Back in Ron Rivest's 6.857 computer security class, we spent some time on electronic voting. If you're not careful to get the privacy right, you open up more opportunities for coercion.
With anonymous paper ballots, coercion can and does happen, but it basically requires physical control of the polling station / voting booth to pull off.
In this case, anonymized ballots are put on a blockchain. Hopefully the system is auditable, but provides no way for someone to prove which anonymized ballot serial number belongs to them. Otherwise, the thugs can come to your house and either beat you or pay you your bribe after forcing you to reveal how you voted.
A verifiable secret shuffle and its application to e-voting  https://dl.acm.org/citation.cfm?id=502000
All prior crypto-based voting systems I've studied rely on hash collisions, algorithmically simulating the secure one-way hash of physically dropping a ballot into a box, for an individual's ballot to get lost in the herd. But for this to work, ballots have to be simple and elections have to be large (enough).
In the USA, ballots are complicated and precincts are small. Appropriate for elections administration based on the Australian Ballot, bad for crypto-based balloting system.
I'm very surprised this is the first I've heard about Neff shuffling.
But I know a lot about VoteHere. Even though they are a proven bad actor in this space, I'll suspend disbelief and see if something good came out of their efforts. The Agora people appear smart, earnest. So maybe there's something here.
If Neff shuffling (or something similar) actually works for this application, it'd be remarkable. Least importantly, I'd have to update my world view. Specifically: no fully digital voting system can both protect the secret ballot and ensure a public vote count. (In practice, electronic voting systems do neither.)
PS- Scanning the other comments, feel compelled to point out:
Design the whole system. Understand election administration. Protecting the ballot is not enough. Information also leaks from poll books, voting history, etc., which then deanonymizes the secret ballot.
For Sierra Leone, Agora might be a great idea. Maybe the benefit of extending the franchise (reduced costs, increasing access) outweighs the loss of individual privacy.
> In this case, anonymized ballots are put on a blockchain. Hopefully the system is auditable, but provides no way for someone to prove which anonymized ballot serial number belongs to them. Otherwise, the thugs can come to your house and either beat you or pay you your bribe after forcing you to reveal how you voted.
I don't agree. The amount of damage to the voting mechanism a malicious group can do when physically controlling a polling station (which in itself proves a huge amount of reach and political power) is way greater than thugs coming to someone's house to check the right person was on a 'virtual ballot'.
I agree that with this approach you can do voter information data gathering 'at scale' but if you can't really do coercion 'at scale' if you can't afford either violence 'at scale' or similar enforcement via the public system (no benefits, pension cut, etc..) then it's all for nothing. But if you can do all in the first place then there's no sense in talking about the method of voting, neither will be less secure or less private than the other.
It wasn't a statement about the amount of relative damage. It was a statement that a voting system that leaks privacy beyond the polling station strictly increases the number of parties capable of coercion vs. a voting system that only requires securing the polling stations.
There's a big "if" in trusting the government to run honest polling stations (and keep phones/cameras/etc. out). That's not in question. However, if a blockchain voting system leaks voter privacy, then random online criminals halfway around the globe with no capability of controlling polling stations can still coerce voters without needing to physically control even a single polling station.
Electronic voting done right can be a force for good and transparency, but getting privacy right is absolutely critical. If you screw up privacy, you enormously increase the number of adversaries you need to worry about.
I also wonder if the blockchain means votes are cast publicly. Typically you vote, then tally. With every vote in public on the block chain, I could see mining companies bidding against each other for votes in real-time...
You don't need a physical presence to coerce, it's simple to click and deploy, and even easier to Target phishing sites when you know what people are looking for.
I easily believe that an interested party would drop big cash on a good exploit for such an event.
Undermining the credibility could therefore accomplish “everything” (the intended purpose).
For example a foreign entity could use this to cause confusion and undermine people's trust in elections.
I'm not against the idea of trying to modernize voting or blockchain in general, but there are extremely practical and real problems that come with it which are a magnitude easier to accomplish than it is with paper ballots at the moment.
I'm sure there is a procedural medium which alleviates this but I'm not bright enough to think of it at the moment.
Small scale coercion, however, is easier to execute and easier to get away with, hence the need for your private vote to be cast in a public place.
And it's something that, if standards of voting privacy are sufficiently eroded, could easily emerge even without any big conspiracy behind it. Just think of something as grass-roots as spouses not being amused about a certain vote, that alone could have a huge influence on the outcome in some settings. This potential for casual coercion is why I even consider it an erosion of democratic values when people abuse absentee votes for convenience. A mild erosion, but an erosion nonetheless.
