Vpassport: A Digital Architecture to Support Social Restart during the SARS-CoV-2 Pandemic

As a consequence of the Sars-CoV-2 pandemic, the causative agent of the COVID-19 coronavirus, the world is currently witnessing profound changes in everyday life The infection and the resulting death number forecasts generate an increasing threat to the lives of people and the economics of countries As the acute phase of the pandemic ends, the greatest challenge that most governments are currently undergoing is the lack of tools to certify the immunity status of citizens and the related infection risk of the spread of the COVID-19 virus To mitigate this challenge, this study proposes an innovative approach to implement a set of IT tools, here named VPassport, that assist large-scale test execution/result management in a distributed way and store the results of all tests made through all channels in a blockchain under country authority control The proposed approach aims to produce an effective system able to support governments, health authorities, and citizens to take informed decisions on which services and social activities can be accessed respecting policies and rules set by the authorities This aims to allow a controlled restart of the activities of the country, giving to all citizens the possibility to manage their immunity tests while allowing the authorities to manage the reopening of services and social activities The proposed model helps in managing this phase and, therefore, the resulting outcome can be used to authorize possible behaviors (e g , going to the office, production plants, public transportation, theaters, cinemas, etc ) The knowledge of being infected or not in a secure and not modifiable way that can be shown in a simple way, accessible to all, will be the real change in managing the coexistence with the virus until a vaccine will be available for all people


Introduction
Throughout history, civilizations have faced epidemic waves that have often lasted for years. These contagious diseases, like famines and wars, affected populations, appearing and disappearing over the centuries.
In 2020, the world found itself in a fight against a new invisible enemy: the Sars-Cov-2. The virus exploded in China at the end of 2019, and caused COVID-19, an infectious disease that in a short time spread to all continents, classifying itself as the second epidemic of this century. The contagion had a very wide spread in Italy which, immediately, had to face and manage a state of health emergency, a real national calamity. To cope with the spread of the virus, strict containment measures have been approved, to a degree never previously adopted.
Our country, and almost the whole world, experienced almost two months in lockdown, during which only a few essential activities remained operational. The population was divided between those who fought between life and death, in crowded hospitals, almost collapsing and those who remained isolated inside their home in fear and uncertainty about when all this will end and what dramatic consequences it will cause. Digital and technological tools that emerged in the past two decades have revolutionized our lives.

