Inspiration
Current voting systems often feel like they’re stuck in the past, and that creates a lot of room for doubt. We’ve seen how polarization and a lack of trust can tear communities apart. We wanted to build something that makes people feel like their voice actually counts—not just because they were told so, but because the math proves it
What it does
SecureVote is a simple, secure digital voting platform for any institution — colleges, panchayats, housing societies.
Five problems it solves:
- No fake votes — every voter gets a unique ID and private key. You cannot impersonate someone else.
2.One person, one vote — the system automatically rejects if the same person tries to vote twice.
3.Tamper-proof results — votes are stored on a distributed ledger. No single person can delete, change, or "lose" the results.
4.Complete privacy — we use Zero Knowledge Proofs (ZKP) to verify you are a legitimate voter without ever asking for your name, Aadhaar, phone number, or any personal information. The system knows you are eligible without knowing who you are.
5.No data leaks — because we never collect personal information in the first place, there is nothing to leak, sell, or hack. Your identity stays with you.
How we built it
- Core Infrastructure Language & Backend: Built primarily in Python using the Flask framework to manage the server-side logic and voter interactions.
Cryptographic Foundation: Leverages EC-ElGamal homomorphic encryption on the BN128 curve (via the py_ecc library), providing 128-bit security.
- Security & Verification Layers Zero-Knowledge Proofs (ZKP): Implements Disjunctive Chaum-Pedersen proofs to verify that each encrypted vote is either a 0 or a 1 without revealing the actual choice.
Voter Authentication: Uses a challenge-response protocol with a fresh random nonce for each login. This ensures the raw voter secret never leaves the user's device.
Double-Vote Prevention: Employs nullifiers—unique cryptographic hashes (H(voter_secret ‖ election_id))—to ensure each voter only submits one ballot without exposing their identity.
- Election Management Decentralized Tallying: Votes are summed homomorphically in their encrypted state. The Election Authority only decrypts the final aggregate using a Baby-step giant-step (BSGS) algorithm, meaning individual ballots are never seen.
Public Bulletin Board: Acts as an append-only ledger (simulating a blockchain) where all ballots and proofs are stored for public auditing and independent verification.
Challenges we ran into
Making Privacy Practical: It was a struggle to block multiple voting while keeping the voter’s identity a secret, which we solved by using nullifiers to flag repeat ballots without tracking the person.
Simplifying the Tech: Cryptography is complex, so designing a challenge-response login that felt like a normal password entry while keeping secrets on the user's device was a major UI hurdle.
Managing Math at Scale: Verifying a Zero-Knowledge Proof for every candidate on every ballot is slow, requiring us to optimize the verification logic to keep the system responsive.
Handling More Candidates: Moving beyond a "Yes/No" vote meant each ballot grew in size and complexity, making it harder to maintain speed during the final homomorphic tally.
Accomplishments that we're proud of
Unbreakable Privacy: We successfully implemented a system where the "Election Authority" can count the votes without ever actually seeing who you voted for.
Bulletproof Security: By using Zero-Knowledge Proofs, we created a platform where it is mathematically impossible to "stuff the ballot box" or vote more than once.
Public Trust: We built a Public Bulletin Board that allows anyone on the internet to independently audit the election and verify that the results are 100% accurate.
Seamless Authentication: We’re proud of creating a secure login that protects the user's secret key while keeping the experience simple and human friendly.
What we learned
Trust doesn't require transparency of the vote: We learned that we can prove an entire election is fair and accurate through Zero-Knowledge Proofs without ever compromising an individual's right to a private ballot.
Security is a balancing act: Building the challenge-response protocol taught us that high-level security only works if it's simple enough for a human to actually use without losing their keys.
Math can replace a central authority: By using homomorphic encryption, we realized we don't need a "trusted" central person to count the votes; the math ensures the tally is correct and tamper-proof for everyone to see.
Efficiency is key to scalability: We learned that while complex algorithms like Baby-step giant-step are powerful, they require careful optimization to handle large-scale community participation.
Auditing builds community confidence: Seeing how a public bulletin board allows anyone to verify the results showed us that technical transparency is the best way to reduce polarization and doubt.
What's next for SecureVote
AI-Powered Voter Assistant: We plan to integrate a secure AI agent to answer voters' questions about the voting process and technical security in real-time.
Manifesto Summarization: To help voters make informed choices quickly, we will use AI to provide concise, neutral summaries of each candidate's manifesto and key policy positions. Mobile-First Accessibility: The next step is developing a dedicated mobile application to ensure civic participation is accessible to everyone, regardless of their hardware.
Decentralized Identity Integration: We aim to move toward decentralized identity solutions to give users even more control over their unique IDs and private keys.
Multi-Language Support: To foster inclusivity, we will implement automated translation for policy documents and the voting interface to serve diverse communities.
Log in or sign up for Devpost to join the conversation.