GovTrust – Transparent Governance Infrastructure

Making public projects traceable, auditable, and trusted from budget to completion.

Comment

GovTrust :Transparent Governance Infrastructure

Inspiration

Public procurement is where most government corruption hides in plain sight. The same firms win repeatedly, bids cluster suspiciously close to budget ceilings, approvals get rubber stamped, and citizens have no practical way to verify any of it. We wanted to answer one question: what if every decision in the procurement pipeline left a tamper evident trail that any citizen could verify in their browser in under a second. Not a blockchain whitepaper. Not a six month integration. A working system you can open, click Verify Chain, and watch SHA 256 hashes recompute from genesis to head. That became GovTrust.

What It Does

GovTrust is a corruption resistant procurement platform for government contracting. It digitises the full lifecycle from tender creation through bids, AI risk scoring, multi stage approval, contract award, field execution, and citizen feedback, stamping every action onto a hash chained audit log.

Each bid is scored zero to one hundred by an explainable rule based AI engine that publishes the exact factors behind every flag, including price deviation from the median, contractor concentration, sole bidder anomalies, and prior award patterns. Every tender, bid, approval, payment, and moderator action is appended to a SHA 256 chain where one tampered byte breaks the entire chain, and citizens can recompute the whole log from genesis without trusting the server.

Approvals flow through four independent stages, department then financial then compliance then final, so no single official can push a contract through alone, and every signature is recorded on chain. Citizens can submit feedback anonymously, and moderator decisions are public. Budget allocation, release, and spend are tracked per contract with milestone evidence including photos, GPS, and documents uploaded by field officers. Every public dataset is downloadable as CSV or JSON with no login required, and contractor reputation aggregates past performance, on time delivery, dispute history, and risk flags into a public score.

The entire system runs on a single FastAPI process backed by SQLite, with a vanilla JavaScript frontend, small enough to read end to end and fast enough to demo on a laptop.

How We Built It

The backend uses FastAPI, SQLAlchemy, and SQLite, chosen so judges can clone and run the project in under a minute with bash run.sh and no external services or API keys. Authentication uses JWT with role based access for admin, officer, compliance officer, auditor, contractor, and citizen roles. Rate limiting middleware protects authentication and submission endpoints, and routers are organised by domain across auth, procurement, contracts, approvals, contractors, transparency, feedback, and open data.

The AI risk scoring module in risk.py is deterministic and rule based, with no LLM and no third party API. We made this choice deliberately because a government tool must be explainable, auditable, and reproducible, so every score comes with the exact rules that contributed to it. Factors include deviation from median bid, sole bidder detection, contractor win rate concentration, prior flag history, and budget ceiling proximity.

The audit chain in chain.py exposes an append_event function that computes sha256(prev_hash + canonical_json(payload)) for every mutating action and writes a new row. A verify_chain function walks the entire log and recomputes every hash, and the frontend exposes a one click verifier on the audit page. A periodic anchor can be published to provide an external commit point.

The frontend uses vanilla JavaScript, Tailwind via CDN, and a hand written styles.css with a flat professional slate palette, so there is no framework lock in, page loads stay fast, and the code is easy to audit. Charts use Chart.js for the analytics dashboard. The header is mobile friendly, approval history is collapsible, and the milestone modal offers category aware preset dropdowns for construction, technology, energy, and health.

Challenges We Ran Into

Making verifiable actually verifiable was harder than expected. Our early hash chain re serialised payloads inconsistently, so the same event would produce different hashes on different runs. We had to enforce strict canonical JSON with sorted keys, no whitespace, and stable timestamps before the chain became reliable.

We initially wired a placeholder for an LLM scorer. It looked clever in demos but failed our own audit test because judges could not reproduce a score offline and there was no explanation a citizen could read. We removed it and built a deterministic rule based engine that publishes every factor.

The approval workflow had a race condition where two officers could approve the same stage simultaneously and create duplicate signatures. We solved it with a unique constraint on tender ID and stage plus an explicit transactional check.