Literature Review
Blockchain is polarizing scientific and media attention, besides creating enthusiasm about its potential uses and role in driving decentralization of society [1] and freedom from central authorities. Much attention has been devoted to the positive or disruptive changes that the broad adoption of this technology will bring to our societies. Beck and Muller-Bloch [2] stated that the advent of blockchain can be compared to the invention of the internet, showing the potential for radical transformations within a number of industries. Although, according to Yermack [3], a first analogical example of this technology was given by Haber and Stornetta's work [4], which proposed a distributed ledger published in public media (e.g., newspapers) for time-stamping the creation of intellectual property, Nakamoto's paper in 2008 [5] put the basis of modern blockchain-based cryptocurrency innovation. Nakamoto's effort was the first to provide a trusted non-territorial digital currency, not depending on centralized and financial institutions, as affirmed by Catalini and Gans [6]. In fact, the majority of research has been conducted in the Bitcoin environment, considering that Bitcoin is currently the most commonly used and important technology using blockchain, with the largest user base. A decade after Nakamoto's white paper, the blockchain technology has moved beyond cryptocurrencies, but still little is known about its promised disruptive potential that goes beyond IT [2]. Indeed, it is surprising that the number of other solutions than Bitcoin using Blockchain is still small. Before 2020, in 80% of the selected papers, the research was conducted in the Bitcoin environment. Only 20% focus on other applications using blockchain technology. Security was one of the major research topics on blockchain and Bitcoin, related to challenges and limitations such as trends and impacts of security incidents, 51% hacker attack problems, data malleability problems, and authentication and cryptography issues. Although several solutions to address these issues have been presented, many of them are just brief idea suggestions, lacking concrete evaluation of their effectiveness. Furthermore, the applications of this technology are almost foreseen in every human field and in this light, possible blockchain utilizations have attracted high expectations [7,8]. Our literature review underlined that much attention must be given to those aspects which, to date, could be identified as the most uncertain or problematic in relation to blockchain and its features (i.e., a distributed ledger, consensus and smart contracts) and its applications on a large scale: trust, law and regulation, decentralized government and governance, because Blockchain promises to deeply transform them and the correlated institutions, because its potential applications are much broader than currency [9][10][11] and well beyond financial services [12,13].
Despite all these considerations, little literature has been dedicated to the challenges Blockchain may pose, apart from the technological ones, since the COVID-19 pandemic spread. Once the technology is consolidated, the obvious question is whether it should be applicable in other contexts equally complex and crucial, such as the management of the pandemic [14][15][16][17][18]. In fact, Blockchain's potential use in healthcare could vary accordingly to satisfy different requirements such as data sharing, security, and data access. In the current sense of pandemic management, Blockchain is evolving as a crucial technology solution in providing a transparent, reliable, and low-cost solution to facilitate successful decision-making and quicker intervention. Blockchain is now showing enough opportunities to become an integral part of fighting against COVID-19 as it would enable efficient tracking and monitoring solutions, ensure a transparent supply chain of vital products and donations, and secure payments.
In this paragraph, we analyze some papers regarding the blockchain-based uses for combating the COVID-19 pandemic [19]. Blockchain technology is capable of enhancing the healthcare sector in various areas that are affected by this outbreak. It can be used for clinical trial management [20][21][22] by recording clinical data in real time as they become available and, therefore, improving accuracy, encouraging data sharing, and ensuring regulatory compliance; for medical supply chain management with the advantages of quicker handling and processing time, reduced costs, lower operational risks, and faster settlements for all parties included [23,24]; for user privacy protection while screening patients' movements to ensure the necessary social distancing requirements simultaneously [23]; for data aggregation for gathering, collating, and studying data about the virus's spread and containment [25,26]; for monitoring patient movements and also offering updates related to affected areas in real time [27,28]; for donation tracking by eliminating intermediaries, saving costs, minimizing donation exploitation, and boosting social cohesion [29,30]; for outbreak tracking in which data handled through such a network are reliable, accurate, tamper-free, and transparent and, therefore, governments can be updated better on the status of the coronavirus pandemic for improved planning and management, such as forecasting the outbreak, isolating possible territories, and tracking the spread of the infection [31].

The COVID-19 Pandemic Virus
Coronaviruses (order of Nidovirales, Coronaviridae family) are a category of respiratory RNA viruses. They are so called because, when viewed under an electron microscope, they appear with a very similar appearance to that of a crown.
These viruses are common in many animal species (such as camels and bats) but in some cases, they can evolve and infect humans, carrying out what experts call the "species jump" or "cross-species transmission". In order for this to happen, two conditions are necessary: (i) contact between man and animal (not necessarily live animals, but also slaughtered meat); and (ii) the ability of the animal virus to replicate within the human body. In fact, if on the one hand the high frequency with which it comes into contact with an infected animal increases the chances of contracting the virus, on the other it is necessary that the virus itself is able to adapt to the human body. However, the passage from animal to man is not enough to spread it among men. It is essential not only that the virus adapts to replicate-that is, to increase in number, in infected subjects-but also that it is able to transmit itself to another human being and, as transmission increases, the ability to adapt to the host man increases [32]. Coronaviruses are responsible for several respiratory infections, ranging from the common cold to far more serious diseases such as Mers and Sars and the very recent COVID-19 [33]. In general, the difference between the effects that a virus can cause depends on the reaction capacity of our immune system; fortunately, in most cases, it is able to control or eliminate the virus [34].
COVID-19 (COronaVIrus Disease 19), or acute respiratory disease from Sars-Cov-2, is an infectious respiratory disease caused by the Sars-Cov-2 virus. It is still unclear exactly when it started to spread in China, in the province of Hubei. It officially appeared in December 2019, but some experts believe that it may have spread previously. On 11 March 2020, the World Health Organization (WHO) rated COVID-19 as the first coronavirus pandemic [35]. In fact, in less than three months from the identification of the first cases, 114 countries were involved, with more than 4,193,381 cases of contagion and 283,992 deaths on 11 May 2020 [36].
Unfortunately, since it is a new virus, our immune system is unable to counter it; also because its origin is not yet fully known, there is neither a vaccine available that can block its spread, nor a specific drug capable of ensuring adequate therapy for patients with the disease. What is certain is that the virus is able to spread very quickly and has a mortality rate estimated by the WHO of around 3-4% [37], although it is necessary to specify that the mortality estimates during an epidemic or a pandemic are indeed inaccurate [38]. It is clear that the latter is the most worrying aspect of the pandemic; the continuous increase in cases of contagion inevitably leads to an overcrowding of health facilities, an aspect that becomes harmful not only due to the lack of places for potential new COVID-19 patients, but also for those who may need hospitalization for other reasons.
Unfortunately, at the end of February 2020, Italy was found to have been hit harder than any other country in Europe. On February 21 in Codogno (a Lombardy town with about 15,000 inhabitants) the first case of infection not imported from China was detected. The Lombardy region, in collaboration with the Italian Higher Institute of Health (ISS) and the Italian Ministry of Health, immediately began investigating patient contacts, identifying the outbreak in the Codogno area but, to date, there is no certainty regarding the source of infection. In a short time, the virus spread throughout the country, mainly attacking the northern regions. Sars-Cov-2 is a virus capable of spreading very quickly, so in the absence of vaccines and/or effective therapies it is necessary, in order to limit the spread of the disease, to adopt effective measures aimed at reducing the number of reproduction, or R 0 . This parameter represents the average number of secondary infections produced by each infected individual in a completely susceptible population; that is, never coming into contact with the new emerging pathogen, and measures the potential transmissibility of an infectious disease. In general, the higher the R 0 value, the more difficult it is to control the epidemic: when R 0 < 1 the infection dies out in the long run; when R 0 > 1 the infection is able to spread in a population. According to the WHO, the basic reproduction number for Sars-Cov-2 is between 2 and 2.5. This means that each infected person can infect an average of 2.25 people [37]. The R 0 parameter is important as it is a function of three variables: (i) the probability of transmission by single contact between an infected person and a susceptible one; (ii) the contact number of the infected person; (iii) the duration of infectivity. By reducing at least one of the three variables, it is therefore possible to control, or at least delay, the spread of the pathogen to other people. The probability of transmission and the duration of infectivity cannot be changed at this stage, but the immediate diagnosis/identification of the infected person, or of the potentially infected person, and the possibility of reducing his contacts with other people would allow a reduction in R 0 .

