1

I'm building an anonymous polling system using AWS QLDB. I record each vote in a QLDB "votes" table without user's identity and participation info into "participation" table with identity but without answers, because I need to check if a person has already voted.

The two table don't have any common keys. My goal is to make sure that there's no way to match an answer with user's identity. Is there any way to still match them by comparing the tables? Perhaps AWS QLDB is storing entries in a chronological order, which would make it simple to match.

Does this approach serve the purpose, and if not - do you know another, bulletproof solution?

Slava
  • 11
  • 1

1 Answers1

0

I would write the vote to the vote table (their selection in the poll) and after success, write that they voted in pollID:1234 (that poll's ID) in a poll counting table, or on the users record in a User table.

In your app, ensure they haven't voted in pollID:1234 before recording a new vote selection.

All of this seems like it would mean the user can never change their answers, if you want to track WHO voted, they only once, and cannot change their vote.

All of the checks: they haven't voted, record the vote, and record the participation can happen in one QLDB transaction and then committed. That way you can check what you need to check (rules) and commit votes and participation, and then commit all statements to QLDB in 1 transaction.

bwinchester
  • 91
  • 1
  • 5
  • Thanks but this doesn't answer my question. I need to be sure that such system design completely excludes possibility of linking the vote (poll answer) with the identity, even in the case of someone gaining back-end access. I'm playing devil's advocate and asking, what if someone compares the two tables. Will they be able to match them and find who voted what? – Slava Sep 26 '22 at 06:46