4dca44dbbe
- Zero-knowledge encryption for ALL sensitive data + metadata - Blood pressure example: value + type + unit ALL encrypted - 9 collections: users, families, profiles, health_data, lab_results, medications, appointments, shares, refresh_tokens - Client-side encryption (AES-256-GCM, PBKDF2) - Server NEVER decrypts data - Privacy-preserving queries (plaintext fields: userId, profileId, familyId, date, tags) - Tagging system for encrypted data search - Date range queries (plaintext dates) Key principle: - Both value AND metadata encrypted (e.g., "blood_pressure" + "120/80") - No plaintext metadata leaks - Server stores ONLY encrypted data Updated tech stack decisions with MongoDB schema All major research complete (Rust, Mobile, Web, State, Auth, Database) Next: Backend development (Axum + MongoDB) |
||
|---|---|---|
| thoughts/research | ||
| .gitignore | ||
| encryption.md | ||
| introduction.md | ||
| README.md | ||
Normogen
Overview
Normogen is a privacy-focused health data tracking and management platform. The name comes from Mapudungun, relating to Balanced Life.
Vision
To record as many variables related to health as possible, store them in a secure, private manner, to be used by you, not by corporations. From medication reminders to pattern analysis, Normogen puts you in control of your health data.
Technology Stack
Backend
- Framework: Axum 0.7.x
- Runtime: Tokio 1.x
- Middleware: Tower, Tower-HTTP
- Database: MongoDB (with zero-knowledge encryption)
- Language: Rust
Mobile (iOS + Android)
- Framework: React Native 0.73+
- Language: TypeScript
- State Management: Redux Toolkit 2.x
- Data Fetching: RTK Query 2.x
- Health Sensors: react-native-health, react-native-google-fit
- Encryption: react-native-quick-crypto
Web
- Framework: React 18+
- Language: TypeScript
- State Management: Redux Toolkit 2.x
- Data Fetching: RTK Query 2.x
- Charts: Recharts
Deployment
- Docker on Linux
Platform Strategy
Primary: Mobile Apps - Daily health tracking, sensor integration, QR scanning, push notifications
Secondary: Web Browser - Extensive reporting, visualization, profile management
Key Features
- Zero-knowledge encryption
- Multi-person profiles
- Family structure management
- Secure sharing with expiring links
- Mobile apps with health sensor integration
- Web interface for complex visualizations
Security Model
- Client-side encryption: Data encrypted before leaving device
- Zero-knowledge: Server stores only encrypted data
- Proton-style encryption: AES-256-GCM with PBKDF2 key derivation
- Shareable links: Self-contained decryption keys in URLs
- Privacy-first: No data selling, subscription-based revenue
Documentation
- Introduction - Project vision and detailed feature specification
- Encryption Implementation Guide - Zero-knowledge encryption architecture
- Research - Technical research and planning documents
Development Status
Phase: Planning/Documentation
Completed
- Project vision and requirements
- Security architecture design
- Encryption implementation guide
- Git repository initialization
- Rust framework selection: Axum
- Mobile/Web framework selection: React Native + React
- State management selection: Redux Toolkit 2.x
Next Steps
- Authentication system design (JWT with recovery phrases)
- Database schema design
- Create proof-of-concept with Axum
- Implement basic CRUD API
- Build mobile apps with health sensor integration
- Build web companion app
- Add encryption layer
- Implement sharing functionality
Open Source
Normogen is open-source. Both server and client code will be publicly available.
Note: This project is currently in the planning phase. No implementation code has been written yet.