FAQ


What kind of encryption do you use?

We use PGP (Pretty Good Privacy) to encrypt data that is stored in the cloud. The app uses AES256 from Smartphone to Internet for the encryption of data. Of course, if your phone is hacked, tampered with, if there are cameras watching your phone or there are keyloggers on your computers we cannot guarantee encryption.

Bowhead uses advanced Web3js and the most advanced encryption possible while limiting the amount of information that is stored. We also make ourselves available to answer any encryption, engineering and general questions directly at Bowhead Support


If I lose my private key or 12 word recovery seed is my data lost forever?

Yes, unfortunately we do not store a copy of your backup or private key.


How should I store my private key or recovery seed to my account?

The safest and only way we recommend is to write down your private key or recovery seed on a piece of paper. Please watch this full video of our security advisor and bitaddress.org founder Peter Kroll on the best practices of securing your private key.

Many people have pointed out that if your printer has a virus, it could even relay an image of this to the hacker.


Should I print out, screenshot, or text message my private key to my friends or family?

No, you should write down the 12 word recovery seeds. We do not recommend any other mechanisms for backup.


Can my family, doctor or hospital be the custodian of my private key?

We currently do not offer custodian services. However, similar to how XAPO, provides custodian services for the finance industry we hope to one day work with partners to provide trusted custodian services.


How is my data selectively shared?

Your data that has been selected to be shared with researchers is shared via smart contracts. This smart contract is available for review here:


Once my anonymous data is shared how is it handled?

We do not associate or store your IP with your encrypted data. When you contribute your data to medical research, we take additional steps to ensure that your data is more anonymized. For example, we do not provide your birthday only birth month and year. Please note that anonymized data being transferred via smart contracts is non-reversible. All anonymized information you previously shared is made available forever.


In the whitepaper it states that the token holders will receive rewards based on the research data that is transferred as well as receive rewards for being a masternode on the network? How can this work if the value of the token is hard to calculate?

This is a long term project and we understand that at the moment there are no masternodes and the architecture may be defined as centralized. However, our future development plan is to allow people and organizations to contribute their computer’s processing power, storage and bandwidth to become nodes in exchange for AHT token rewards. Our current focus has been to develop the smart contracts for health data, develop the application and now the researchers dashboard. Our next step will be to further decentralize the system.

At the onset of the network, since the AHT tokens value may be difficult to calculate initially, we will first reward users with a defined consideration for example a 5, 10, 20 EURO Amazon.com card for their anonymized health data contributions.

Once the network fees and rewards model is proved out we will look


How do we know you are not selling things to companies? How do we know this will work?

Bowhead’s purpose is to provide a secure platform for storing health data and contributing to medical research through the sale of anonymized health data for those users that opt-in.

To verify that the system or company exists we welcome you to download our apps available for download today, as well as to see the frequency of app updates we have made since we launched version .01. We are building something difficult and arranged a dynamic team of engineers, doctors and researchers to get there.

Bowhead’s tokensale in 2017 was not available to US or Canadian users. However, users in Canada and US may use the application to store their health data and at their option contribute their anonymized health data to research. Our health data system complies with HIPAA and Health Canada standards.


A database can also store anonymized data, you don’t need a blockchain for this.

Technically, a blockchain is a distributed ledger database. The only difference is that distributed ledgers tend to be more OPEN, can be reviewed and audited more easily.

Using Ethereum’s smart contracts protocol ensures that only the receiving party (in this case the researchers) see the anonymized data and it is done so without associating IP, email addresses. This is the reason an email address is NOT used to create an account!


A database can also store encrypted data, you don’t need a blockchain for this.

Using a distributed ledger allows users to be sure that their information is actually getting encrypted and they are the only key holders. We believe that using a circular argument that the current technology on the market can accomplish the same is insufficient – then why do hacks and data leaks and privacy issues continue to happen? We need a new way forward that ensures that internal and external bad actors have no way of encrypting and decrypting the data.


How do you store data on the blockchain? Isn’t it slow and expensive?

Only your encryption and decryption key is stored on the blockchain. Most of the data storage happens on IPFS (interplanetary file system), which we hope to further decentralize in the future.


Isn’t blockchain just a sales pitch or buzzword?

Yes it is overused, and blockchain for X has been used around the world. However, smart contracts and distributed ledgers and cryptography are very real and very relevant for health data.


Do you use Hyperledger or Ethereum?

We use Ethereum’s smart contracts protocol, it is currently a private blockchain that we hope to further decentralize.


How are your nodes hosted?

We currently host our nodes on AWS, however, in the future we will be onboarding nodes to further decentralize our network.


How is your network “zero trust”?

The user owns and controls the private keys to their encrypted information. To further Bowhead’s system of zero trust we intend to release our code open source – for further verification.


Can we audit your code?

Yes, we welcome any external audits on our smart contracts and infrastructure. Please contact support@bowheadhealth.com

How big is the blockchain now and how big will it reach in the full potential?

Our blockchain is currently ______ but as we described above the data storage occurs on IPFS, which is a storage solution which is intended to operated in a distributed manner. We selected that storage solution because we would eventually like trusted parties and (exploring) public to be able to host without having an impact on the security of the data. As we’ve described this process of decentralization of storage is an evolution due to the nature and sensitivity of data.


Is Bowhead using Ethereum? Didn’t cryptokitties prove that it can’t handle data?

As described, Bowhead uses Ethereum’s smart contract protocol to encrypt and decrypt health data but the data is stored encrypted on IPFS.