The Blockchain Paradigm
The Bitcoin Blockchain [5] is an open, decentralized public ledger for transaction records. In this section we briefly introduce the technology and summarize its main features in order to understand its application in our software architecture. We refer the reader interested in a complete description to read Narayanan et al. [39] (2016) and Antonopoulos [40].
In the "Bitcoin economy", a fixed number of new bitcoins are minted every ten minutes on average. Informally speaking, bitcoins are always tied to bitcoin addresses (after the time they are minted) and they can be transferred from one address to another by means of transactions. Anyone can generate new addresses, receive an amount of bitcoins, and send them to other addresses. In principle, anyone is also allowed to participate in the "race" to generate new bitcoins. There is no "authority" regulating the minting process (mining in the language of Bitcoin) and no "bank" managing transactions. All this is possible thanks to an ingenious combination of a few classical cryptographic concepts (namely, cryptographic hash functions [41] and digital signature schemes [42] with the flexibility of peer-to-peer networks [43]. All nodes participating in the Bitcoin system are connected toward an unstructured peer-to-peer network running on top of the internet: every time the Bitcoin software is executed on a computer (or smartphone, tablet, or any other device with the appropriate computational and connectivity capabilities), that computer becomes a node of the network; i.e., the software connects to a small set of other nodes running the same software and those nodes become its neighbors. Neighbors bring the new node up-to-speed on the current state of the system and constantly keep exchanging with it small packets of information. When a node receives a packet from one of its neighbors, it has all the information needed to verify the validity of the packet; if the packet turns out valid, the node forwards it to all its other neighbors that in turn will check the validity and forward the packet to their own neighbors. In this way, each newly-generated valid packet reaches all the nodes of the network, within two seconds or so. The information contained in the packets exchanged by the nodes of the Bitcoin network is, in most of the cases, either a transaction or a block.
Simplifying a little bit, we can say that a transaction is made by (one or more) input addresses, output addresses, digital signatures, and some room for a small optional message. The transaction reassigns to the output addresses the bitcoins currently assigned to the input addresses. In order to be valid, the digital signatures must be done with the private keys associated with the input addresses. As mentioned in the previous paragraph, a valid transaction sent by a node of the network reaches all the nodes within a few seconds. At this stage the transaction is still considered "unconfirmed" even though all the nodes are already aware the transfer of bitcoins occurred from the input addresses to the output addresses and they would not consider valid any other transaction with the same input addresses. The transaction becomes "confirmed" when a miner includes it in the next valid block.
Miners are nodes of the network that, in addition to the operations performed by any other node, use their computational power to try to generate the next valid block of the ledger. If they succeed, they get as a reward the newly minted bitcoins that come with it plus the transaction fees that come with any transaction they include in the block. In order to understand the details of this process, some preliminary technical notions about cryptographic hash functions would be needed. However, for the purpose of this paper it is enough to note that, in order to be considered valid, a block has to contain a link to the previous valid block, a timestamp, a digital fingerprint of the set of transactions included in the block, and a nonce; i.e., a number satisfying some properties. Finding such a nonce is a matter of brute-force search and the chances that a specific miner finds one are directly proportional to the computational power the miner uses for that purpose. When a miner finds such a nonce for its own block, the miner sends the block to all nodes via the peer-to-peer network, each node can independently verify that the block is actually valid, and all miners will start considering that one as the last valid block to link. The sequence of blocks, each one linked to the previous one, up to the genesis block mined by Satoshi Nakamoto in January 2009, forms the blockchain.
Blockchain is growing, by design, at an average rate of one new block every ten minutes. Everyone can run a node of the Bitcoin network and keep a copy of all the blocks and all the transactions included in them since the genesis block. Moreover, anyone can send a transaction to the other nodes and, if the transaction is valid, it will be included in one of the next blocks by the miners. When the block including the transaction is followed by a small number of new blocks, that transaction can be safely considered "permanently stored" in the blockchain. By suitably using the small room for a message allowed in Bitcoin transactions, one can thus use blockchain as a publicly-accessible, write-only, and timestamped storage medium. This is what makes it an effective platform for digital certificates, as we will see in the next sections.

