To summarise briefly:
The election was not secret. Anyone can look up the events on the relays we use and check whether the respective nostr keys have also voted for the person in question.

The election was not yet super decentralised, as we only used our own internal relays because I was experimenting with two new event kinds. I would like to find out from real Nostr developers whether this was at all useful and whether someone can build a professional NIP or something similar from it. The storage format is also open to discussion. For the time being, I pragmatically used something that worked for me.

So we're talking more about a first proof of concept attempt to see how it works without email etc. In other words, we validate Nostr accounts and see whether it really is our active members who are signing Nostr events.

The whole issue of whether a Nostr key has been compromised is not yet part of this.

You will find the code here: https://github.com/HolgerHatGarKeineNode/einundzwanzig-nostr/blob/master/resources/views/pages/association/election/%5BElection%3Ayear%5D.blade.php

    $note->setKind($board ? 2121 : 32122);
    if (!$board) {
        $dTag = sprintf('%s,%s,%s', $this->currentPleb->pubkey, date('Y'), $type);
        $note->setTags([['d', $dTag]]);
    }

I have simply invented two new custom kinds. The president was a replaceable event 32122 and the confirmation of the board members was an event 2121.

I used simple ‘content’ to store which pubkey has voted how: $note->setContent(‘$pubkey,$type’);

This can be rubbish and would be better packaged professionally in a NIP design.

I'm not sure how to do this ‘properly’ with a NIP.