App for truly anonymous voting

Hello. i maintain a nextcloud instance, for an association of about 800 members. We need a tool for online voting in the general assemblies, and an unavoidable requisite is that it allows anonymous voting.

I’ve seen that there are two nextcloud apps, polls and forms, that allow online voting, and have an “anonymous” option. But the forms function, when you create an anonymous forms, simply doesn’t register the user that is submitting, thus one user may send the same form many times. This invalidates it as a voting tool.

And the polls app simply hides the voter names, but the vote author and value are stored plainly together, and visible to the creator of the poll.

What we need is a system that registers that a user has voted, but stores the value encrypted or somewhat separated from the user. We don’t have government-level needs of security, only a reasonable strength, for an association that does not move huge amounts of money or power.

Do you know any application that is (or can be) integrated with the users of nextcloud (that can be shared with circles and the like)? Thanks

I think Polls and Forms can not solve your problem.

I think you need a trustees (german: Treuhänder, i hope translation to English is correct) who save the unique assignment between identifier and serial number. Trustees must not have access to the results (with the serial numbers), otherwise they could de-anonymize the survey. It would be really correct if the survey could only process serial numbers that were previously entered by third parties. The survey software must not have the assignment username to serial number. If the software stores usernames and serial numbers in any way there is always the possibilty that the survey is not anonymous (bug, hacker, wrong rights, …).

I know there are many apps out there that have powerful security systems. The key here is that the requirements in our association are much lighter. For example, it would be acceptable that the link between a user and a vote is stored in the database and not exposed in the UI. The systems administrators could see it, but they are already bound to the general confidentiality agreement and are not allowed to use this information.

The question is actually if there is already an existing app that could do so, or one that may be relatively easy integrated with nextcloud users.