System Admin eVotaré is in active development
beta launching soon

Don’t trust us — check it yourself.

Every result eVotaré publishes comes with a cryptographic commitment that anyone can independently re-verify — on their own computer, with open tools, without trusting eVotaré’s servers, our database, or our word.

The problem

“Trust us” isn’t good enough for an election

Most online voting asks you to take the operator’s word for the result. The votes land in a database you can’t see, a tally comes out, and you’re expected to believe nothing was added, dropped, or changed along the way.

An election is exactly the wrong place for that kind of faith. The people running the vote often have a stake in its outcome, databases can be edited, and “we’d never do that” is not something a losing candidate — or a regulator — should have to accept. A result you can only trust is a result you can dispute.

eVotaré is built so you don’t have to trust us. Instead of asking you to believe the tally, we give you the math to check it. Here is how that works.

Step 1 · When you vote

Your ballot becomes a fingerprint that reveals nothing

When you cast a ballot, eVotaré generates a random 32-character nonce — a one-time secret that lives only in your browser and is never stored next to your identity. Your selection, the ballot item, and that nonce are joined into a short line of text and run through SHA-256, a one-way cryptographic hash, producing a 64-character fingerprint we call a leaf:

A leaf is a fingerprint, not a record of your vote. Because SHA-256 is one-way, the leaf can’t be reversed, forged, or altered — change a single character of the ballot and you get a completely different leaf. And to anyone who doesn’t hold your nonce, the leaf reveals nothing about how you voted; it looks like random noise. Only you hold the nonce, so only you can tie that fingerprint back to your ballot.

Step 2 · When results are published

Every ballot is sealed into one number: the Merkle root

At publish time, all the leaves for an item are sorted by nonce and combined in pairs: each pair of hashes is hashed together, then those results are paired and hashed again, and so on up the tree until a single hash remains — the Merkle root. That root is recorded with the published result and chained into an append-only audit log that can’t be rewritten.

The root is a fingerprint of the entire set of ballots at once. Change, add, or remove even one ballot and the root changes — so a tally that has been tampered with after publication can no longer match its own published root, and the mismatch is there for anyone to see.

How three ballots combine into one Merkle root VOTER A voted “yes” VOTER B voted “no” VOTER C voted “abstain” LEAF L0 b0cf75c4… LEAF L1 c467f362… LEAF L2 4eadbe4d… L2 COPIED (ODD NODE) 4eadbe4d… NODE P0 = hash(L0+L1) b225c024… NODE P1 = hash(L2+L2) 03fa6602… MERKLE ROOT = hash(P0+P1) d1f0b6ba…

Three real ballots from the published spec’s worked example. Three is odd, so the last leaf is duplicated so it can pair — then each pair is hashed together, all the way up to one root. These are the actual hash values; you can reproduce every one of them yourself with the commands below.

Step 3 · Check your own vote

Confirm your ballot is in the count

After results publish, your personal receipt shows your nonce, your leaf hash, and the published Merkle root. With those you can confirm two things for yourself: that your leaf really appears in the published set of ballots, and that the leaves genuinely hash up to the root eVotaré published. If both hold, your ballot was counted, exactly as you cast it, and nothing was altered afterward.

Signed-in voters reach their own receipt at /{organization}/verify. It never reveals your vote to anyone else — the nonce that unlocks your leaf stays in your browser, and only you have it.

Step 4 · Anyone can check the whole count

The entire ballot set is public — recompute the root yourself

You don’t have to be a voter, and you don’t have to trust the receipt page. Every published item ships a verification bundle — a JSON file containing the complete list of leaf hashes and the algorithm parameters. Recomputing the root from that bundle takes a few lines of code, or none at all:

No install

Recompute it in your browser

The public verifier at /{organization}/verify/public?item=<id> rebuilds the Merkle root right in your browser using the Web Crypto API. Nothing is sent back to the server — the check runs entirely on your machine.

Open source

Run the reference verifier

tools/verify_merkle.py is a Python script that uses only the standard library — no dependencies to trust. It downloads a bundle, recomputes the root, and exits 0 if it verifies, 1 on a mismatch, 2 on a bad bundle.

One line

Or use any SHA-256 tool

You don’t even need our code. A single sha256sum command reproduces a leaf from its ballot — the same building block the whole tree is made of:

That output matches leaf L0 in the diagram above, and the same worked example in the public Merkle specification, exactly. The full spec documents every rule — the leaf format, the nonce sort, the pairwise hex-string hashing, the odd-node duplication — so an outside auditor can build a verifier from scratch and reach the same root we did.

Secret & verifiable at once

Provably counted, without exposing who voted how

Verifiability and ballot secrecy usually pull against each other — eVotaré holds both. The published leaves carry no voter identity: the table that records the actual ballot casts stores no voter ID at all, and it is never joined to the separate record of who took part. What’s published is a set of anonymous fingerprints and one root.

So the proof shows that a ballot was counted and left unaltered without revealing who cast it, and — to anyone but the holder of the nonce — without revealing how they voted. Because your nonce lives only in your browser and is never stored against your name, no one can later demand you prove your vote from a record they already hold: no such record exists.

The fine print

What this proves — and what it doesn’t

Honesty is part of the point, so here is the precise scope. Cryptography can prove some things completely and cannot prove others at all; we won’t blur the line.

What it proves

  • The published result faithfully includes every ballot committed to the tree — none silently added, dropped, or swapped.
  • The tally has not been altered after publication: any later change to any ballot changes the root, and the root is chained into an append-only audit log.
  • A voter holding their nonce can prove their own ballot is among the counted leaves, exactly as cast.
  • Anyone — voter or not — can recompute the root from the public bundle and confirm it matches, without trusting our servers.

What it does not prove

  • It does not, by itself, prove voter eligibility — that only authorized people cast ballots. Eligibility is enforced separately, when voters are credentialed and checked in.
  • It does not prevent coercion. The math can prove a ballot was counted unaltered; it cannot guarantee no one pressured the voter behind the scenes.
  • It commits to the ballots that were cast; it is not, on its own, an audit of who was allowed to cast them.
  • Only the holder of a nonce can link a leaf to a ballot — so a voter who loses their nonce keeps a correct tally, but can no longer produce their personal inclusion proof.

Run an election you can prove

See how eVotaré fits your board, HOA, or membership — and how the pricing works.