nice. I thought of 3 ways you could improve secrecy, but they all add some centralization:
1- gift wrap the vote events, so only the person doing the tally could read them. In that case you must trust the person or group doing the tally to be honest.
2- You could use a group of independent persons to do the tally, and distribute the key to them, so they would check on each other.
3- You could publish the private key after the end of the election, so anyone can verify (but then the votes are only secret until the key is published)

I have no experience writing a NIP, but i can help polishing it if you ever need help.