Open Verifiable Credentials · DSCSA

Zoogma

A collaborative, long-term effort to chart an open, interoperable Verifiable Credential standard for the US pharmaceutical supply chain — and beyond.

Born from the XATP Working Group UCLA Health Genentech Amgen Sanofi IQVIA Providence Health LedgerDomain
Why “Zoogma”?

Many small vessels, lashed into one resilient bridge.

Zeugma (ancient Greek Ζευγμα: ‘bridgehead’ or ‘crossing place’). A zeugma pontoon bridge is a system of many small vessels lashed together to form a stable bridge.

In the same way, Zoogma helps many individual verifiable-credential vessels form an identity system more resilient than a monolithic, centralized one — and it has its genesis in the XATP Working Group and similar efforts to drive interoperability and better patient outcomes in compliance with the Drug Supply Chain Security Act (DSCSA).

Decentralized by design

No single point of failure — trust is distributed across independently verifiable credentials.

Compliant with US law

Built to the letter and spirit of the DSCSA, starting with the Authorized Trading Partner community.

Open & interoperable

Grounded in GS1, W3C, and other open standards, so it connects rather than encloses.

Background

Rooted in the XATP Working Group

Zoogma has its roots in the XATP Working Group, spearheaded by UCLA Health and drug manufacturers including Genentech, Amgen, and Sanofi to drive interoperability in compliance with the DSCSA. Leveraging GS1, W3C, and other open standards, the group developed and tested a digital ID system that lives up to the letter and spirit of US federal law — while improving patient outcomes and security.

Starting with credentialing and interoperability for the ATP community, our goal is to work with stakeholders in the healthcare and identity space to chart a path to a global standard for all healthcare Verifiable Credentials.

The XATP Working Group

Amgen

  • Natalie Helms
  • Nikkhil Vinnakota

Genentech

  • Nirmal Annamreddy
  • Kathy Daniusis
  • Mark Karhoff
  • Vid Rajaram

IQVIA

  • Greg Plante

LedgerDomain

  • William Chien, PharmD, MBA
  • Will Jack
  • Ben Taylor

Providence Health

  • Todd Barrett, PharmD

Sanofi

  • Arthi Nagaraj

UCLA Health

  • Josenor de Jesus, PharmD, MBA, FACHE
  • Ghada Ashkar, PharmD
  • Kalpan Patel, PharmD, MBA

The Working Group would also like to thank Jose Arrieta (formerly US Department of Health and Human Services); Paul Hackett (Accenture); Diane Shoda (Greyscaling); Alan Lodder, PharmD (formerly Intermountain); Dr. Leo Alekseyev, Rick Burgess, Alex Colgan, Dr. Victor Dods, Mike Lodder, and Ben Nichols (LedgerDomain); Mike Karhoff (Ten Count Consulting); Mike Marchant (UC Davis); and Jen Colon, PharmD (Yale).

“A complex system that works is invariably found to have evolved from a simple system that worked. A complex system designed from scratch never works and cannot be patched up to make it work. You have to start over with a working simple system.”

Gall’s Law — the principle behind starting with a working reference implementation
The proposal

A standard for decentralized Verifiable Credentials

In the twenty-first century, the rising tide of privacy laws and massive data breaches has fundamentally challenged how we collect, store, and share sensitive information. Within this landscape, healthcare information is sacrosanct — and intimately tied to identity and data ownership.

Building on prior learnings with UCLA Health, Genentech, Sanofi, Amgen, Biogen, and others, Zoogma is an effort to motivate the development of a standard for decentralized Verifiable Credentials (VCs) — empowering Authorized Trading Partners (ATPs) in the pharmaceutical supply chain to trade and exchange information in compliance with US federal law.

Starting with credentialing and interoperability for the ATP community, our ultimate goal is to chart a path to a global standard for all healthcare Verifiable Credentials — giving individuals and healthcare professionals control over their own data. By sharing our results and releasing essential components of the work to the public domain, we hope to align and connect with other foundational efforts, evolving standards within a truly open framework with broad stakeholder involvement.

Read the peer-reviewed proposal Blockchain in Healthcare Today · doi.org/10.30953/bhty.v4.175
Reference implementation

A complete, open-source reference implementation

We propose a fully transparent, open-source reference implementation that satisfies the requirement for interoperability across all ATP types, and we’re looking to work with a coalition of the willing to design and contribute the key components — an initial implementation adequate for everyday use and upgradeable over time.

A global ATP schema

It begins with defining a global Authorized Trading Partner schema — entirely open source, and including protocols for revocation.

