VotoSocial.org: towards an e-voting system that people can trust

“It doesn’t matter who votes, but who counts the votes”, is a common saying in politics attributed to Stalin.

We experienced this in Honduras back in November 2013 when the lack of transparency in voting table delegate credentials, results transmission and errors in the tally sheet digitization resulted in a complete mistrust of official results by a large part of the population to the point that 2 large opposition parties still call it a large scale fraud. We wanted to audit the election results but there were a little more than 16000 tally sheets to audit. We realized that only citizen participation could help us, this is why we quickly created the conteo platform where we crowdsourced the auditing and digitization of official tally sheets extracted from from the publicly available scans. Note: To know more you can watch the Pecha Kucha talk or read our paper at Policy & Internet (earlier draft).

We verified that the tally sheet results were similar (but not equal) to official results. A question was raised to us that Who can guarantee that the tally sheets represent the actual votes? Counting can seem legal but not necessarily represent the will of the people to the point that statistical analysis can show us fraud patterns.

We came to the conclusion that e-voting could be the solution to vote counting but coming from a Computer Science background we quickly realized that you cannot simply trust an e-voting platform as votes can be added, removed or manipulated by the central authority that controls it. Even worst, it can be used as a vote buying and vote coercion mechanism.

We were stuck at the following question: How can we create an e-voting platform where votes cannot be easily stuffed, removed or manipulated by a central authority and there is a public log that enables a public audit but at the same time can keep voter privacy to prevent vote buying and vote coercion?

Well the answer took a while and came after a meet-up with Peter Kirby from factom.org when he visited Tegucigalpa in January 2015. It became obvious there is at least one system that currently does that at a large scale for money and it’s Bitcoin and the underlying Blockchain. It was the first time that we understood how companies like factom.org are using the Blockchain for data applications. We already knew about — and some of us owned some- Bitcoin but it was the first time we realized that the Blockchain could help us achieve what we wanted with the help of the Colored Coins protocol.

Our goal is simple:

An e-voting system that people can trust

But what does trust mean?

We interpret trust as helping citizens be certain that:

• Their vote will be counted without modification
• It is hard to stuff votes and if it’s done it can and will be detected
• Everybody can verify the results of the election without government intervention
• Their privacy will be maintained if they want to
• Only people that are allowed to vote can vote
• It is an incremental change to what they are already are used to and know

We believe we can accomplish that with the help of the Blockchain and we are working on it.

How does it work?

The process is similar to the current voting process in many countries of the world where voters go to voting centers to cast their vote.

1. Voters will arrive to a voting center where their id is verified and they are handed a paper ballot.
2. The paper ballot is not a simple ballot but also a secure paper wallet containing a blockchain address
3. The voter then goes to the booth, and scans the private key of the paper ballot.
4. The booth is not a simple booth but also contains a secure hardware wallet with a blockchain address. The private key of the booth is always kept secret inside the hardware wallet.
5. The booth address and the ballot address combined form something that is called a multi signature address (2-of-2 P2SH multisig) containing a unique token (i.e. an indivisible locked colored coin). There is only one colored coin for each voter and was previously transmitted to the multi signature address before the election day
6. The person selects the candidate that they are casting the vote for, but the candidate is nothing more for the system than a blockchain address.
7. The unique token is transferred from the ballot and booth combination to the candidate’s address, this is basically a Bitcoin transaction over the Blockchain.
8. The vote is stamped over the ballot for manual verification and a receipt with the blockchain transaction id can be handed to the voter for personal verification.

Given our background as mobile and web developers we created a rough prototype using an iPad app as a booth to demonstrate the process described above. You can see it working in the following video.

VotoSocial.org: iPad booth prototype (DEMO)

Note that the video displays an early prototype that definitely has several problems including security, privacy and scalability; anyhow it demonstrates what we propose and that it can be accomplished.

Why does it matter?

One of the key points of democracy is that people decide by majority how their government should work. Thus if someone, even with good intentions, modifies voting results, then that person or entity is breaking the basic principle of democracy.

Another element is political stability, several countries around the world result in political and economic instability after fraudulent or uncertain elections (e.g. Kenya, Honduras).

Finally, having an electronic voting mechanism could lead to democracy innovations we can't even think of right now. As an example it could lead towards a representative democracy as projects like DemocracyOS envision. This could be easily achieved by combining the transaction receipt with something called blind signatures enabling representatives to poll their voters with the certainty that opinion comes from people that voted for them.

What's next?

Our next steps are refining this prototype to a real working product and start testing it in real elections, probably smaller ones at the beginning to improve the technology. We have been talking with different organizations that can lead us closer to our goal but there is still some way to go.

We are committed to VotoSocial.org as an open source project and we are really interested in your feedback. If you believe you can help us accomplish our vision please contact us at @jagbolanos @corp or jorge@votosocial.org.