Nexa: A Blockchain Architecture for Secure and Scalable EHR Solutions—Balancing Blockchain Trilemma, with a Scalable Public Blockchain and Threshold Cryptography

This thesis introduces Nexa, a blockchain architecture designed to balance the critical trade-offs between security, scalability, and decentralization in Electronic Health Record (EHR) systems. To address the blockchain trilemma (RQ1), Nexa strategically combines Avalanche’s high-performance public blockchain with decentralized IPFS storage, optimizing for the high throughput and low finality required in healthcare. To mitigate risks from centralized key management (RQ2), Nexa implements a distributed threshold cryptography scheme using Elliptic Curve Diffie-Hellman (ECDH), ChaCha20-Poly1305, and Shamir’s Secret Sharing (SSS). This design leverages smart contract-based access control and oracle-assisted decryption to enhance security without a central point of failure. Performance benchmarks on the Avalanche testnet, using synthetic datasets, validate this balanced approach, demonstrating efficient operation latencies and minimal costs suitable for clinical workflows while ensuring patient control.