Built for truth. Powered by trust. Shared in the public interest.
WITAN is a secure, decentralised platform for reporting workplace concerns anonymously and ethically. Inspired by the Anglo-Saxon council of trusted advisers, WITAN replaces hierarchy with decentralised peer review, enabling insiders to submit concerns whilst qualified reviewers evaluate disclosures impartially.
- Privacy-First: No accounts, tracking, or metadata exposure
- Anonymous Review: Rotating qualified professionals evaluate submissions
- Blockchain Timestamping: OpenTimestamps integration for tamper-evident records
- Decentralised Architecture: Microservices with event-driven communication
- Public Good Framework: Adoptable, auditable, and improvable
- Submission Service - Handles anonymous report submissions and file management
- Reviewer Service - Manages peer review assignments and voting
- Timestamp Service - Creates blockchain-verified proofs using OpenTimestamps
- Submitter UI - Privacy-focused interface for reporting concerns
- Reviewer UI - Secure portal for qualified reviewers
- Kubernetes deployment with Cassandra, PostgreSQL, Redis, and Kafka
- IPFS for decentralised file storage
- Docker containerisation for all components
# Setup development tools (first time only)
./scripts/setup-tools.sh
# Deploy infrastructure (databases, messaging)
kubectl apply -k _deploy/k8s/base/infrastructure
# Deploy application services
kubectl apply -k _deploy/k8s/overlays/dev
# Check deployment status
kubectl get pods -n witan
# Access services
kubectl get svc -n witan
# Stop environment
kubectl delete -k _deploy/k8s/overlays/dev
kubectl delete -k _deploy/k8s/base/infrastructure├── client/ # Frontend applications
├── server/ # Backend microservices
├── _deploy/ # Kubernetes manifests
└── scripts/ # Setup and utility scripts
- Docker & Kubernetes (minikube for local development)
- Python 3.11+ with virtual environment
- Node.js 18+ for UI development
- Companies House API Key (free registration at https://developer.company-information.service.gov.uk/)
Used to verify UK company identities and details when submitting or reviewing workplace concerns, ensuring accurate organisation information within the platform.
The setup-tools.sh script will automatically install required development tools including SOPS, Age, yq, and configure Portainer for container management.
Before deploying, you'll need to:
- Generate Age encryption key:
age-keygen -o ~/.config/sops/age/keys.txt - Add Companies House API key to the encrypted secrets file
- Update secret values as needed using:
sops _deploy/k8s/base/secrets/secret.enc.yaml
The platform uses SOPS for secure secret management with Age encryption.
This project is licensed under the MIT License.
See the LICENSE file for details.
Open source framework designed as a public tool, not a private product.