The Vpassport
With phase two of the COVID-19 pandemic management we see the emerging need to test people for positiveness to COVID based on the execution of a portable test.
The test result will become mandatory information to allow the citizen to access services. Until a vaccine is widely available there will be the need to routinely test people for positiveness to COVID-19 before allowing them to get back to normal activities that require close physical contact (e.g., going to offices, production plants, on public transportation, to theatres, cinemas, etc.).
The result of the test must be certifiable as it becomes crucial for each citizen and for the authorities to know immunity status to control the risk of disease spread.
To make it possible to implement tests at larger scale (>20 M people) will require a novel approach. The requirement to execute the test in medical offices to certify the result (by a local doctor or hospital) is not advisable both because of health service bandwidth (e.g., share of time of medics to devote to test execution) and due to the need to concentrate people in hospitals or medical labs, which is both non-advisable and not feasible.
Therefore, the test should be executable as self-service, with a disposable test device (ideally similar to a pregnancy test) assisted by a PC and/or app or as an alternative in distributed controlled points (e.g., pharmacies) equipped with a dedicated device.
Each time a citizen needs to be tested the result should be encrypted, and securely stored and the status of the test for each citizen should be made available through the web or app to be shown to authorities and, as a result, it authorizes a possible behavior (e.g., giving the citizen a "go" to get into a theatre).
The usage of blockchain for storing the encrypted result of the test seems a good match as it makes the result of each test tamper-proof.
We therefore propose to implement a service (named VPassport in the following) that assists the test execution in a distributed way and stores the results of all tests made though all channels in a blockchain under authority control.
Each test should have a unique ID that after test execution is stored together with citizen identity, timestamp, and test result. The result of the test should be privately visible to the citizen. All authorities should also have access to the results for each citizen and have access through a unique citizen code (in Italy the "codice fiscale").
As we expect the test to be required for all citizens on a regular basis (e.g., weekly or bi-weekly) the citizens should be informed of the need to undertake the test in order to qualify for service access. There should be a public central store to communicate to all citizens which test(s) are needed to access a service (e.g., to access a hospital, a stricter test could be required compared to the one used to get access to a public park). Moreover, to manage the risk of infection between two consecutive tests, the age of the last executed test must be taken into account (e.g., getting into a theatre could require a closer-in-time test execution compared to accessing a commercial mall).
The envisioned Vpass solution should then include:

1.
A way to associate and store unique ID to each disposable test.

2.
A blockchain to store test results in an encrypted, secure, and tamper-proof way. 3.
A software system to execute tests as a self-service based on a combination of web services and app. This could be augmented with dedicated devices to be placed in pharmacies with a combination of testing disposable devices, capability to execute the test, and ability to register test results.