Our first frontend pass leaned on gradients, emojis, and six accent colours, and it looked like a hackathon project. We did a hard cleanup pass, removed every gradient except a neutral loading shimmer, stripped every emoji, replaced glyphs with proper stroke icons, and consolidated the palette to slate plus three semantic states for success, warning, and error. The result feels like a tool a government would actually use.

Random seed data does not sell the platform, so we hand crafted a seed script with a price fixing scenario, a sole bidder red flag, an honest competitive tender, and a citizen complaint that triggers re review, letting judges see the AI catch real patterns. Throughout the build, every team member wanted to add features, but we held the line on the rule that every feature must serve corruption resistance, which killed several good ideas but kept the product coherent.

Accomplishments We Are Proud Of

We shipped a working hash chain verifier you can click. Open the audit page, press Verify Chain, and watch every hash recompute live in the browser. That single button is the whole pitch.

Our AI risk scoring is fully explainable. Every score breaks down into the exact rules that produced it, with no black box and no API key. The end to end role flows work cleanly across personas, where an officer creates a tender, contractors bid, the AI scores them, compliance approves through four stages, the contract is awarded, a field officer logs milestones with GPS and photos, citizens submit feedback, and a moderator reviews, with every step landing on the audit chain.

Open data is a first class feature, with every public dataset exposing a one click CSV or JSON export and no request access forms. The interface is calm, monochromatic, and serious, which is what a tool about public money should look like. The whole project is cloneable in under a minute with git clone, bash run.sh, and a browser pointed at http://127.0.0.1:8000, with no Docker, no environment file, and no API keys required.

What We Learned

Verifiability beats trust. Saying our data is secure is meaningless, but letting a citizen recompute the chain themselves is everything. Explainable rules beat black box AI for public sector tooling, because the moment you cannot explain a flag in court or in a town hall, the tool loses legitimacy.

Constraints sharpen design. Restricting ourselves to slate plus three semantic colours made every status meaningful, and restricting AI to deterministic rules made every flag defensible. Audit first architecture changes how you write code, and once append_event was central we stopped thinking about CRUD and started thinking about the story the log tells a citizen six months later. Above all, hackathons reward focus rather than features, and cutting scope made the remaining features feel polished and intentional.

What Is Next for GovTrust

We plan to add external anchoring that periodically publishes the audit chain head hash to a public blockchain or a national gazette, so even the server operator cannot rewrite history. A procurement language NLP layer would flag tender specifications that are suspiciously narrow, such as requiring exactly seventeen years of experience in fluorescent paint manufacturing, which is a classic single bidder rigging tactic.

A mobile field application would give officers a stripped down progressive web app for uploading milestone evidence with photo, GPS, and signature over patchy connectivity, with offline first sync. Multi jurisdiction support would let agencies share contractor reputation data and cross flag bad actors across regional boundaries.

Public verification kiosks would offer stand alone Verify A Contract terminals for civic spaces where citizens without internet can audit local projects. Whistleblower safe reporting would add Tor friendly anonymous submission with cryptographic receipts so reporters can prove they filed without revealing their identity. An independent auditor API would expose a read only signed snapshot endpoint designed for civil society organisations, journalists, and academic researchers to ingest without scraping. Localisation work would add translations and currency formatting for pilots in jurisdictions where the corruption resistance value proposition is sharpest.

GovTrust is not trying to replace human oversight. It is trying to make oversight cheap, fast, and unavoidable, so that the next time public money moves, every citizen with a browser can watch.

Built With

  • and
  • bcrypt
  • chart.js
  • css3
  • csv
  • custom-css
  • data
  • github-copilot-for-ai-assisted-development-apis-and-data:-rest-(json)
  • html5
  • inline-svg-icons-database:-sqlite-security:-sha-256-hash-chain
  • javascript-(vanilla)
  • json
  • jwt-auth
  • languages:-python-3.13
  • open
  • passlib/bcrypt-frontend:-tailwind-css-(cdn)
  • pydantic
  • pyjwt
  • rate-limiting-ai:-custom-rule-based-explainable-risk-scoring-engine
  • role-based-access-control
  • sql-backend:-fastapi
  • sqlalchemy
  • statistical-anomaly-detection
  • uvicorn
Share this project:

Updates