Every result eVotaré publishes comes with a cryptographic commitment that anyone can independently re-verify — on their own computer, with open tools, without trusting eVotaré’s servers, our database, or our word.
Most online voting asks you to take the operator’s word for the result. The votes land in a database you can’t see, a tally comes out, and you’re expected to believe nothing was added, dropped, or changed along the way.
An election is exactly the wrong place for that kind of faith. The people running the vote often have a stake in its outcome, databases can be edited, and “we’d never do that” is not something a losing candidate — or a regulator — should have to accept. A result you can only trust is a result you can dispute.
eVotaré is built so you don’t have to trust us. Instead of asking you to believe the tally, we give you the math to check it. Here is how that works.
When you cast a ballot, eVotaré generates a random 32-character nonce — a one-time secret that lives only in your browser and is never stored next to your identity. Your selection, the ballot item, and that nonce are joined into a short line of text and run through SHA-256, a one-way cryptographic hash, producing a 64-character fingerprint we call a leaf:
A leaf is a fingerprint, not a record of your vote. Because SHA-256 is one-way, the leaf can’t be reversed, forged, or altered — change a single character of the ballot and you get a completely different leaf. And to anyone who doesn’t hold your nonce, the leaf reveals nothing about how you voted; it looks like random noise. Only you hold the nonce, so only you can tie that fingerprint back to your ballot.
At publish time, all the leaves for an item are sorted by nonce and combined in pairs: each pair of hashes is hashed together, then those results are paired and hashed again, and so on up the tree until a single hash remains — the Merkle root. That root is recorded with the published result and chained into an append-only audit log that can’t be rewritten.
The root is a fingerprint of the entire set of ballots at once. Change, add, or remove even one ballot and the root changes — so a tally that has been tampered with after publication can no longer match its own published root, and the mismatch is there for anyone to see.
Three real ballots from the published spec’s worked example. Three is odd, so the last leaf is duplicated so it can pair — then each pair is hashed together, all the way up to one root. These are the actual hash values; you can reproduce every one of them yourself with the commands below.
After results publish, your personal receipt shows your nonce, your leaf hash, and the published Merkle root. With those you can confirm two things for yourself: that your leaf really appears in the published set of ballots, and that the leaves genuinely hash up to the root eVotaré published. If both hold, your ballot was counted, exactly as you cast it, and nothing was altered afterward.
Signed-in voters reach their own receipt at /{organization}/verify. It never
reveals your vote to anyone else — the nonce that unlocks your leaf stays in your
browser, and only you have it.
You don’t have to be a voter, and you don’t have to trust the receipt page. Every published item ships a verification bundle — a JSON file containing the complete list of leaf hashes and the algorithm parameters. Recomputing the root from that bundle takes a few lines of code, or none at all:
The public verifier at /{organization}/verify/public?item=<id>
rebuilds the Merkle root right in your browser using the Web Crypto API. Nothing is
sent back to the server — the check runs entirely on your machine.
tools/verify_merkle.py is a
Python script that uses only the standard library — no dependencies to trust. It
downloads a bundle, recomputes the root, and exits 0 if it verifies,
1 on a mismatch, 2 on a bad bundle.
You don’t even need our code. A single sha256sum command reproduces
a leaf from its ballot — the same building block the whole tree is made of:
That output matches leaf L0 in the diagram above, and the same worked example in the public Merkle specification, exactly. The full spec documents every rule — the leaf format, the nonce sort, the pairwise hex-string hashing, the odd-node duplication — so an outside auditor can build a verifier from scratch and reach the same root we did.
Verifiability and ballot secrecy usually pull against each other — eVotaré holds both. The published leaves carry no voter identity: the table that records the actual ballot casts stores no voter ID at all, and it is never joined to the separate record of who took part. What’s published is a set of anonymous fingerprints and one root.
So the proof shows that a ballot was counted and left unaltered without revealing who cast it, and — to anyone but the holder of the nonce — without revealing how they voted. Because your nonce lives only in your browser and is never stored against your name, no one can later demand you prove your vote from a record they already hold: no such record exists.
Honesty is part of the point, so here is the precise scope. Cryptography can prove some things completely and cannot prove others at all; we won’t blur the line.
See how eVotaré fits your board, HOA, or membership — and how the pricing works.