Crypto can actually supply a complete voting solution, allowing people to vote from their own personal devices. (Better voter participation, in more issues. And not having to touch the same screen and spread germs.) However, Blockchain technology is not enough — you need to string together several solutions at once:
- Tokens must be given out to ensure that each participant can vote only once. This is essential to any election, and is the only part that has to be done by a centralized agency.
- Results must be recorded in a Merkle Tree, aggregating individual results into precincts, precincts into districts, and so on. Anyone is able to check whether their vote was properly counted, by simply verifying the corresponding Merkle Branch, a quick operation (done in log N time) that is done by BitTorrent clients to check whether the chunk they are about to download belongs to a particular file.
- At each level of the Merkle Tree, there must be multiple independent (and likely mutually distrusting) parties signing off on the result being entered into the record. This is akin to how multiple parties and observers are present when counting votes in real elections. In the crypto world, we call this a Byzantine Fault Tolerant Consensus, and developers have discovered many ways to achieve it.
- Client software must be produced by a variety of independent vendors, so the voter can check, from several different “user agents”, their vote that is about to be committed into the Merkle Tree. More vendors of client apps and more people checking exponentially lower the chances that all the vendors at every level of the stack have colluded to fool our voters and record malicious results.
- Every participant — whether a voter, an overseer, etc. has a private key that they use for the election, which never leaves their personal device. Users owning multiple devices can authorized and deauthorize them by eg scanning QR codes.
The crypto community has already implemented much of this machinery to secure much more valuable things than a single vote. Ethereum, for example, is built on a blockchain secured by many mutually distrusting parties. People may trust their favorite wallet client, but they will also verify using another wallet or a web based blockchain explorer such as Etherscan. The chances of all these entities colluding to steal someone’s tokens become smaller as more clients software is released and more miners secure the back-end network.
Towards the bottom of the Merkle Tree, on the level of individual precincts, individual results do not represent juicy targets to subvert. The payoff is small - 1% of an Iowa delegate, perhaps. By the time the results have been entered on higher levels of the tree, though, they have been checked by a growing pyramid of multiple distrusting parties on every lower level, and fixed in a way that by then is mathematically infeasible to reverse.
The official result of the election does not need to contain how everyone voted, just a short string of text with the final cryptographic hash of all the results. Each individual voter would be able to record their Merkle Branch, in order to check that their vote was recorded and counted correctly. At each level in the tree, mutually distrusting witnesses agreed that they came together and recorded a result correctly. With information being deleted at every step, no one can verify how someone else voted, unless that other person chooses to reveal their vote and Merkle branch. A system could even be constructed where voters can furnish confidential zero-knowledge proofs of how they voted, without the recipients being able to prove it to anyone else.
In a way, Bitcoin and Ethereum are like MySpace and Friendster — the first iterations of a new industry that will tackle trustless computing in increasingly sophisticated things. Ethereum’s blockchain is monolithic, completely public and anyone can check anything. But if new technology will bring down the cost of running elections you can trust, then every organization large and small will want to do one. And they may not want everyone to know the results — they may want privacy inside the organization.
This set of requirements for privacy calls for additional innovations which are now starting to be implemented by the crypto community (here “crypto” is being used in its original sense, meaning cryptography):
- Group encryption. Only certain members of a particular shard or section can decrypt and see what is happening in a specific shard or section.
- Group signatures. Many new techniques have been developed whereby members can vote without knowing how others voted.
- End to end encryption and homomorphic encryption. Research is ongoing about how to efficiently perform mathematical operations on encrypted data without knowing the original values. This can already be done on a large enough scale to do run anonymous elections in medium-sized organizations.
We may never completely get away from having to trust some entity that tries to ensure each person isn’t using multiple identities to vote, but studies have shown that this happens exceedingly rarely when people vote in person. As people are able to vote from their couch, away from prying eyes, we may come to rely more and more on “verified identity” services to solve this remaining security issue. Efforts to standardize and innovate in this area are ongoing and perhaps one day we will even be able to obviate this final need to trust third parties.