Anonymous eVoting & Feedback Platform
YourVoice is a cryptographically secure anonymous voting platform that uses RSA blind signatures to ensure voter privacy while preventing double-voting. Built with Go, PostgreSQL, and modern web technologies. Youths for Digital Governance Discord: https://discord.gg/5fuFchDAyG
- Anonymous Voting: RSA blind signatures ensure votes cannot be traced to voters
- Double-Vote Prevention: Storage of both anonymous secrets as well as identifiable spent events prevent multiple votes per person
- Network Privacy: Tor network support for complete anonymity
- Secure Architecture: Mathematical privacy guarantees through cryptography
- Open Source: Fully auditable implementation
YourVoice implements a 4-step RSA blind signature protocol:
- AUTH: Voter proves identity without revealing their vote
- BLIND: Voter blinds their randomly generated secret using cryptographic blinding factor
- SIGN: Authority signs the blinded secret without knowing its content
- VOTE: Voter unblinds the signature and submits anonymously via Tor
unblind(sign(blind(message))) = sign(message)
The authority never sees the original secret or the voters decision, and the server cannot link secrets to voter identity.
- Go - Backend server with stdlib HTTP routing
- PostgreSQL - Database with GORM ORM
- Tailwind CSS - Utility-first CSS framework
- Templ - HTML UI framework with Go-native syntax
βββ internal/
β βββ database/ # Database configuration and models
β β βββ models/
β β β βββ Candidate.go
β β β βββ Message.go
β β β βββ MessageEvent.go
β β β βββ Party.go
β β β βββ Vote.go
β β β βββ VoteEvent.go
β β βββ database.go
β βββ handlers/ # HTTP handlers and routing
β β βββ routes/
β β β βββ expression/ # Vote and message submission
β β β β βββ message.go
β β β β βββ vote.go
β β β βββ identity/ # Cryptographic verification
β β β βββ verify.go
β β βββ handlers.go
β βββ middleware/ # HTTP middleware
β β βββ contentTypeJson.go
β β βββ logging.go
β β βββ middleware.go
β βββ utils/ # Cryptographic utilities
β βββ rss.go
β βββ types.go
βββ web/
β βββ static/ # CSS and assets
β β βββ main.css
β βββ templates/ # HTML templates
β βββ index.html # Landing page with API docs
βββ docker-compose.yml # PostgreSQL database
βββ .env # Environment configuration
βββ go.mod # Go dependencies
βββ main.go # Application entrypoint
- Go
- Docker & Docker Compose
- Node.js (for Tailwind CSS)
- Optional: Nix (for reproducible development environment)
nix-shell
# Now you have Go and Node.js availablegit clone https://github.com/ananyatimalsina/yourvoice
cd yourvoice# Go dependencies
go mod tidy
# Node.js dependencies (for Tailwind CSS)
npm installThe .env file is pre-configured for development:
SERVER_PORT=3000
TZ=Europe/Berlin
# PostgreSQL configuration
POSTGRES_HOST=localhost
POSTGRES_USER=postgres
POSTGRES_PASSWORD=postgres
POSTGRES_DB=postgres
POSTGRES_PORT=5432airVisit http://localhost:3000 to see the platform.
Get blind signatures for voting or messaging:
// Request
{
"digest": "blinded_secret",
"event_id": 1
}
// Response
{
"signature": "signed_digest"
}// Request
{
"digest": "blinded_secret",
"event_id": 1
}
// Response
{
"signature": "signed_digest"
}Submit anonymous votes and messages:
// Request
{
"data": "signed_data",
"digest": "unsigned_data",
"vote_event_id": 1,
"candidate_id": 2
}
// Response
"Vote received successfully"// Request
{
"data": "signed_data",
"digest": "unsigned_data",
"message_event_id": 1,
"message": "Your feedback text"
}
// Response
"Vote received successfully"Create models in internal/database/models/:
// internal/database/models/NewModel.go
package models
import "yourvoice/internal/utils"
type NewModel struct {
utils.Expression
// Add your fields
}- Create handler in
internal/handlers/routes/ - Register route in
internal/handlers/handlers.go
GORM auto-migration runs on startup. Models are automatically migrated when the server starts.
# Build CSS for production
npx @tailwindcss/cli -i "./web/static/main.css" -o "./web/static/output.css" --minify
# Build Go binary
go build -o yourvoice main.go
# Deploy binary + web/ directory + .envConfigure production environment in .env:
SERVER_PORT=8080
POSTGRES_HOST=your-db-host
POSTGRES_USER=your-db-user
POSTGRES_PASSWORD=your-secure-password
POSTGRES_DB=yourvoice_prod
POSTGRES_PORT=5432- HTTPS: Always use HTTPS in production
- Database: Use secure PostgreSQL credentials
- Tor Integration: Consider Tor hidden service deployment
- Rate Limiting: Implement API rate limiting
- Logging: Monitor for suspicious voting patterns
The platform implements David Chaum's blind signature protocol:
- Blinding Factor: Random value
ris used to blind the message - Blind Message:
blind = message * r^e mod n - Sign Blind: Authority signs without seeing original:
sig = blind^d mod n - Unblind: Voter recovers signature:
real_sig = sig / r mod n
- Anonymity: Authority cannot link signatures to voters
- Unforgeability: Only authority can create valid signatures
- Single-Use: Secrets are stored to prevent double-voting
- Unlinkability: Submitted votes cannot be traced to sign requests
# Run tests
go test ./...
# Test with verbose output
go test -v ./...
# Test specific package
go test ./internal/utils- Fork the repository
- Create your feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- GitHub: https://github.com/ananyatimalsina/yourvoice
- Live Demo: [Coming Soon]
- Documentation: [This README]
This is experimental software. While implementing well-established cryptographic protocols, it should be thoroughly audited before use in production voting systems. The authors are not responsible for any security vulnerabilities or election integrity issues.
Built with privacy in mind. Express your voice, protect your identity.