AidVault - Secure Aid Distribution API

AidVault Project Image

Skills Used:

Go PostgreSQL Docker AWS S3

AidVault is a secure, production-grade RESTful API system purpose-built to modernize and streamline the distribution of humanitarian aid. The project was born out of a need to bring structure, transparency, and accountability to the often chaotic world of aid logistics — especially in crisis zones where paper trails are unreliable and human error can lead to resource mismanagement or fraud. By creating a centralized, digital backend to handle everything from aid requests to delivery confirmations, AidVault makes it easier for non-profit organizations, NGOs, and government bodies to distribute help fairly, safely, and with proof.

At its core, AidVault enables two types of users: aid seekers (e.g., field agents, refugees, volunteers) and registered aid organizations (e.g., Red Cross, local NGOs). Users can submit detailed aid requests that include item needs, descriptions, emergency levels, and optionally, file attachments such as ID documents or photos of local damage. These files are securely uploaded to Amazon S3, where they are organized, versioned, and protected from unauthorized access. Aid organizations can then authenticate into the system, view all pending requests, and accept or decline them based on their own vetting process.

Once a request is approved, the organization logs the status of the aid delivery (in transit, delivered, failed, etc.) and uploads any proof-of-delivery documentation. This entire lifecycle is auditable via immutable logs stored in PostgreSQL, and each transaction is associated with a unique UUID and timestamp. This means that after an aid campaign, donors or government bodies can request a full report showing where aid was sent, how it was used, and whether it reached its intended recipients — solving a major transparency issue in global relief efforts.

AidVault was built using Go (Golang) as the primary backend language. Go was selected for its fast compilation, high concurrency support, and suitability for scalable backend systems. Thanks to Go's native goroutines and lightweight HTTP handling, the system can handle multiple concurrent aid requests, uploads, and status checks with minimal resource strain. All services are exposed through versioned, RESTful endpoints and organized by domain — including endpoints for organizations, requests, delivery confirmation, and document verification.

PostgreSQL was chosen for its powerful relational modeling and strong ACID compliance, critical in a system where data integrity cannot be compromised. Complex relationships between aid seekers, organizations, and delivery transactions are modeled using foreign key constraints, cascading deletions, and indexed queries. Additionally, full-text search capabilities allow organizations to quickly search for aid requests by region, need type, or keyword, which is especially useful in disaster zones where immediate triage is required.

For secure and scalable file handling, AidVault integrates with AWS S3, allowing users to upload scanned documents, request forms, and photos directly from the API interface. Each document is associated with a metadata object in the database, including who uploaded it, which aid request it belongs to, and whether it’s been verified. This makes it easier for organizations to validate the authenticity of requests — for example, a refugee center can upload a single family’s food ration request alongside ID documents, and the NGO can review and approve it remotely.

Docker is used to containerize the application, allowing AidVault to be easily deployed across cloud infrastructure or on-premise environments. The Docker configuration includes multi-stage builds, separating dependencies and production-ready artifacts. With Docker Compose, the entire system — API, database, file manager, and environment variables — can be spun up in seconds, enabling fast iteration and easy migration to platforms like AWS EC2, GCP, or Azure.

Security is a major concern in aid-related systems, and AidVault reflects this through a combination of JWT-based authentication, HTTPS-only endpoint exposure, and role-based access controls (RBAC). Admin users can perform operations like deleting requests or verifying new organization registrations, while regular organization users are limited to submitting or managing requests. All sensitive fields (emails, passwords, tokens) are hashed or encrypted in transit and at rest.

Some practical examples of how AidVault can be used include disaster response coordination (e.g., assigning first responders based on incoming request locations), rural community food aid distribution (tracking rice or water aid to remote towns), and refugee center supply management (requesting beds, medicine, or hygiene kits). The system was designed to be modular, so new features like push notifications, analytics dashboards, SMS verification, or mobile app integrations can be layered in as future extensions.

Beyond technical implementation, the mission behind AidVault is to ensure that aid systems are not only digitized but also democratized. In many countries, lack of access to tools and accountability leads to inequity in how and where aid is distributed. By open-sourcing the backend and making it easy for governments or NGOs to fork and adapt it, the project contributes to fairer, smarter humanitarian efforts. With a robust architecture, real-world use cases, and clear extensibility paths, AidVault stands as a proof-of-concept for what digital humanitarian infrastructure should look like.

Technologies Used

View on GitHub