October 30, 2020
Blockchains have come a long way, but are they ready to be trusted with democracy?
What exactly is the current voting process? It hasn’t changed much in the last few centuries. You arrive at a specially designated location and walk into a private area away from prying eyes. You carefully mark a piece of paper and fold it over. You then walk back to the official’s table and slide it into a locked box. Your vote is added to all the other votes and counted — usually under observation to avoid mistakes or something more sinister. This system seems reliable to us because it involves real-time human observation and physical objects that can be counted and recounted until everyone is satisfied things were done fairly.
It might feel like the best way to make sure everything is done correctly, but it takes time. This is becoming a problem in our impatient world — the media is impatient for results. Candidates are impatient for results. The question is — How much longer will the world wait for humans to count bits of paper?
A ‘normal’ voting system requires a tool through which users can enter information in a small focused setting. That information is expected to be private, secure, transparent (if you wish), and to have verifiability. Everyone should expect to be able to vote and know that their vote is counted correctly, fairly, and can be verified after the fact.
So if we wanted to make this digital how would that work?
So far, electronic voting means you go to a voting machine; it authenticates that you are who you claim to be; and that you’re eligible to vote in that particular election, at which point you cast a vote.
If you ask anyone who works in security, they can tell you that this process is filled with risk. Having the process done in software helps, but problems arise with this method all the time. Verification and authorization are cornerstone problems of cybersecurity.
This is where blockchain could have a part to play. Every voter gets a key, and that key is yours for the purposes of your votes that day. You’d then use this key and send it to a particular address that indicates your vote on that particular election or ballot initiative. The unique way that blockchain uses encryption is what makes this possible. (For a quick primer on how encryption works behind the scenes, take a look at my video on the subject).
Tobe clear, when we talk about ‘your key’ we’re just talking about a random number. This is nice because it has the property of not being traced back to you. It’s also almost impossible for someone else to guess. While you have the key, the machines receiving and processing your vote don’t know that you specifically are the one who submitted it.
Once you’ve sent your vote, that act is a transaction that will be stored across a variety of computers on a private network at the same time and it can’t be changed without the key that created the transaction the first time.
Your vote is associated with only your key and only you know which key is yours.
Now that you’ve voted, your key can’t be used to vote again, and it can’t be misread either because you also have a copy of that immutable record (For developers you can see more on transaction immutability here).
Because it’s just a random number it also can’t be easily traced back to you. This is a property you want because it means that every Tom, Dick, and Harry can’t go find out who voted for who. On the other side of this process, you’ll have an anonymized code that you can use to view your vote after the fact.
An election sounds like the perfect place for a blockchain. It wouldn’t even be that difficult to build a blockchain-based voting system. You could use an open-source blockchain framework like Corda to build a prototype without much time.
Voting systems have been revisited before, and any change to this process needs to be carefully measured and transparently adjudicated for the public to have confidence. Banking and financial institutions worldwide use blockchain, and there is industry confidence that this works well for the right problem. From a technical perspective, the case seems clear.
The truth of the matter here is actually a simple one: Public perception is that there is no software platform without bugs. Even if you were to write perfect software, that software runs on an operating system that relies on imperfect drivers and even transistors can be impacted by cosmic microwave background radiation. People do not seem ready to trust technology, even though the method they trust now is being eroded by the impatience for instant results — with presidential candidates already calling for a declaration long before it is humanly possible to count every vote.
In the security community, the goal is to build a realistic threat model and use that as a guide to determine what level of security is necessary and what kinds of attackers we can expect. The threat level here is informed by the value of the asset that can be taken if a hack is successful. If that prize is something like the presidency of the united states then we could very easily expect multiple state-sponsored threats that have a very strong incentive to influence our elections. These sophisticated actors can turn out to be quite pernicious. In the case of Russia, they already influence elections. Iran also has a pretty robust and expensive cyber-threat infrastructure.
Even if it was possible to make such a computer system perfectly secure, it is currently not at that level. In fact, the U.S. Department of Homeland Security issued a warning to most local governments not to use electronic voting tech.
“electronic ballot return technologies are high-risk even with controls in place.” — DHS
They’re not wrong. There were over 200 zero-day vulnerabilities reported in 2019. If you look at that list, those are some very good software vendors, these issues exist everywhere, and are found while pursuing much lower value targets than manipulating an election.
The question isn’t whether we can build a perfect election system on a blockchain. The question before us, much like the question around self-driving cars, is this: Is this system better than the one we have now?
France banned absentee voting over 50 years ago because of an infamous incident in Corsica, and many other nations have banned certain forms of voting altogether because of issues around authorization and authenticity. There have been over 1200 proven cases of voter fraud in just the United States. There was a famous case in the UK not too long ago where six councillors were elected through nearly 40,000 fraudulent ballots and convicted of poll fraud.
“France banned absentee voting in 1975 because of massive fraud in Corsica, where postal ballots were stolen or bought and voters cast multiple votes. Mail-in ballots were used to cast the votes of dead people. Examples for other countries are provided”. –John R. Lott
Citizens worldwide care about the results of elections with growing numbers of people who want confidence their vote was counted correctly.
While we can never have perfect elections, we’ve seen time and time again that there is room to improve. There are so many other instances where we’re able to get answers quickly and effectively. We need to ensure that we have tools to count our votes fairly, safely, and instantly.
There are serious arguments on both sides for governments to consider when using blockchains or other digital solutions for public elections, and I’ve outlined some of the significant ideas here. I should mention that not just the Corda blockchain but all Open-source software are always improving.
Fortunately, we have blockchain technology for precisely this type of use case–high-value private transactions. You could implement many of the functionalities I’ve described in this article using a private Corda network.
As far as implementation, you’d probably need Corda accounts (for example, one account per voter). You’ll probably need a couple of Corda observer nodes as well. I’d highly recommend looking at our documentation on the Corda Core concepts, States, Contracts, and Flows. If you’re curious about this and want to try your hand at building a voting system using Corda, let us know.
Want to learn more about building awesome blockchain applications on Corda? Be sure to visit corda.net, check out our community page to learn how to connect with other Corda developers, and sign up for one of our newsletters for the latest updates.
— David Awad is a Developer Evangelist at R3, an enterprise blockchain software firm working with a global ecosystem of more than 350 participants across multiple industries from both the private and public sectors to develop on Corda, its open-source blockchain platform, and Corda Enterprise, a commercial version of Corda for enterprise usage.
Follow David on Twitter here.
Share this post
December 02, 2020
November 30, 2020
November 26, 2020
Stay up to date on the latest news and articles related to Corda.