart Contracts

API Routes Testing Security Performance Development Contributing License

---

Features

Health Records & Privacy Encrypted health records with IPFS content addressing FHIR-compatible bridge for clinical interoperability Granular consent management with on-chain audit trails Privacy rights dashboard for GDPR/HIPAA compliance	Reproductive Health Vault Compartmentalized encrypted storage for sensitive data Cycle tracking with privacy-preserving analytics ZK attestations for selective health disclosure Emergency access protocols with time-locked recovery
AI & Clinical Intelligence AI health chat with explainability and verifiable inference Clinical decision support with evidence-based pathways Predictive health alerts with anomaly detection Digital twin modelling with genomic integration	Community & Governance DAO governance with proposal voting and execution Decentralized data marketplace with revenue sharing Research data contributions with anonymization controls Provider reputation system with on-chain scoring

---

Architecture

┌─────────────────────────────────────────────────────────────────────┐
│                         Frontend Layer                              │
│          Next.js 14 App Router  /  React 18  /  Tailwind CSS       │
│                                                                     │
│   Dashboard  Records  Vault  Chat  Alerts  Clinical  Community     │
│   Compliance  Emergency  FHIR  Genomics  Governance  Insights      │
│   Marketplace  MPC  Research  Settings  TEE Explorer  Twin         │
│   Wearables                                                         │
├─────────────────────────────────────────────────────────────────────┤
│                        API Route Layer                              │
│              57 Next.js Route Handlers  /  24 Domains              │
│                                                                     │
│   health  records  consent  vault  chat  alerts  clinical          │
│   community  compliance  emergency  fhir  genomics  governance     │
│   insights  ipfs  marketplace  mpc  network  privacy  providers    │
│   research  rewards  staking  tee  twin  wallet  wearables         │
│   xai  zkp                                                         │
├─────────────────────────────────────────────────────────────────────┤
│                     Smart Contract Layer                            │
│              Solidity 0.8.20  /  OpenZeppelin  /  EVM              │
│                                                                     │
│   ┌─────────────┐  ┌──────────────┐  ┌──────────────────────┐     │
│   │    Core      │  │   Privacy     │  │       DeFi           │     │
│   │             │  │              │  │                      │     │
│   │ AccessCtrl  │  │ ConsentMgr   │  │ Governance           │     │
│   │ RecordReg   │  │ ReproVault   │  │ Marketplace          │     │
│   │ TEEVerifier │  │ ZKVerifier   │  │ Staking              │     │
│   │ ClinPath    │  │ MPCOrch      │  │                      │     │
│   │ DigitalTwin │  │              │  │                      │     │
│   │ EmergProto  │  │              │  │                      │     │
│   └─────────────┘  └──────────────┘  └──────────────────────┘     │
├─────────────────────────────────────────────────────────────────────┤
│                       Privacy Layer                                │
│        ZK Proofs  /  TEE Attestation  /  MPC Orchestration         │
└─────────────────────────────────────────────────────────────────────┘

---

Tech Stack

Category	Technology
Framework	Next.js 14, React 18
Language	TypeScript 5.3
Styling	Tailwind CSS 3.4
Charts	Recharts 2.10
Data Fetching	React Query 5 (TanStack)
Validation	Zod
Smart Contracts	Solidity 0.8.20, OpenZeppelin
Testing	Jest 29, Testing Library, MSW 2
Linting	ESLint 8, Prettier 3
Custom Hooks	25 domain-specific React hooks

---

Quick Start

Prerequisites

Tool	Version
Node.js	>= 18.0.0
npm	>= 9.0.0

Installation

# 1. Clone
git clone https://github.com/aethelred-foundation/shiora.git
cd shiora

# 2. Install dependencies
npm install

# 3. Configure
cp .env.example .env.local
# Edit .env.local with your configuration

# 4. Start development server
npm run dev

The application will be available at http://localhost:3001.