Electronic voting could maybe improve on the issue of casual coercion if they allow individual votes to be recast until last minute, maybe even with some mix of deadline customization/randomization (with silent failure if already past the deadline) to add friction to less casual coercion attempts.
Coercion doesn't have to take on the form of violence, social and financial reprecussions can be incentive enough to vote a certain way with the proof that you did.
Think about this: "I don't want to associate/hire/do business with anyone who voted for Candidate X or Referendum A"
The trick to the 3-ballot voting protocol is that not everyone can validate their vote. However, when a group of voters band together, they should be able to validate that a subset of their votes (1/3) were registered with high probability.
With a sufficiently large group of voters checking results, the law of large numbers comes into play and they can statistically detect the presence of voting fraud.
That doesn't solve the potential problem of vote stuffing... Still thinking about that one.
That doesn't work if someone else has already told them the same ID.
Sounds like you might be on the right track if you can get over that hurdle somehow.
One approach to this problem is to make it easy to cancel a previous ballot and submit a new one, so you can get your evidence that you voted the way e.g. your employer wanted you to, but then you can cancel it and vote with your conscience.
The desired outcome is to prove that each vote came from a valid voter, while being impossible to prove which vote came from whom.
The coercing party can insist that you take a mobile phone picture of your ballot. This kind of coercion is common in some regions of Russia where civil servants and teachers are told by their superiors that they must vote for the preferred party “or else”, and a mobile phone picture is demanded as proof.
This requires the poll workers to be somewhat impartial. If they are not all bets are off. In the German Democratic Republic voters where socially pressured (by official policy) to not use the booths at all.
(An exception is when you are a government delegate voting for chancellor, in which case you pay a fine of 1000€, especially after the president has clarified this rule to new delegates repeatedly)
The election council and a lot of privacy-conscious citizens weren't amused to say the least, but a subsequent ruling by a judge turned out that it isn't strictly speaking illegal, because the law doesn't explicitly prohibit photography in the ballot booth. So until parliament enacts a law that forbids it (like Germany), we are stuck with this rather dubious phenomenon.
At least we've banned voting computers for a good while — the ones we had ran closed source software and the votes cast couldn't be verified by the voters or the election council — so there's that.
Edit: Perhaps I wasn't clear. Each of the N ballots is already filled out for a different candidate. The envelopes are all identical and sealed by you inside the voting booth. That way an existence proof of a ballot for the given candidate leaks absolutely no information. There are no empty paper ballots, and none of the paper ballots can leave the polling station. Ballots need to be counted both from the "vote" and from the "discard" boxes. Ballots missing from the discard box prove vote tampering.
You go into the voting booth, seal the N ballots in the N identical envelopes, being sure to keep track of where the ballot for your desired candidate is. You leave the voting booth and drop the one envelope in the vote box, and the N-1 envelopes in the discard box.
Even if you're forced to videotape inside the voting booth of your sealing the N ballots in the N identical envelopes, you could pull a quick 3-card-monty when leaving the voting booth. Even a quick random shuffle would be sufficient to statistically nullify your vote, or if you're only able to keep track of where the Dr. Evil ballot is, a quick deal from the bottom of the deck would guarantee a vote for a random opposition candidate. As long as there's some spot between the polling both and the ballot boxes that isn't covered by video, there's no way for a third party to know which ballot went where.
You aren't allowed to leave the polling station with any of the envelopes, and a tally of the ballots in the discard box will show what percentage of people have left the polling station with their discarded ballots. Any non-negligible percentage of "discard" ballots leaving the polling station will make the whole vote suspect. (The discard ballot count will also provide circumstantial evidence for which way the tampering is going, although Dr. Evil will always claim it's false flag vote tampering to make him look bad).
If someone is really coerced in sneaking their discard ballots out of the polling station, they could sneak N-1 ballots out and either put the ballot for Dr. Evil in the discard box or burn it right outside the polling station. They then show the jackbooted thugs the other N-1 ballots. They end up not voting, but at least Dr. Evil is denied the vote.
r = f(k, p)
Suppose r may be 1 or 0. The meaning of 1/0 will be randomly distributed among the population, and will be made known to you when you place your vote, but at no other time. So, later on, you understand that a value of 1 means your vote counted for candidate A, but if someone tries to coerce you, you can realistically claim the opposite.
