Overview
Prometheus is a secure and anonymous e-voting system I started building for a client, designed to handle large-scale voting scenarios with strong guarantees around integrity and privacy.
The goal is simple to state, but difficult to implement correctly:
Enable people to vote anonymously, while still making the system fully verifiable and tamper-resistant.
The project was initially initiated within a broader IEEE team setup. However, due to the complexity and depth of the problem space, I took full ownership of the system design and implementation, and continued driving the project independently.
Problem Definition
Traditional digital voting systems struggle with a core contradiction:
- You need identity verification (only eligible users can vote)
- But you also need anonymity (votes cannot be traced back)
Prometheus is designed to handle this tension by separating concerns across different system boundaries.
System Architecture
The system is built around domain separation and controlled trust zones:
Identity Zone
- Handles user authentication (OTP-based)
- Issues a credential token (JWT)
- Removes any direct identity linkage after issuance
Anonymous Voting Zone
- Accepts votes using credential tokens
- Validates tokens without accessing user identity
- Prevents double voting via token commitment checks
Verification Layer
- Allows users to verify their vote using a tracker ID
- Exposes integrity endpoints for auditing
- Maintains a verifiable vote chain
Technical Stack
- Backend: .NET 8 (Clean Architecture)
- API Layer: REST-based services
- Database: PostgreSQL (separated per domain)
- Security:
- ECDSA (P-256) signatures
- SHA-256 hashing
- Infrastructure: Docker Compose (multi-service orchestration)
Key Design Decisions
Domain Separation
Instead of a single system handling everything, responsibilities are split:
- Authentication
- Token issuance
- Voting
- Verification
This reduces the risk of identity leakage and simplifies trust boundaries.
One-Time Voting Tokens
Each user receives a single-use credential token.
- Token is cryptographically signed
- Stored as a hash commitment
- Once used, it cannot be reused
This prevents double voting without storing identity.
Verifiable Vote Chain
Votes are stored in a chain-like structure:
- Each vote contributes to a rolling hash
- The system exposes a chain integrity endpoint
- Any tampering becomes detectable
Stateless & Auditable Design
The system is designed to be:
- Stateless where possible
- Fully auditable through public endpoints
- Transparent without revealing sensitive data
Challenges
This project required going beyond standard CRUD application design.
Main challenges included:
- Designing trust boundaries correctly
- Preventing identity-vote linkage
- Ensuring consistency across distributed services
- Building a system that is both anonymous and verifiable
Current Status
- Core architecture is implemented
- End-to-end voting flow is functional
- Verification endpoints are active
- System runs in a containerized multi-service setup
Development is ongoing, with continuous improvements on security and scalability.
My Role
- Led the project from early-stage concept to working system
- Designed the full system architecture and technical approach
- Implemented approximately 99% of the backend codebase
- Defined the security model and data flow
- Built and maintained the full development environment
While the project originated within a larger team context, its current state and implementation are largely the result of my individual execution and ownership.
Next Steps
- Advanced cryptographic enhancements (mixnets, threshold systems)
- Performance optimization under high load
- Improved verification UX
- Hardening for production scenarios
Final Note
Prometheus is not just a project about voting.
It’s a system where trust is not assumed, but engineered.