4.
An app/web service to remind citizens of needed tests and actual test results. Such an app could also show the services that the citizen can access given the actual status of testing undertaken. The app should be able to represent the status of the citizen (e.g., through a QR code) to ease access to social activities.

5.
An app/web service for police or delegated authorities to validate the possibility for a citizen to access a service.
It should be noted that such an approach could be in perspective generalized to manage the vaccine status of citizens in order to have a complete mapping of citizens vs. vaccines vs. available services.
In Figure 1, our Vpassport high-level architecture is presented. Figure 1. Vpassport high-level architecture.

Conclusions
The year 2020 started with a Black Swan [44] that no country was ready to face: the new coronavirus, Sars-Cov-2. The consequences of what was happening have been initially significantly underestimated. Now that there is awareness and that weeks of lockdown have been faced in most of the states of the world, we have to manage phase two with the need to reopen social activities while the virus is still circulating and in the absence of a vaccine. The impact of the pandemic goes well beyond the number of full-blown cases of positivity and deaths. There are impacts on people's lifestyle and habits, and the way of relating, working, studying, traveling, and being together will change. Although it is called phase two, it is definitely not an "after", because nobody knows how long it will last and therefore nobody in the current state of things has understood if there will really be an "after" or it will be a different "ongoing" one. However, the countries of the world, especially those most severely affected by the virus, need to restart productive and economic activities to avoid further economic impact and recession. Therefore, it is essential to restart everything while ensuring safety and feasibility to avoid rebounds of the epidemic that would have even more devastating consequences. Our paper aims to propose a digital solution to help manage the phase of the pandemic when the need to test people for positivity to COVID-19 emerges as a priority and the test results will become mandatory information to allow citizens to access services. Our proposal, named VPassport, could assist large-scale test execution in a distributed way and store the results of all tests made through all channels in a blockchain under authority control. The test would be executed as self-service, with a disposable test device assisted by a personal computer and/or app or, as an alternative, via distributed controlled points (e.g., pharmacies). Test results would be encrypted, and securely stored in the blockchain. As a result, this procedure digitally supports the process of authorizing allowed behaviors during the phase of social restart after the pandemic, supporting the minimization of the risks to public health and safety, which is essential for restarting entire country systems. Our VPassport could

Conclusions
The year 2020 started with a Black Swan [44] that no country was ready to face: the new coronavirus, Sars-Cov-2. The consequences of what was happening have been initially significantly underestimated. Now that there is awareness and that weeks of lockdown have been faced in most of the states of the world, we have to manage phase two with the need to reopen social activities while the virus is still circulating and in the absence of a vaccine. The impact of the pandemic goes well beyond the number of full-blown cases of positivity and deaths. There are impacts on people's lifestyle and habits, and the way of relating, working, studying, traveling, and being together will change. Although it is called phase two, it is definitely not an "after", because nobody knows how long it will last and therefore nobody in the current state of things has understood if there will really be an "after" or it will be a different "ongoing" one. However, the countries of the world, especially those most severely affected by the virus, need to restart productive and economic activities to avoid further economic impact and recession. Therefore, it is essential to restart everything while ensuring safety and feasibility to avoid rebounds of the epidemic that would have even more devastating consequences. Our paper aims to propose a digital solution to help manage the phase of the pandemic when the need to test people for positivity to COVID-19 emerges as a priority and the test results will become mandatory information to allow citizens to access services. Our proposal, named VPassport, could assist large-scale test execution in a distributed way and store the results of all tests made through all channels in a blockchain under authority control. The test would be executed as self-service, with a disposable test device assisted by a personal computer and/or app or, as an alternative, via distributed controlled points (e.g., pharmacies). Test results would be encrypted, and securely stored in the blockchain. As a result, this procedure digitally supports the process of authorizing allowed behaviors during the phase of social restart after the pandemic, supporting the minimization of the risks to public health and safety, which is essential for restarting entire country systems. Our VPassport could be used also for the tracking of people who were given the vaccine in order to allow a controlled restart of the activities of the country, giving to all citizens the possibility to manage their immunity tests and their vaccine certificate while allowing the authorities to manage the reopening of services and social activities.
Author Contributions: G.C. and P.B. contributed in the same measure for the realization of the architecture and the writing of the paper. All authors have read and agreed to the published version of the manuscript.
Funding: This research received no external funding.