WorkPass

In today's workplace, your professional information including certifications, health records, training history, and emergency contacts is scattered across employer systems, HR platforms, and third-party databases. You submitted it once, maybe twice, maybe a dozen times across different jobs. But you never really owned it.

WorkPass changes that.

The Problem

Our client came to us with a clear frustration. Workers have no meaningful control over their own professional data. Once information is submitted to an employer, it sits in systems the worker cannot see, cannot audit, and cannot take back. There is no transparency over who accessed it or when. There is no way to revoke access. And when a worker moves to a new employer, the cycle starts all over again.

The question our client asked us to answer was simple but ambitious. What if workers could own their own data, decide who sees it, and have every access event permanently recorded?

WorkPass is a full-stack, blockchain-powered web application that puts professional data ownership back in the hands of workers. It is not just a document storage system. It is a permission management platform where every request, approval, and revocation is recorded on the blockchain, creating an auditable trail that no single party can alter.

The application supports two distinct user types.

Workers can maintain a centralised work profile containing their professional information. When an employer requests access to specific data, the worker receives the request, reviews exactly what is being asked for, and chooses to approve or reject it. If approved, they can set an expiry date so access automatically ends, or revoke it manually at any time.

Employers can submit access requests to workers for specific information they genuinely need. Once approved, they gain read access to the relevant data. Every interaction is logged, timestamped, and verifiable.

Key Features

Consent-Based Access

No employer gains access to worker data automatically. Every single request requires explicit approval from the worker. There are no assumptions, no defaults, and no silent data sharing.

Full Access Control

Workers can set expiry dates on approved access or revoke it at any time. Access is never permanent unless the worker chooses it to be.

Tamper-Proof Audit Trail

Every access request, approval, rejection, and revocation is recorded as a transaction on the blockchain. These records cannot be altered by any party including the employer, the platform, or the developers.

Centralized Work Profile

Workers maintain a single source of truth for their professional information. No more re-entering the same details across every new employer or system.

Tech Stack

WorkPass is built across three layers. The frontend is developed using Next.js with TypeScript, giving us a robust and type-safe user interface with Tailwind CSS handling all the styling. The backend is an ASP.NET Core API written in C#, connected to a PostgreSQL database hosted on Supabase through Entity Framework Core.

The blockchain layer is built using Hardhat, a local Ethereum development environment that lets us develop and test smart contracts without needing a live network. Our smart contracts are written in Solidity and target the EVM ecosystem, meaning the application can run on any Ethereum-compatible chain. This layer is responsible for recording every permission transaction on-chain, ensuring the audit trail is permanent and tamper-proof.