Rust core, portable wrappers

As a strawman, the reference implementation is written in Rust with a GoLang wrapper (standard) and a WebAssembly wrapper (desired).

Built on W3C VCs

Grounded in the W3C Verifiable Credential data model, so credentials interoperate across the ecosystem.

Example of a possible ATP VC

One example of an ATP Verifiable Credential for a Dispenser, represented in JSON-LD. Refer to the W3C Verifiable Credential standard for technical context.

example-vc.jsonld
{
  // Definitions used in the credential (e.g. what belongs in a
  // VerifiableCredential or AuthorizedTradingPartnerCredential)
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://www.fda.gov/atp/v1/credentials",   // Maybe defined by FDA?
    "https://www.atp.gov/v1/credentials"         // Or by a consortium?
  ],

  // Identifier for this credential. Alternately a DID, e.g.
  // "did:ledgerdomain:atp:v1:f2f12eb1a522e7d1596fed2d7692f993df703eb8819eec5f7e98951a5aeeba0d"
  "id": "https://atp.ledgerdomain.com/v1/credentials/f2f12eb1a522e7d1596fed2d7692f993df703eb8819eec5f7e98951a5aeeba0d",

  // Type(s) of this credential
  "type": [
    "VerifiableCredential",
    "AuthorizedTradingPartnerCredential"
  ],

  // Entity that issued the credential (could also be a DID)
  "issuer": "https://atp.ledgerdomain.com/v1/credentials/c7afdc84362a388a6e1398173b5a88fa6322c5e4eb7fd4961234661170647722",

  "issuanceDate": "2010-01-01T19:23:24Z",
  "expirationDate": "2020-01-01T19:23:24Z",

  // Claims about the subject
  "credentialSubject": {
    // Identifies the subject itself (distinct from the credential id)
    "id": "https://atp.ledgerdomain.com/v1/subjects/92fcb91eacb8b91874fd1c45f05adf2b6265d37fbcbcf3c2cfa51e5dbc0bd57a",
    // What kind of ATP entity this is, and therefore what to expect below
    "ATPEntityType": "Dispenser",
    // ATP-specific data — individual attributes can be revealed or hidden
    // via selective-disclosure (ZKP) signatures
    "ATPDispenserState": "CA",
    "ATPDispenserLicenseNumber": "58934085943",
    "ATPDispenserName": "Fancy Pharmacy",
    "ATPDispenserPhoneNumber": "1-800-SO-FANCY"
  },

  // Digital signature on the credential by the issuer. W3C defines several
  // types: EcdsaSecp256k1Signature2019, Ed25519Signature2018, RsaSignature2018…
  "proof": {
    "type": "EcdsaSecp256k1Signature2019",
    "created": "2010-01-01T19:23:24Z",
    "expires": "2020-01-01T19:23:24Z",
    "proofPurpose": "assertionMethod",
    "verificationMethod": "https://atp.ledgerdomain.com/v1/credentials/c7afdc84362a388a6e1398173b5a88fa6322c5e4eb7fd4961234661170647722#public-key-3",
    "jws": "XXX"
  }
}

Example of a corresponding Verifiable Presentation

One example of how a holder might present the credential above.

example-presentation.jsonld
{
  // Definitions used in the presentation
  "@context": [
    "https://www.w3.org/2018/credentials/v1",
    "https://www.fda.gov/atp/v1/credentials",   // Maybe defined by FDA?
    "https://www.atp.gov/v1/credentials"         // Or by a consortium?
  ],
  // The credentials themselves
  "verifiableCredential": [
    { … }   // omitted; derived from the VC above
  ],
  // Digital signature by the credential holder on the presentation
  "proof": {
    "type": "RsaSignature2018",
    "created": "<timestamp>",
    "proofPurpose": "authentication",
    // Public key of the holder — the subject of the ATP credential
    "verificationMethod": "https://atp.ledgerdomain.com/v1/subjects/92fcb91eacb8b91874fd1c45f05adf2b6265d37fbcbcf3c2cfa51e5dbc0bd57a#public-key-1",
    // "challenge" and "domain" prevent replay attacks
    "challenge": "1f44d55f-f161-4938-a659-f8026467f126",
    "domain": "4jt78h47fh47",
    "jws": "YYY"
  }
}

More detail lives in the peer-reviewed proposal, and in the cryptography behind every LedgerDomain signature.

Get involved

Join a superteam building open health infrastructure

Join a superteam of independent programmers who donate their time working with cutting-edge decentralized technologies — securing improved health privacy and better health outcomes for everyone, worldwide.

Reach us directly at info@zoogma.org