These are all valid questions jasond. Some of this will become clearer when you use the system for the first time this Dec but I’ll do my best to answer here. But first- to give you some context, while we definitely want our elections to be secure and fair our biggest challenge at this point in our democratic development is increasing member participation. In our last election for example, we had less board member candidates than available seats. So in this context with our voting system we are trying to strike a balance between ease of use , sustainability, and security.
In the current system each member will receive a unique token as a link they will use to vote. Reusing the token from the same or other up addresses will allow you to update your selections but will only be counted once.
We would never manipulate results, but system administrators do have access to the database under the current system.
Votes are not anonymous however nowhere do we reveal or review internally how each member has voted.
The current system does not provide a mechanism for members to verify their vote was counted themselves however if anyone raised the issue we could technically confirm for them via the database.
We do some basic monitoring of http requests to identify possible intrusion attempts.
We do not have a mechanism to ensure that member votes are not coerced by a physical attacker.
So yes there is definitely room for improvement but again, in our context some of the concerns and scenarios you raise are less relevant than others. I do think we should strive to model best practices with our online voting system and it is something we can continously iterate over in the future but the current system has worked without issue so far.
If you have any examples of existing open source systems that solve the problems you list above it might be nice to list them here.