(That is, how do you prevent a butterfly-ballot-style situation where people think they're voting for Gore, accurately cast a ballot that appears to them to be a vote for Gore, and actually end up casting an objectively valid vote for Buchanan?)
1. Enter your vote and receive an identifier
2. Group n identifiers into a batch ensuring not all votes in the batch are for the same candidate. Record the n identifiers into a block then randomly order the identifiers but don’t record the randomized sort order. Display the index of their identifier to each user but don’t record it. Record the actual vote in this (random) order to the block. Allow each voter to see all votes recorded in the block at each location (including the one only they know represents their vote). Allow the voter to manually tally the block to ensure the sum of symbols reflects their vote intent. Present to each voter cryptographic proof of the existence of the block and the net affect the block as a whole has on the vote tally for each candidate.
Each voter leaves with:
1. cryptographic proof of having voted
2. Cryptographic verification of the effect their vote had on vote tally
3. Ability to claim having voted for any candidate represented in their voting block/inability to prove to others who they voted for while being sure of how their vote was counted themselves.
As I remember, it's still an open problem to set things up (without requiring trusted hardware or trusting the government to destroy a private homomorphic encryption key) so that I can't later prove to Dr. Evil's jackbooted thugs that I voted for Dr. Evil.
Though, maybe there's some mechanism where I actually generate ballots for all candidates and only submit one of the ballots and it's impossible for me to prove which one I actually submitted, and I could cheat by submitting more than one ballot but there's a zero-knowledge proof that my ballots were for all of the N candidates, so in an American-style first-past-the-post voting system, submitting all of my ballots has the same effect as submitting none of my ballots.
Every voter is issued one "vote coin" at registration time. There are special addresses for each candidate. Each voter sends their "vote coin" using a zero-knowledge/private transaction to the candidate of their choice. It's totally auditable, not possible to vote more than once, etc.
The main issue is in making it potentially easy to sell your vote, which as the OP was getting at is at the heart of the tension.
I don't see much problem in selling your vote if there's no way to verify that you're not ripping off the person buying the vote.
Now you can take as many pictures you like of whatever ballot which proves nothing.
Though, I don't understand the purpose of the pen in the proposal. There's already one of every possible ballot, so you don't use the pen to mark candidates. You don't write your name on the ballot, as that would ruin anonymity. You don't cross-out the ballots that you don't cast, as that would open back up the weakness to photography. So, how is the pen used?
Also, what's the purpose of having the official put the ballot in the box instead of having the voter put the ballot in the box? Is it to prevent multiple votes from being cast? You need to have a discard box for the unused ballots and tally those discarded ballots in order to detect when the jackbooted thugs force people to walk out of the polls with their discarded ballots in order to prove how they didn't vote. Once you have this, you've also got multi-vote detection.
And since it's a public blockchain, you know exactly which token went to whom.
You don't (well, shouldn't) know with Z-Cash/Zerocoin
Take Turkey or Russia for example. Voters know exactly that the current radical governments can track their ballot numbers, so they'll think twice before voting against them.
The details on this vote have been extremely scarce. The use of the future tense to describe access is worrying.
"Blockchain Technology" has attracted scoundrels of every stripe. If Agora really cares about this as a test case, it needs to make the voting records public, and articles like this one need to make it clear how the reader can examine the results.
That said, I'm very skeptical about the utility of "Blockchain Technology" in voting. For one thing, what secures this block chain and makes fraud detectable?
In Bitcoin, the answer is crystal clear: Proof-of-Work coupled to an economic incentive. This system has well-known scope and limitations. We can reason, mathematically, about a multitude of attacks and outcomes.
Not so with the Agora system. And I'm afraid that journalists consistently refuse (or are not equipped) to ask the right questions - as in this article.
I am a software developer and to be honest I don't fully understand bitcoin and blockchains.
Then my next question will be how can I trust something that I don't understand.
Maybe as a counter-argument someone will say how people uses online banking without fully understanding software, internet, etc. But I think is a completely different problem with different challenges.
Like with cars, planes, and online banking, the key determinant is that nontechnical people have a _sufficient_ degree of trust in _someone_else_, who does have the appropriate expertise, to provide oversight.
I have no idea if Agora is good or not, or if blockchain-based voting is viable. I'm just saying that there are demonstrated cases (and certainly also other demonstrated failures) in which nontechnical people trust experts and trust organizations to provide a sufficient degree of oversight.
In a sense, you could say that a classroom, or a democracy, is like this too.
ive always found this mentality silly. do you understand aerodynamic principles? laws of electromagnetism? mendelian genetics? or information theory?
