SecureVote

SecureVote is an end-to-end verifiable (E2E-V) election platform built for environments where "good enough" isn't an option. Seven isolated Go services back three physically separated MariaDB databases — registration, election, and votes — with mTLS between every component and air-gapped tabulation as the final stop.

Each ballot lives inside a precinct-level Merkle tree, aggregated hierarchically to county and state. Voter authentication combines biometric verification with RSA-2048 blind signatures so the system can prove eligibility without learning who voted for what. The whole crypto stack is algorithm-agile: it's architected from day one to swap in CRYSTALS-Dilithium and SPHINCS+ without redesign, so the post-quantum migration is a deployment, not a rewrite.

The companion SecureVote Remote Android app (Kotlin + Jetpack Compose, Android 8+) brings the same protocol to in-the-field voting via NFC and QR. It runs offline-tolerant ballot rendering from a signed Ballot Definition File, then submits over mTLS when connectivity returns. A Voter-Verified Paper Audit Trail (VVPAT) runs in parallel as the ultimate fallback. SecureVote is already deployed by multiple community organizations running real elections in production.