In every democracy, an election is a matter of national security. The computer security field has for a decade studied the possibilities of electronic voting systems with the goal of minimising the cost of having a national election while fulfilling and increasing the security conditions of an election. From the dawn of democratically electing candidates, the voting system has been based on pen and paper. Replacing the traditional pen and paper scheme with a new election system is critical to limit fraud and having the voting process traceable and verifiable.
The question is if blockchain is the right technology to ensure the right security. Since Malta has been labelled the ‘Blockchain Island’, we should by now know what blockchain is. However, the following is a brief summary.
A blockchain is a distributed, immutable, incontrovertible public ledger. This new technology works through four main features:
i) The ledger exists in many different locations: there is no single point of failure in the maintenance of the distributed ledger.
ii) There is distributed control over who can append new transactions to the ledger.
iii) Any proposed ‘new block’ to the ledger must reference the previous version of the ledger, creating an immutable chain from where the blockchain gets its name, and thus preventing tampering with the integrity of previous entries.
iv) A majority of the network nodes must reach a consensus before a proposed new block of entries becomes a permanent part of the ledger.
In a blockchain based e-voting system, the following key roles would be identified:
Election administrators: These manage the lifecycle of an election. Multiple trusted institutions and companies are enrolled with this role. The election administrators specify the election type and create the aforementioned election, configurate ballots, register voters, decide the lifetime of the election and assign permissioned nodes.
Voters: For elections to which they are eligible, voters can authenticate themselves, load election ballots, cast their vote and verify their vote after an election is over. Voters can be rewarded for voting with tokens when they cast their vote in an election in the near future, which could be integrated with a smart city project.
District nodes: When the election administrators create an election, each ballot smart contracts, representing each voting district, are deployed onto the blockchain. When the ballot smart contracts are created, each of the corresponding district nodes are given permission to interact with their corresponding ballot smart contract. When an individual voter casts his vote from his corresponding smart contract, the vote data is verified by all of the corresponding district nodes and every vote they agree on are appended to the blockchain when block time has been reached.
Bootnodes: Each institution, with permissioned access to the network, hosts a bootnode. A bootnode helps the district nodes to discover each other and communicate. The bootnodes do not keep any state of the blockchain and is ran on a static IP so that district nodes find its peers faster.
Each election process is represented by a set of smart contracts, which are instantiated on the blockchain by the election administrators. A smart contract is defined for each of the voting districts of the election so multiple smart contracts are involved in an election.
For each voter with its corresponding voting district location, defined in the voters registration phase, the smart contract with the corresponding location will be prompted to the voter after the user authenticates himself when voting.
The following are the main activities in the election process:
Election creation: Election administrators create election ballots using a decentralised app (dApp). This decentralised app interacts with an election creation smart contract, in which the administrator defines a list of candidates and voting districts.
This smart contract creates a set of ballot smart contracts and deploys them onto the blockchain, with a list of the candidates, for each voting district, where each voting district is a parameter in each ballot smart contract. When the election is created, each corresponding district node is given permission to interact with his corresponding ballot smart contract.
Voter registration: The registration of voter phase is conducted by the election administrators. When an election is created the election administrators must define a deterministic list of eligible voters. This requires a component for a government identity verification service to securely authenticate and authorise eligible individuals.
Using such verification services, each of the eligible voter should have an electronic ID and PIN number and information on what voting district the voter is located in. For each eligible voter, a corresponding wallet would be generated for the voter. The wallet generated for each individual voter should be unique for each election the voter is eligible for and a NIZKP could be integrated to generate such wallet so that the system itself does not know which wallet matches an individual voter.
Vote transaction: When an individual vote at a voting district, the voter interacts with a ballot smart contract with the same voting district as is defined for any individual voter. This smart contract interacts with the blockchain via the corresponding district node, which appends the vote to the blockchain if consensus is reached between the majority of the corresponding district nodes.
Each vote is stored as a transaction on the blockchain whereas each individual voter receives the transaction ID for their vote for verifying purposes. Each transaction on the blockchain holds information about whom was voted for, and the location of aforementioned vote.
Each vote is appended onto the blockchain by its corresponding ballot smart contract, if and only if all corresponding district nodes agree on the verification of the vote data.
When a voter casts his vote, the weight of their wallet is decreased by one, therefore not enabling them to vote more than once per election.
Tallying results: The tallying of the election is done on the fly in the smart contracts. Each ballot smart contract does their own tally for their corresponding location in its own storage. When an election is over, the final result for each smart contract is published.
Verifying vote: Each individual voter receives the transaction ID of his vote. Each individual voter can go to his government official and present their transaction ID after authenticating himself using his electronic ID and its corresponding PIN.
The government official, utilising district node access to the blockchain, uses the blockchain explorer to locate the transaction with the corresponding transaction ID on the blockchain. The voter can therefore see his vote on the blockchain, verifying that it was counted and counted correctly.
The idea of adapting digital voting systems to make the public electoral process cheaper, faster and easier, is a compelling one in modern society.
Making the electoral process cheap and quick, normalises it in the eyes of the voters, removes a certain power barrier between the voter and the elected official and puts a certain amount of pressure on the elected official. It also opens the door for a more direct form of democracy, allowing voters to express their will on individual bills and propositions.
Franklin Cachia is a senior manager, tax and regulated industries, at CSB Group.