Complete voting application with cryptographic verification capabilities designed to run securely on your personal device.
Server setup uses containerized deployment with Podman/Docker. Complete deployment instructions are available in the Getting Started guide below.
Research Preview: This is a development prototype designed for researchers, cryptographers, and developers interested in testing the PeaceFounder system. It can be tried on a small scale with <1000 members under the assumption that there won't be an active adversary that will sabotage service availability. Furthermore, only deployment without voting calculator is currently available.
The development prototype includes comprehensive documentation for setting up test elections and verifying the cryptographic protocols. We recommend starting with the provided test scenarios to understand the system's operation.
Start the server container:
podman run -d --name peacefounder -p 127.0.0.1:3221:3221 -p 4584:4584 ghcr.io/peacefounder/peacefounderadmin:latest
The admin panel is hosted on localhost 127.0.0.1:3221
, where you will run a short three-step wizard to configure the system. The admin panel is not directly accessible from external networks for security reasons.
Access the admin panel remotely via SSH port forwarding:
ssh -L 3221:127.0.0.1:3221 user@your-server-ip
This approach handles secure authentication to the server and is free from PKI network trust assumptions. The admin panel will be accessible at http://127.0.0.1:3221
in your local browser.
1. Complete the setup wizard - The admin panel starts with a setup wizard guiding you to select a cryptographic group, choose a hash function, and generate keys. The server generates the guardian key, which is then encrypted with the provided password.
2. Configure server settings - Set up SMTP for member invitations in the Settings panel and specify the public server address for client connections. This could be a local address, a public IP, or a DNS pointing to the PeaceFounder REST API. Using DNS is recommended for seamless server address upgrades.
3. Register members - Send email invitations with unique tokens for secure member registration. The process involves dispatching unique tokens via email that serve as authentication keys in the format HMAC(body|timestamp, token)
.
4. Braid voters - Generate braids to boost anonymity. Currently, the system supports only self-braiding, but future updates will enable braiding between different demes to raise the anonymity threshold.
5. Create proposals - Set up voting proposals with opening/closing times, ballots, and anchor to specific braids. The anchor is the index of a braid whose generator and pseudonyms are used for the vote.
6. Monitor voting - Track votes in real-time through the ballot box ledger. Voters receive receipts including timestamps and cast indices as tracking numbers to locate their votes on the bulletin board.
7. Publish evidence with CI pipeline - Publish evidence using continuous integration pipelines to make checking election integrity more accessible.
1. Registration - Voter enters invite into the voting client that registers it securely to the deme.
2. Membership certification - For member authenticity auditing purposes, voter digitally signs a document with a third party identity provider containing their invite and obtained membership index and sends that to the registrar.
3. Vote casting - Once proposals are submitted, voter can retrieve them on the voting client and cast their vote.
4. Vote tracking - After casting the vote, the device shows a pseudonym alias with which you can track your vote. The device keeps a consistency proof chain to ensure that your vote and votes cast by others can't be dropped unnoticed before tallying.
5. Result verification - Once voting phase ends, a tally board with election evidence is published. Voter can select any statically generated bulletin board mirror and find their vote next to their alias, using timestamps to check that they are exclusive users of the pseudonym, eliminating deception while also being informed of buletin board integrity.
6. Fraud detection - If votes get dropped, some of the voters' devices including the voter whose vote was omitted will detect inconsistency in their kept history tree. The proof can be extracted and verified by any party, proving to everyone that the vote has been rigged.
Comprehensive documentation is included with each download, covering installation, configuration, and the complete testing workflow. Additional resources are available for researchers interested in the underlying cryptographic protocols.
This prototype represents the current state of our research implementation. Development focuses on adding missing essential features and user experience improvements along with performance optimizations, while research attempts to create a foundation for protocol specification and security analysis. Collaboration is highly welcome.
There are several features that are not yet implemented but are essential:
Braiding across different demes (currently only self-braiding is supported)
Vote submission over Tor for untraceability
Various admin panel UI/UX shortcuts that need to be addressed
Static bulletin board website building from published evidence in GitHub/GitLab workflows
Stronger pseudonym ownership verification with identity commitments
Vote submission relay shield for ensuring vote acceptance and recording
These features can currently be addressed with current development resources.
Another set of features discussed, but cannot be implemented due to lack of funding resources:
Voting calculator hardware which is essential for everlasting privacy and receipt-freeness
Mobile application for voting
Software integration with voting calculator for vote casting and tallying
If there were a platform for a voting calculator that could communicate with the voting device over NFC/USB/audio, then software development may be within the current development focus.
On top of that, proper security definitions and proofs are at high priority for the upcoming system extension with voting calculator.
We welcome contributions from researchers and developers interested in advancing secure e-voting technology. The codebase is fully open source under Apache 2.0 license, and we maintain active collaboration with the academic community.
Curios about what PeaceFounder can offer in evoting?
Contact for technical support and collaboration opportunities.