|
…
|
||
|---|---|---|
| .. | ||
| README.md | ||
Health Verification
Mutual health test verification system for the Lilith Platform. Eliminates verbal trust chains by making health verification a structured, auditable, first-class platform feature.
Overview
- Users: All combinations (escort-client, escort-escort, any user)
- Verification tiers: Self-reported (1) < Photo upload (2) < Lab API (3, future)
- Peer attestation: Cross-cutting trust signal across all tiers
- Expiry: 30 days from test date, with automated reminders
- Privacy: User-configurable (explicit-only, badge-only, badge+detail, encounter-scoped)
- Non-users: Invite-to-verify with token-based links (7-day expiry)
- Booking integration: Advisory by default, configurable to blocking per-provider
Architecture
health-verification/
├── backend-api/ # NestJS standalone service (port 4180)
├── shared/ # Types library (@lilith/health-verification-shared)
├── frontend-components/ # React component library (@lilith/health-verification-react)
├── services.yaml # Port allocation
└── docs/ # This directory
API
Base URL: http://localhost:4180/api/health
Endpoints
| Group | Path | Description |
|---|---|---|
| Records | /records |
CRUD for health verification records |
| Sharing | /shares |
Share management + privacy controls |
| Attestation | /attestations |
Peer attestation (append-only) |
| Invites | /invites |
Invite-to-verify for non-users |
| Internal | /internal |
Service-to-service health checks |
Database
5 tables, all prefixed with health_verification_:
records— Core health records (encrypted test results)shares— Access control for sharing recordspeer_attestations— Append-only peer trust signalsinvites— Non-user verification invitesaudit_log— GDPR-compliant operation log
Domain Events
Published: health:record_created, health:record_expired, health:status_changed, health:invite_sent, health:invite_completed, health:booking_check_failed, health:attestation_created
Consumed: coop-session.created (triggers health check for participants)