Myanmar voted in monumental elections last month. What you might not know is that there was a lot of work that went in to making these elections possible, including the work Wiredcraft just completed on the Myanmar Election Project. We built the entire voter registration system for IFES (International Foundation for Electoral Systems and the Myanmar UEC (Union Election Commission); one of the most important parts of the project was the Windows Application, called the Township Voter Registration (TVR), that allowed UEC members on the ground to help collect voter registrant information and make corrections. We spent a lot of time working to make the TVR user friendly and secure and we were able to use some really cool technology to do it.
For the TVR some important points we considered during the build were:
This project required high amounts of data security due to the sensitive nature of the voter registrants data. We needed to keep hackers out of the door, so choosing the technology stack we used was a very important step. We had two choices.
Lutz Roeder's Reflector, so we may still need to build the encrypt/decrypt part with C++. -Learning C++ is more difficult than some other languages (everyone knows that.) We may face lots of issues and it may not be easy to solve.
Electron.js and NW.js both are good open source projects, they make it easy to build a cross-platform application, but electron provides more features like multi-context, which allows us to do more in the generation of the PDF process. You can read more about how we built a high performance PDF generator in Electron.js for the Myanmar election and here on GitHub
We separate the whole application in to different layers. On the top is the UI layer built by React.js and SASS, in the middle is the data layer built by Golang, and at the bottom is the database layer handled by Encrypted SQLite database which is a SQLCipher
At the Golang layer, we provided several APIs for the front-end, we move all the complicated logic to the Golang layer so the front-end doesn’t need to care for the data process. The front-end only needs to call the API through the Node.js
child_process and then they have accessibility. For example, we have an API that exports some data entries to our central server (the Windows application is totally offline), the frond-end just needs to call the API and send a path where use want to store the package on his Windows machine, the Golang middleware will find all the data and do a PGP encryption, then write to the path. The only issue for us is Golang doesn’t support the SQLCipher database officially, and there is no third-party library that can do that, so I built one to fit our specific needs and solve our problems: https://github.com/xeodou/go-sqlcipher.
Electron.js and Golang helped us build the high level security used in the TVR, even though we didn’t have too much experience building Windows Applications. We didn’t have to worry about how the application worked with Windows, because Electron.js will do it for us. React.js helped us move fast on the building of the UI part of the TVR: we were able to implement lots of cool User Interfaces and it was easy to implement; it was like we were just building a website. We learned a lot about implementing high security features with cross-platforms with Golang, React.js, Electron.js and SQLCipher.