INNOVATE

Blockchain for online voting?

The fundamentals

What is blockchain?

Blockchain is the underlying technology used by Bitcoin and other cryptocurrencies. It is used as a public ledger, or record of activity, of all the economic transactions involving the currency. The ledger is not centralized (stored in a single location), which prevents it from being altered by a single authority.

“The transactions are immutabilized, within a sequence of blocks, in a distributed manner by a set of nodes, called miners. The miners compete to perform this operation and obtain rewards and fees for each block generated. The main advantage of the blockchain is that it guarantees the integrity and non-repudiability of all the transactions registered without the need of a trusted entity.”

Jordi Cucurull and Jordi Puiggalí, Distributed Immutabilization of Secure Logs

In a public or “permissionless” blockchain, the different users transfer amounts of the cryptocurrency and miners validate and register them in the ledger. Each of these transactions contains a reference to one or more former transactions — the inputs — and the amount transferred and who received it — the output. The input proves that the user making the transfer has enough cryptocurrency to afford it, and the output verifies the quantity of the transfer and its receivers.

Why use blockchains?

The blockchain thus registers or records the transactions. Once a transaction has been registered, it cannot be modified: it becomes immutabilized. For this reason, it is said that blockchains provide integrity, auditability, and non-repudiation.

How is this achieved? As the name “blockchain” conveys, it is a record of transactions (“blocks”) that are each linked to the one before it (“chained”). Miners are responsible for chaining the blocks to the ledger. There are several ways in which the blocks can be chained, but the original proposal from Bitcoin is called Proof of Work.

Proof of Works are based on cryptographic operations by means of which each miner tries to find the hash of a certain block by using arbitrary numbers. Hashes, very simply put, are an enciphered string of numbers that are generated via an algorithm to represent certain data. When a miner solves the Proof of Work, the block is published.

Therefore, assuming that no entity has more than 51% of the mining power, the Proof of Work can be used as a mechanism to:

1. Prevent any deliberately chosen entity from publishing a certain, specific block in the blockchain
2. Prevent any formerly published blocks from being modified.

Blockchains in Online Voting

Since Bitcoin’s underlying technology was first suggested in 2008, many saw in it the perfect platform for internet voting. In 2018, researchers at Scytl published a study analyzing seven blockchain-based internet voting systems against international electoral standards. They concluded that as “a distributed audit layer, it is expected that blockchain technology will provide more transparency to such services, while preventing that a simple agent can tamper with electoral electronic data”.

Notwithstanding, they also identified some shortcomings in those systems:

1. It was not possible to use most of them as an additional voting channel (for example, when voters can choose to vote online, by post, and/or in a polling station). In other words, they must be used as the sole voting channel or would otherwise require “offchain” operations.
2. Almost no system provided vote correctness, meaning that if a voter had accidentally filled out a ballot incorrectly (e.g., selecting more than the allowed number of choices for a particular question), they would not be made aware that the ballot would eventually be declared invalid and thus not counted. Vote correctness is possible in other online voting systems that warn a voter if there ballot has the potential to be marked as invalid for not following the election rules.
3. Not all systems provided specific end-to-end verifiability mechanisms.

Overall, they highlighted that blockchains could not address two main requirements in internet voting: namely, long-term privacy and scalability.

On the one hand, they highlighted that storing voting data in a blockchain, even if encrypted, could reveal a voter’s ballot choices in the future when quantum computers are expected to break the encryption schemes used today. Since the information stored in a public blockchain can never be deleted or modified, the risk of breaking voters’ anonymity in the long-term is particularly high.

On the other hand, they also highlighted scalability issues. At the time, they noted that “Bitcoin’s blockchain takes around 10 minutes to confirm a transaction and has a global throughput of 7 transactions per second,” which, given that many elections can have tens if not hundreds of millions of eligible voters, could translate to not everyone having the ability to cast their vote within the voting period.

For this reason, Scytl’s proposal is to store auditing information in a blockchain, but ensuring this information does not contain personal data. Two of the authors of the previously mentioned article proposed the use of distributed ledger technologies to immutabilize secure application logs. Scytl’s patented immutable logs technology ensures the integrity, authenticity and non-repudiation of the generated logs, and can be used by third parties, such as observers and auditors, to ascertain the correct conduct of an election and investigate any issue. Their solution consists of publishing log integrity proofs within the blockchain. In this way, any manipulation of the logs could be detected and collusion are prevented due to the distributed nature of the blockchain.

This article was written by Adrià Rodríguez Pérez, Public Policy Researcher at Scytl.