I was called a "paranoid sweaty kook" by a local paper for having the audacity to explain how our central count works. (TL;DR: It's very hard to protect voter privacy when using postal ballots.)
Election administration is hard, with many subtle, counter intuitive corner cases.
I scanned Agora's website, papers, etc.
Two things bothered me.
First, they spend too much time saying what they're not, comparing themselves to other known bad electronic voting systems. Yayaya. We all know those systems suck. Tell us how Agora is awesome.
Second, none of these proposals start with first principles, starting assumptions. Tell us what forms of election administration, voting system, and ballots your system supports. For example, paper ballots cast at poll sites in the USA is predicated on the Australian Ballot, aka private voting and public counting. Scanning thru Agora's materials, I have no idea what type of elections it's appropriate for.
Even today: http://chicago.cbslocal.com/2016/10/27/2-investigators-chica...
(Aside: forgot to turn off my extension and so it appeared as, 'Sierra Leone just ran the first "Multiple copies of a giant Excel spreadsheet"-based election')
There's no double-spend problem. There's a correct way to merge two ballots cast by the same private key: discard them both. Since all operations are mergeable in an arbitrary order, there's no need for proof-of-work or anything like that to determine which chain is the "correct" chain - any pile of ballots that contains all valid ballots is correct, and any partial pile can get the remaining ballots appended at the end.
From the whitepaper it looks like they're running their own "skipchain," which they refer to as a form of blockchain, but looks to me like a cross between a Merkle tree and a skip list with no proof-of-work mechanism. (It seems like a genuinely useful / novel data structure, I just wouldn't call it a blockchain.) And they're running some sort of proof-of-work consensus to gate additions onto this skipchain, and periodically storing the state of the skipchain in the Bitcoin blockchain.
I don't really understand why the latter two parts are necessary: the record of ballots should be self-authenticating, and it should be easy to tell if someone has removed a ballot, right? Is the idea that people are not likely to watch the skipchain a la CT log monitors, so they want to use Bitcoin because people already watch that?
On the one hand, they appear to have real cryptographers nad real research behind this. On the other, saying "blockchain" seems like a great way for someone running an unfair election to make it appear more legitimate....
I worked as a poll inspector. Documenting and proving the physical chain of custody is an important function.
I have yet to see a compelling use case for using blockchains in issuing ballots or counting votes. That's a different beast entirely.
This was my thought also. I could implement what I understand they did just using git. One vote = one line appended. With an append-only merge driver and Github push for publication. No blockchain needed for equivalent functionality and equivalent resistance properties.
What about the scenario where someone puts a gun to your head and forces you to vote for them - and you can't change your vote at a later period?
One answer would be to just include the old ballot in the new one, so it's clear which one to invalidate if you see both.
I guess now that I'm thinking about it you also want to prevent ballots from being cast once the election is over, and timestamping an event as having happened before a given point is a valid use of an actual blockchain.
1. Votes can replace older votes - although this has issues because they could just make sure you don't vote again by pulling the trigger.
2. Let the voter assign 1 and 2 to A and B himself when receiving the private key - which means that when the time to click 1 or 2 comes - only the voter knows if 1 => A or 1 => B which makes it impossible to know who he is voting for.
99.9999% of every mention of blockchain is a scam or misleading hype
And yet I think bitcoin is an important and revolutionary technology
The article talks about "fully-transparent voting solution for this future", yet I somehow don't see any transparency when it all relies on magic only a negligible part of the population understands.
There are a lot of things in our lives that would benefit from greater efficiency, this isn’t one of them.
As for the blockchain, do computer books for kids not start with a lesson on GIGO anymore? You still need to trust the information that gets written to the chain is valid.
It helps that it is very rare to have a referendum question so you are usually just voting for your local member of parliament. The ballots are very clear:
It doesn’t take that long to count by hand, and it’s rare that people don’t accept a result or engage in conspiracy theories and court battles for months after an election. Recounts happen if the results are very close but there is usually very little movement in totals.
It is apparently a bit more expensive than using machines but I think it’s worth it. There’s something meaningful and beneficial for a civic culture when everyone votes with a tangible physical act in largely the same way it has been done for 150 years. It’s an unusual but radically inclusive act.
Voting by mail is possible by request, but less common, and uses a double envelope system to achieve a similar outcome.
Years ago, a group of us activists in the USA tried to understand manual counting better. We timed ourselves on mock elections using the "sort and stack" system. It goes about as fast as you'd expect (and reminded me of being a junior bookkeeper reconciling accounts at the end of period, ahhh nostalgia).