Environment variables

# Blockchain
NEXT_PUBLIC_RPC_URL=http://localhost:8545
NEXT_PUBLIC_CHAIN_ID=1337

# IPFS
IPFS_GATEWAY_URL=https://gateway.pinata.cloud
IPFS_API_KEY=your-pinata-api-key

# AI / Inference
AI_INFERENCE_URL=http://localhost:8080
AI_MODEL_ID=shiora-health-v1

# TEE
TEE_ATTESTATION_URL=http://localhost:9090

# Privacy
ZKP_PROVER_URL=http://localhost:7070
MPC_ORCHESTRATOR_URL=http://localhost:7071

# Analytics
NEXT_PUBLIC_ANALYTICS_ID=your-analytics-id

---

Project Structure

shiora/
├── contracts/                       # Solidity smart contracts
│   ├── core/                        # Core protocol contracts
│   │   ├── ShioraAccessControl.sol      Access control & permissions
│   │   ├── ShioraClinicalPathway.sol    Clinical decision pathways
│   │   ├── ShioraDigitalTwin.sol        Digital twin modelling
│   │   ├── ShioraEmergencyProtocol.sol  Emergency access & recovery
│   │   ├── ShioraRecordRegistry.sol     Health record metadata
│   │   └── ShioraTEEVerifier.sol        TEE attestation verification
│   ├── privacy/                     # Privacy layer contracts
│   │   ├── ShioraConsentManager.sol     On-chain consent registry
│   │   ├── ShioraMPCOrchestrator.sol    MPC computation coordination
│   │   ├── ShioraReproductiveVault.sol  Encrypted reproductive vault
│   │   └── ShioraZKVerifier.sol         ZK proof verification
│   ├── defi/                        # Governance & marketplace
│   │   ├── ShioraGovernance.sol         DAO governance & voting
│   │   ├── ShioraMarketplace.sol        Data marketplace & revenue
│   │   └── ShioraStaking.sol            Token staking & rewards
│   └── interfaces/                  # Contract interfaces
│
├── src/
│   ├── app/                         # Next.js App Router
│   │   ├── api/                     # 57 route handlers across 24 domains
│   │   ├── records/                 # Health records page
│   │   ├── vault/                   # Reproductive health vault
│   │   ├── chat/                    # AI health chat
│   │   ├── alerts/                  # Predictive alerts
│   │   ├── clinical/                # Clinical decision support
│   │   ├── community/               # Community features
│   │   ├── compliance/              # Compliance dashboard
│   │   ├── emergency/               # Emergency protocols
│   │   ├── fhir/                    # FHIR bridge
│   │   ├── genomics/                # Genomic insights
│   │   ├── governance/              # DAO governance
│   │   ├── insights/                # Health analytics
│   │   ├── marketplace/             # Data marketplace
│   │   ├── mpc/                     # MPC dashboard
│   │   ├── research/                # Research contributions
│   │   ├── settings/                # User settings
│   │   ├── tee-explorer/            # TEE attestation explorer
│   │   ├── twin/                    # Digital twin
│   │   └── wearables/               # Wearable devices
│   ├── components/                  # React components by domain
│   ├── contexts/                    # React context providers
│   ├── hooks/                       # 25 custom React hooks
│   ├── lib/                         # Utilities and API clients
│   ├── mocks/                       # MSW mock handlers
│   ├── types/                       # TypeScript type definitions
│   └── __tests__/                   # 20 test suites (393 tests)
│
├── docs/                            # Architecture and design docs
├── public/                          # Static assets
├── coverage/                        # Test coverage reports
├── next.config.js
├── tailwind.config.js
├── tsconfig.json
├── jest.config.js
└── package.json

---

Smart Contracts

All contracts target the Aethelred L1 EVM and are written in Solidity 0.8.20 with OpenZeppelin base contracts.

Contract	Category	Description
ShioraAccessControl	Core	Role-based access control for health data with granular permissions
ShioraRecordRegistry	Core	Health record metadata registry with IPFS content addressing
ShioraTEEVerifier	Core	Trusted execution environment attestation verification
ShioraClinicalPathway	Core	Evidence-based clinical decision pathway engine
ShioraDigitalTwin	Core	On-chain digital twin state and genomic integration
ShioraEmergencyProtocol	Core	Emergency access with time-locked recovery and guardian system
ShioraConsentManager	Privacy	On-chain consent registry with time-bound grants and revocation
ShioraReproductiveVault	Privacy	Encrypted reproductive health vault with compartmentalized storage
ShioraZKVerifier	Privacy	Zero-knowledge proof verification for private health attestations
ShioraMPCOrchestrator	Privacy	Multi-party computation coordination for collaborative analytics
ShioraGovernance	DeFi	DAO governance with proposal creation, voting, and execution
ShioraMarketplace	DeFi	Decentralized data marketplace with listing and revenue splits
ShioraStaking	DeFi	Token staking for governance weight and platform rewards

---

API Routes

57 route handlers organised across 24 domains via the Next.js App Router:

