Here’s the thing. blockchain isn’t inherently anonymous, in fact it tends toward the opposite. It is unconcerned with privacy or secrecy. It’s just a distributed ledger that everybody can check, and (theoretically) nobody can falsify. It could be used to record votes that can’t be falsified, but the only anonymity would come from whatever scheme the government felt like providing.
If that’s the case, then blockchain-as-poll is just an elaborate Rube Goldberg contraption of recording your name along with your vote, and assuring that it’s a secret ballot because we’d totally never allow the wrong people to get that information, pinky swear.
I think voter registration would be more like a one-off project which could be overseen by international organizations well before the election. Ensuring the physical safety of thousands of polling booths around the country on election day is a more difficult task. But yeah I am sure there are lots of practical problems with blockchain voting which would have to be solved.
There are many many problems with this proposed idea. That doesn’t mean it’s impossible, but it would take a lot of work to get right. Probably significantly more work than a much simpler solution.
How are you distributing them to each registered voter?
You can’t have the tokens both be anonymous (we don’t know which token goes with which voter) and publicly verifiable (we know that each registered voter got exactly one coin). So I don’t think this actually solves anything. Whoever creates and distributes the coins has the opportunity to both know how everyone votes and to give tokens to people who aren’t registered voters.
What value does having distributed miners add to this situation?
The blockchain is falsifiable given sufficient computing power. In the case of Bitcoin, the system (so far) has been resilient because the miners have incentives mostly aligned with keeping the system running. But it’s not a given that that will remain true, or that it will be true for your VoteCoin system.
The most obvious attack that miners could make is a transaction denial attack. There’s no guarantee that any given transaction will make it into any given block. And since the destination of the transaction is known, it’s trivially easy to pack the blocks with votes for your preferred candidate.
That’s not how cryptographic signatures work. If you have the private key for a given account, you can sign a transaction from that account that is verifiable by others (that’s required for miners to know which transactions are valid). So, if you claim that a particular account is yours, another person can say, “oh yeah, then sign a transfer from it”. If you can, you have proven the account is yours. If you cannot, they have no reason to believe you.
Again: what are those miners incentives? How do you make them align with the voters?
The idea that the blockchain is “secure” is laughable given how much fraud and theft goes on with Bitcoin. What do you do when 20% of voters who used a useful “voting exchange” service (because of course running the node themselves is beyond the capabilities of 99% of voters) have their votes invalidated because the exchange gets hacked? Call a do-over?
Even if we assume that the technical problems are solved, how do you convince the public that this will actually do what they want. Everyone understands marking a dot on a piece of paper. To a first approximation, no one understands cryptography. According to your OP, you’ve been researching this recently, but you’ve made some really basic errors about how this stuff works (which isn’t meant as a slight; cryptography is fucking complicated. I’m a professional software developer and have been reading about it as a hobby for years, and I would bet good money that I’ve made some basic errors in this very post.)
Sure you do. Here is one method (not the one that should be adopted, necessarily, but just to show you that it can be done) - a registered voter comes to a voting place, shows that he is a registered voter, is directed to a bin of laminated public/private keys, picks one at random, is marked as having received the token, walks out.
The system we should have is paper ballots, filled in with a pen. The paper ballots are then scanned. If any dispute arises, the paper ballots can be counted by hand.
As long as we have the registered voter showing up at a specified location where we keep physical objects necessary to the election secure, maybe we could just ask them to vote a ballot at that time?
So basically it’s the same physical process as today, and you just replace the plastic thing with a public/private keypair, then magically blockchain? That’s not how any of that technology works.
As I pointed out before, with blockchain, you, me, and your neightbour can recount the votes any time we want and get EXACTLY the same result. That’s not so with paper ballots.
“Magically” blockchain? No, you use that to send a transaction of YOUR token to YOUR chosen candidate and have that recorded in the blockchain. Anonymously, since no one knows what your key pair is.
