TraceRx: Securing Pharmaceutical Data using Blockchain

In 2023, the U.S. Food and Drug Administration (FDA) issued over 200 warning letters to pharmaceutical companies, with data integrity violations cited as a leading cause of costly recalls and fines. From falsified lab results to unsecured data storage, the pharmaceutical industry faces a critical challenge: ensuring that instrument data—such as readings from spectrometers or temperature sensors—remains tamper-proof, auditable, and compliant with various regulatory standards.

This article introduces TraceRx, a blockchain-based solution built to address these issues. TraceRx leverages Ethereum’s immutability, cryptographic hashing, and a secure express.js gateway to create a verifiable audit trail for pharmaceutical instrument data.

The Concept & Solution

The Problem: Data Integrity Challenges in Pharmaceuticals

Pharmaceutical companies rely on accurate instrument data to ensure drug safety and regulatory compliance. However, several challenges threaten data integrity:

• Data Tampering: Intentional or accidental changes to logs can compromise drug quality and patient safety.

• Auditability Gaps: Proving the authenticity and history of data during regulatory audits is time-consuming and error-prone with traditional systems.

• Centralized Vulnerabilities: Legacy databases are susceptible to hacks and single points of failure.

• Manual Processes: Human intervention in data logging increases the risk of errors or fraud.

These issues lead to severe consequences: financial losses from recalls, regulatory penalties, delayed drug approvals, and, most critically, risks to patient safety.

The Solution: TraceRx Overview

TraceRx is a blockchain-based system designed to ensure tamper-proof logging of pharmaceutical instrument data. It uses a hybrid on-chain/off-chain model to balance the security of the blockchain with cost-efficiency. Key features include:

• Immutable Audit Trail: Stores SHA-256 hashes of log files on the blockchain, ensuring data cannot be altered without detection.

• Role-Based Access: Separates ownership (admin) and operational (gateway) roles for enhanced security.

• Regulatory Compliance: Supports superseding logs without deletion, aligning with 21 CFR Part 11 requirements.

• Edge Gateway: A Node.js/Express API enables secure log submission from devices like a Raspberry Pi.

How TraceRx Works

The process is simple and secure.

1. Instruments (e.g., lab equipment) generate log files with metadata.

2. An authorized Node.js gateway receives these logs, saves them, and computes a cryptographic hash.

3. The gateway then sends this hash and key metadata to the TraceRx smart contract on the blockchain.

4. The smart contract immutably records the data. Auditors can later verify the integrity of the off-chain log file by comparing its hash to the one stored on the blockchain.

Here is a simplified diagram of the system's core workflow for a non-technical audience:

The Technical Implementation

System Architecture

The TraceRx system follows a simple, yet effective, architecture. The raw data is stored off-chain to save costs, while a small, verifiable fingerprint (the hash) is securely anchored on-chain. This is the core of our hybrid model.

The Smart Contract: PharmaLog.sol

The core logic resides in a Solidity smart contract named PharmaLog. This contract defines a LogEntry struct to store metadata about each log.

Here is a snippet showing the LogEntry struct:

struct LogEntry {
    string instrumentId;      // ID of the instrument.
    uint256 logEntryId;       // Unique ID for the log.
    string picoTimestamp;     // Timestamp from the instrument.
    bytes32 fileHash;         // SHA-256 hash of the raw data file.
    uint256 blockTimestamp;   // Blockchain timestamp.
    address recordedBy;       // Address that submitted the log.
    LogStatus status;         // The current status of the log entry.
}

The contract's main function, addLog, is called by the gateway to create a new entry on the blockchain. The onlyGateway modifier ensures that only the authorized address can call this function.

function addLog(
    string memory _instrumentId,
    uint256 _originalLogEntryId,
    string memory _picoTimestamp,
    bytes32 _fileHash
) external onlyGateway {
    _logCounter++;
    uint256 newLogId = _logCounter;

    logEntries[newLogId] = LogEntry({
        instrumentId: _instrumentId,
        logEntryId: _originalLogEntryId,
        picoTimestamp: _picoTimestamp,
        fileHash: _fileHash,
        blockTimestamp: block.timestamp,
        recordedBy: msg.sender,
        status: LogStatus.ACTIVE
    });

    emit LogAdded(newLogId, _instrumentId, _originalLogEntryId, _fileHash, block.timestamp);
}

The supersedeLog function is crucial for compliance. It allows the owner to mark an existing log as SUPERSEDED instead of deleting it, preserving a complete audit trail.

The Node.js Gateway: index.js

The gateway is an Express server that acts as the secure middleman. It has an API endpoint, /submit_log, to receive data from instruments.

A key step is computing the SHA-256 hash of the log file.

// Compute the cryptographic hash
const fileBuffer = fs.readFileSync(filepath);
const hash = crypto.createHash('sha256').update(fileBuffer).digest('hex');
const fileHashBytes = `0x${hash}`; // Format as bytes32 hex string

This hash is then sent to the smart contract using ethers.js.

// Call the smart contract function
const tx = await pharmaLogContract.addLog(
    payload.InstrumentID,
    payload.LogEntryID,
    payload.Timestamp,
    fileHashBytes
);
const receipt = await tx.wait(); // Wait for the transaction to be mined

Here's a flowchart visualizing the process of the /submit_log endpoint:

Deployment and Security on Hyperledger Besu

The project uses Hardhat for local development and testing, and the same deployment scripts can be adapted to deploy the contract to our Hyperledger Besu network. The constructor of the PharmaLog contract initializes the gateway's address. This ensures that only the authorized gateway can submit logs, a critical security feature.

Conclusion

TraceRx demonstrates how the private blockchain we built using Hyperledger Besu can be transformed from a theoretical network into a practical and powerful tool for a regulated industry. By combining the immutability of a permissioned blockchain with a secure gateway, TraceRx provides a verifiable, compliant, and tamper-proof logging system. This project showcases the value of hybrid architectures in building robust, cost-effective solutions for real-world data integrity challenges.