Secure Blockchain E-Voting Platform

S — Digital voting pilots often trade transparency for convenience. My dissertation explored whether blockchain could deliver both without overwhelming administrators. T — Prototype an end-to-end election: voter registration, ballot casting, tally verification, and observing, all hardened against tampering and privacy leaks.

• Replay and reentrancy attacks on Solidity contracts.
• Insecure voter onboarding exposing identities.
• Admins tampering with tallies off-chain.
• GDPR violations from storing personal data permanently.

1. Implemented a three-tier stack: React voting UI, Node.js/Express middleware for orchestration, and Solidity contracts on an Ethereum PoA network.
2. Enforced voter registration via hashed IDs + off-chain verification, issuing short-lived JWTs to interact with the contract.
3. Wrote solidity modules for ballot issuance, casting, and tallying with explicit role-based modifiers and event logs for every action.
4. Applied MoSCoW prioritization in DSDM sprints, balancing cryptographic purity with UX for first-time voters.
5. Ran penetration testing (MythX, Ganache fork fuzzing, manual audit) targeting overflow, reentrancy, and timestamp manipulation vectors.
6. Mapped all data flows to GDPR principles, deleting personal fields post-election while keeping anonymized tallies immutable on-chain.

Simulation with 5k synthetic voters completed without double votes or integrity breaches. External reviewers found zero critical smart-contract flaws, and the on-chain audit trail let observers reproduce tallies independently. The project became a teaching asset at the University of Greenwich for applied blockchain security.

Trustworthy civic tech depends on pairing cryptography with pragmatic governance. Guarding privacy while delivering transparency forced me to think like a regulator and an adversary simultaneously.