How do we verify that each registered voter got exactly one vote and that no other people got votes? We rely on the security of distributing keys in the first place. And the system you’ve proposed for that is the same system we currently have for verifying votes.
It is essential for a voting method to be secure, and it is possible for cryptographic techniques to be used to create a secure voting method. I haven’t looked into whether the bitcoin techniques themselves would be secure enough, but something secure enough is certainly possible. But just being secure isn’t actually enough for a voting method. It also has to be transparent enough that everyone can know and trust that it’s secure, and that means that most people have to be able to understand how it works. Most people do not understand cryptography well enough, and so they won’t trust it, and a voting system that too many people distrust doesn’t work, even if that distrust is unfounded.
Missed the edit window, but note that the problem I’m pointing out with your key distribution system isn’t limited to the specific approach you have for distributing keys.
Any system that can be reliably used to distribute keys can be used equally reliably to vote. Both problems require:
Reliably identifying who is authorized to vote.
Giving each of them (and no one else) a token (private key or ballot) that can be used to submit a vote.
Making sure that no one gets more than one.
If you can solve that problem, then you’ve already made a secure voting system. No blockchain necessary! If you can’t do that, then no additional verification provided by the blockchain will help, because the underlying key distribution scheme is the weak point.
The blockchain is cool and (sometimes) useful technology, but in many cases it’s a solution looking for a problem.
The blockchain is necessary for the total transparency of the results and repeatability of the count without compromising the results to falsification.
I’m not at all certain that the margin of error introduced by our current vote counting methods is the largest thing to be concerned about here. How do you ensure nobody grabs a few buckets of unclaimed tokens after the token handout? That would be a trivially easy way to get a few hundred, or thousand, illegitimate votes that would be completely indistinguishable from valid ones.
Definitely this. Powerful people and organizations have been putting out blather for years now about how “science” is just some educated guy’s opinion, no better than anyone else’s. Now you want to toss this in their lap and tell them this particular bit of smartguy stuff is the cat’s pajamas?
Lex Luthor and Steve Rogers are running against each other. Due to his evil machinations, the voting system was designed by Lexcorps. But I’m assured that the system is honest and I’ll able to verify my vote was entered accurately.
So I go to my polling station and I vote for Steve Rogers. And I receive a doohickey that records my vote and lets me verify it was cast for Rogers.
The next morning I wake up and the news is saying Lex Luthor was elected President. He received 53,844,209 votes to Rogers’ 47,606,712.
Stunned by this news (Rogers was leading in all the polls) I check my doohickey. It tells me that my vote was one of the 47,606,712 cast for Rogers.
Have I now proven that the election was legit? It doesn’t seem so to me. It seems to me that the only way I can know the results are valid is if I can go around and ask 101,450,921 who they voted for and verified the totals add up to the reported results.
Almost the same way you prevent a “trivially easy way” to stuff a few hundred or thousand paper ballots into boxes if paper ballots are used - guard them jealously, by representatives of all the parties involved.
Except the paper ballots can be stuffed all the way from placing the boxes to counting the votes and to recounts.
The token distribution has a much smaller failure profile. Once they are distributed (and unclaimed ones destroyed) you’re done.
You think your fellow movement Conservatives are going to get onboard with crytographically verified voting? And trust the elite experts that the method is sound?
Dude, half your party hates science and technology, because science is all about convincing people that we came from monkeys instead of God and lying about climate change to trick people into socialism.
Your proposed solution would only work if people trusted the system. But if they trusted the system, then we wouldn’t have to have some sort of cryptography anyway.
Confidence in the voting system doesn’t require that the count be transparent to each and every voter, it requires that it be transparent to any candidate who disputes the vote. If the candidates for the position don’t dispute the vote count, then that’s that.
In systems with paper ballots, like in my great state, this can be done by counting the paper ballots by hand. This is a system so simple that even a guy like Roy Moore could understand it. Your proposal, not so much.