Route Domain /api/health Core health data /api/records Health record CRUD /api/consent Consent management /api/vault Reproductive health vault /api/chat AI health chat inference /api/alerts Predictive health alerts /api/clinical Clinical decision support /api/community Community features /api/compliance Regulatory compliance /api/emergency Emergency protocols /api/fhir FHIR bridge operations /api/genomics Genomic data pipelines

Route Domain /api/governance DAO governance /api/insights Health analytics /api/ipfs IPFS pinning & retrieval /api/marketplace Data marketplace /api/mpc MPC orchestration /api/network Blockchain network status /api/privacy Privacy rights operations /api/providers Healthcare provider data /api/research Research data operations /api/rewards Platform rewards /api/staking Staking operations /api/tee TEE attestation /api/twin Digital twin /api/wallet Wallet operations /api/wearables Wearable device data /api/xai Explainable AI /api/zkp ZKP generation & verification

---

Testing

393 tests across 20 suites covering hooks, API routes, components, and integration scenarios.

# Run all tests
npm test

# Run tests in watch mode
npm run test:watch

# Generate coverage report
npm run test:coverage

# Run specific suite
npm test -- --testPathPattern=hooks
npm test -- --testPathPattern=api

Suite Category	Suites	Tests
Custom Hooks	8	156
API Routes	6	124
Components	4	78
Integration	2	35

---

Security

Compliance posture: HIPAA-aligned data handling, GDPR privacy rights dashboard, on-chain consent audit trails, right-to-erasure support.

Privacy layer: Zero-knowledge proofs for selective health disclosure, TEE attestation for confidential computation, MPC orchestration for collaborative analytics without data exposure, compartmentalized vault encryption.

Smart contract layer: Reentrancy guards (checks-effects-interactions), checked arithmetic, role-based access control, emergency pause mechanism, time-locked recovery, guardian-based emergency access.

Application layer: Zod input validation on all API routes, CORS policy, CSP headers, XSS sanitisation, parameterised queries, rate limiting per endpoint.

---

Performance

Metric	Target	Current
First Contentful Paint	< 1.5 s	1.1 s
Largest Contentful Paint	< 2.5 s	2.0 s
Time to Interactive	< 3.5 s	2.4 s
API Response Time (p95)	< 200 ms	140 ms
ZK Proof Generation	< 5 s	3.2 s
TEE Attestation Verify	< 500 ms	320 ms

Optimisations: Next.js App Router streaming, React Server Components, code splitting, TanStack Query caching, Tailwind CSS purging, Brotli compression.

---

Development

npm run lint && npm run lint:fix    # ESLint
npm run format                      # Prettier
npm run type-check                  # TypeScript strict mode
npm run validate                    # All checks (type-check + lint + format + tests)

Scripts

Command	Description
npm run dev	Start development server on port 3001
npm run build	Create production build
npm start	Start production server
npm test	Run test suite
npm run test:coverage	Run tests with coverage report
npm run test:watch	Run tests in watch mode
npm run lint	Run ESLint
npm run type-check	Run TypeScript compiler checks
npm run format	Format code with Prettier
npm run validate	Run all checks

CI/CD Pipeline

On every PR: lint + format, type-check, unit tests, integration tests, build verification, security audit.

On merge to main: build, deploy to staging, smoke tests, deploy to production.

---

API Reference

# Health records
GET  /api/records
POST /api/records
GET  /api/records/:id

# Consent management
GET  /api/consent
POST /api/consent/grant
POST /api/consent/revoke

# Reproductive vault
GET  /api/vault
POST /api/vault/store
POST /api/vault/share

# AI chat
POST /api/chat
GET  /api/chat/history

# ZKP
POST /api/zkp/generate
POST /api/zkp/verify

Full reference: api.shiora.health

---

Contributing

We welcome contributions. Please see the Contributing Guide before opening a PR.

Standard	Requirement
Commits	Conventional Commits
Types	TypeScript strict mode, no any
Tests	All new code must include tests
Lint	Zero warnings on npm run validate
Privacy	No PII in logs, tests, or mock data

1. Fork the repository
2. Create a feature branch — git checkout -b feature/my-feature
3. Run npm run validate
4. Commit with Conventional Commits
5. Open a Pull Request

---

License

Apache 2.0 — see LICENSE for details.

---

Acknowledgements

Aethelred · OpenZeppelin · Next.js · Tailwind CSS · TanStack Query · Zod

---

App · Docs · Discord · Twitter · Support

Copyright © 2024–2026 Aethelred Foundation