Votum

Votum, a transparent voting app built with Compose Multiplatform and a Polkadot backend. Cast, verify, and trust every vote, secure, open-source, and built for the next generation of democracy.

Comment 1

Inspiration

Let’s be real: trust in traditional voting systems is at an all-time low. Whether it’s paper ballots getting "lost" or digital black boxes that nobody can audit, the current state of democracy feels like it’s running on legacy code.

We asked ourselves: Why can’t we bring the transparency of the blockchain to the most important civic duty we have?

We wanted to build something that wasn't just a theoretical crypto-experiment, but a robust, corruption-resistant infrastructure that a real government could actually use. We were inspired by Polkadot’s shared security model to create Votum a system where every vote is immutable, verifiable, and impossible to tamper with, yet easy enough for a non-technical voter to use.

What it does

Votum is a hybrid voting platform that bridges the gap between Web2 usability and Web3 security.

  • For the Voter: It provides a secure way to register, verify identity, and cast a vote from anywhere. Privacy is paramount voters remain anonymous, but they receive a cryptographic proof that their vote was counted.
  • For the Public: It acts as a "glass ballot box." Anyone can audit the election in real-time. Results are aggregated live, and the audit trail allows for complete history verification.
  • For the System: It prevents double-voting and tampering by anchoring every single ballot onto the Polkadot blockchain.

How we built it

We didn't just slap a smart contract on a webpage; we built a full-stack architecture designed for scale and security.

  • Frontend (Compose Multiplatform): We used Kotlin and Compose Multiplatform to share UI logic between Android and iOS. This let us move fast and keep a consistent design language across devices.
  • The Backbone (Node.js & TypeScript): We built a robust RESTful API using Node.js. We went heavy on TypeScript to ensure strict type safety because when you're dealing with votes, you can't afford undefined errors.
  • The Brain (Polkadot.js): This is where the magic happens. We integrated the Polkadot.js API to interact directly with Substrate. This handles the cryptographic signing and the immutable storage of vote hashes.
  • The Memory (PostgreSQL & Prisma): We used Postgres for relational data (like user profiles and election metadata) and managed it with Prisma ORM to keep our database queries clean and safe from SQL injection.
  • The Speed (Redis): To ensure the app doesn't crash during high-traffic election moments, we implemented Redis for caching and session management.

Challenges we ran into

  • The CMP Learning Curve: Wrangling Gradle configurations and getting the iOS simulator to play nice with our shared Kotlin logic was a battle. There were definitely some late-night debugging sessions just to get the UI to render correctly on both platforms.
  • The "Hybrid" Headache: Syncing state between a traditional SQL database and the blockchain is tricky. We had to ensure that if a transaction failed on-chain, the database rolled back perfectly to prevent "ghost votes."
  • Performance vs. Decentralization: Blockchains are inherently slower than centralized databases. Optimizing the user experience so voters didn't have to wait for block finalization to feel like their vote was "submitted" required some clever async architectural decisions.
  • Privacy Paradox: figuring out how to verify a voter's eligibility without permanently linking their identity to their specific vote choice on the public ledger was a massive logic puzzle.

Accomplishments that we're proud of

  • "Write Once, Run Everywhere": Successfully getting the Compose Multiplatform client to build and run on both Android and iOS and talk to our local backend.
  • The Audit Trail: We successfully built a system where you can trace a specific transaction hash back to a verified vote. Seeing that first vote land on the chain and show up in our audit endpoint was a huge "Aha!" moment.
  • Security First: We didn't skimp on safety. We implemented rate limiting, helmet for HTTP headers, and rigorous JWT authentication strategies. It’s hackathon code, but it’s production-minded.
  • Clean Architecture: Despite the time crunch, we maintained a clean separation of concerns (Services, Controllers, Routes). The codebase is actually readable!

What we learned

  • Polkadot is Powerful: We gained a deep appreciation for the Polkadot ecosystem and how its shared security model is perfect for governance use cases.
  • Trust is an Engineering Problem: We learned that "trust" isn't just a feeling; it's a series of cryptographic proofs. Cross-Platform is the Future: Compose Multiplatform is powerful, but it requires a different mindset than native Android development.
  • Docker is a Lifesaver: Containerizing the setup saved us hours of "it works on my machine" debugging.

What's next for Votum

We’ve built the MVP, but the roadmap is exciting:

  1. Cross-Chain Governance: Leveraging Polkadot's interoperability to allow cross-chain voting mechanisms.
  2. AI Fraud Detection: Implementing AI to analyze voting patterns in real-time to flag suspicious activity (like bot voting).
  3. Live Websockets: Currently, we pull results via REST, but we want to move to WebSockets for true real-time election watching. Democracy needs an upgrade. We think Votum is the first step.

Built With

Share this project:

Updates