Aldhufiri, Dib, Alothman | Kuwait College of Science and Technology

Empowering Digital Autonomy via E-Accessibility

Tawkelat: A Blockchain-Based Power of Attorney

Othman Aldhufiri1, Omar A. Dib2, Basel Alothman1

1Computer Science & Engineering, Kuwait College of Science and Technology (KCST)
2Systems Engineering, Azeer Core

Presented at ATSN 2025

The Problem Space

Physical Barriers

Elderly & disabled individuals struggle with mandatory physical presence.

Procedural Delays

Paper trails are inefficient, slow, and prone to manual errors.

Trust & Fraud

Paper documents are vulnerable to alteration, coercion, and forgery.

Related Work & The Gap

Why Tawkelat? Bridging the gap between theory and usability.

Study Core Technology Limitation Tawkelat Advantage
Sholihah et al. [3] DSA (Digital Sig.) Centralized Trust (SPOF) Decentralized Verification
Pfefferling [4] Blockchain Spec Theoretical Only Implemented Mobile App
Tawkelat (Ours) Private Ledger - High E-Accessibility Focus

Introducing Tawkelat

A Mobile-First, User-Centric Legal Delegation System
Principal Grants Power
Tawkelat App Secure Interface
Signatory Registry Private Blockchain
Agent Executes Power
Goal: Secure legal delegation from home, without intermediaries.

System Walkthrough

Login
Kuwait Mobile ID Integration
Identity
Active POAs
Status: Active
Status: Revoked
Dashboard

Hybrid System Architecture

Off-Chain (Private)

SQL Database

  • User Profiles
  • PII (Personal Data)
  • Encrypted Docs
SHA-512 Hash
On-Chain (Public/Shared)

Private Ledger

  • Document Hash
  • Signatures
  • Timestamps
  • No Sensitive Data
Ensures GDPR Compliance while maintaining immutability.

POA Lifecycle State Machine

DRAFT
ISSUED
ACTIVE
REVOKED
Immutability Feature: Revocation writes a new block to the chain. The previous active state is historically preserved but logically invalidated.

Design Philosophy: Empowerment

Accessibility

  • WCAG Principles: Perceivable, Operable, Robust.
  • UI Design: Large touch targets, high contrast.
  • Cognitive Load: Simplified terminology.

Security

  • MFA: Email/SMS verification for every signing event.
  • Non-Repudiation: Blockchain history prevents denial.
  • Encryption: SHA-512 Hashing.

Technology Stack

MAUI
.NET MAUI Cross-Platform UI
+
ASP
ASP.NET Core Backend API
+
SQL + CVCL Hash-Linked Ledger
CVCL: Cryptographically Verifiable Centralized Ledger (Simulates blockchain structure in SQL)

Experimental Results

Performance analysis of core blockchain operations.

Operation Average (ms) P95 (ms)
Hash Generation (SHA-512) 0.0013 0.0011
Block Validation 0.0009 0.0010
Block Mining (Anchoring) 131.26 437.10
~131ms latency is sufficient for real-time UX

Legal & Regulatory Compliance

Privacy (GDPR)

  • Right to Erasure: PII is off-chain and can be deleted.
  • Data Minimization: Blockchain stores only anonymous hashes.

Validity (eIDAS/ESIGN)

  • Audit Trails: Meets ESIGN requirements for record retention.
  • Identity: Integration with Gov Digital ID for 'Substantial' assurance.

Limitations & Future Work

1
Current: Centralized Ledger (CVCL)
2
Next Step: Distributed Consensus
Migration to Hyperledger Fabric for multi-org trust.
3
Enhancement: Biometric Binding
Native FaceID/Fingerprint integration for signing.

Conclusion

Solved: Removed physical barriers to legal autonomy.

Secured: Immutable audit trails via private blockchain.

Delivered: A working, mobile-first prototype.

Thank You!

Questions?

Scan to read paper