We also self-funded some official manual recounts, just to get better metrics. It wasn't pretty.
USA's elections are generally over complicated, with many races/issues per ballot. To enable efficient manual counting, we'd have to redesign our ballots so that they could be physically separately into federal, state, local sub-ballots, for separate processing.
Replacing FPTP with Approval Voting and Proportional Representation would also help.
This is how Australia does it. It works fine.
With the "hanging chads", the administrators hadn't cleaned the machines for years (after each election, turn over the machines and shake out the chads), so the holes filled up with chads, preventing new votes. Otherwise, the punch ballots weren't the worst option.
Sorry to geek out about this stuff. It was my thing for a while.
I mean, if my government decides to use some crypto/blockhain magic, there is no way I can figure out if using hash algorithm H in a method X is valid choice or if it is a backdoor/negligence.
This is an issue which simply does not happen with paper ballots (backdooring these is of course possible, but really expensive especially at scale). The attack surface is easy to reason out, unlike with cryptography.
Maybe it does not matter though (and maybe I am afraid of mathematicians secretly taking over the world, ha!)
Blockchains explicitly remove privacy, whereas voting should be the Australian Ballot, aka private voting & public counting.
"Black box" abstraction is utilized everywhere in the world and has been a core part of many functional systems. That's a silly basis to dismiss any technology.
I for one am quite happy that a migration from horse carriages, understandable by a middle schooler, to cars and trains has happened.
I don't have a position on using the blockchain for elections, I'm just not convinced by your point.
Democracy is a good idea not because it results in good government, you have only to look around and see the hopeless incompetents elected around the world, but because it averts violent regime change. Why march on the capital with pitchforks when we can just vote for somebody else?
During the process, initial votes that are recorded on ballot papers are to be counted by neutral observers. The procedure, being watched by Agora, is the key step to entering that data on to the blockchain."
You'll note that they carefully failed to disabuse anyone of the notion that the entire thing took place online.
Linkable ring signatures
 The property of linkability allows one to determine whether any two signatures have been produced by the same member (under the same private key). The identity of the signer is nevertheless preserved. One of the possible applications can be an offline e-cash system.
If we were to properly distribute the process by running a public key database and giving each citizen a private key by which to sign a message in the blockchain casting their vote, it introduces a new and far more insidious problem: the system now provides a receipt for each vote that a malicious actor could use to reliably buy votes on a massive scale with complete automation: visit a website, use your private key to prove you voted for their candidate, receive a bitcoin payout.
This is the second biggest threat to elections. And probably the most timely.
My tour of duty as an election integrity activist radically changed my worldview on these things. I previously thought the gear was the biggest problem.
Now I know that the biggest threat is disruption. While well intentioned, HAVA caused a lot of disruption. Resulting in no one knows what the rules are. Ditto the continuous ongoing "reforms". Like changes in voter ID laws, rules, procedures. Moving poll sites. Etc. Any changes that must be made should be done incrementally, methodically.
The second biggest threat is the privatization of our election administration. Like you observe. No private entity any where should be responsible for verifying eligibility, issuing ballots, counting votes. Election administration is the most fundamental function a democratic government performs, its prime responsibility. It must be performed by citizens working for the government to have any legitimacy whatsoever.
The third biggest threat to our elections is our form of voting. The USA's FPTP (winner takes all) elections are very brittle, intolerant of the inevitable margin of error. Much better, for both democracy and election administration, would be to use Approval Voting and Proportional Representation.
Yes, I still believe the gear we continue to use remains a big open untreated wound.
> it is still unclear who won
"The National Electoral Commission (NEC) declared a runoff after none of the 16 presidential hopefuls on the March 7 ballot paper secured the 55% needed to secure an outright victory."
Some dictator will run the first blockchain-based death sentence via a distributed big data popular jury to guarantee a fair and auditable trial?
PS : forgot to mention this was a cloud based, severless solution developed by a scrum agile team while pair programming in a 6th generation language for extra scalability and safety.
1. Can it be said that the election was electronic?
If so, why is the headline saying they used blockchain and not elections was first time electronic. (I consider blockchain here only as implementation detail).
2. Could voters vote from home over wire or they had to come to some kind of booth that had electronic voting device in it?
The headline here stating the use of blockchain is important because its the first election on the planet that has used the implementation and its an implementation that can't be modified without trace.
As for point two I have no idea, I am assuming it required people using voting booths but given the technology used, nothing is stopping it from allowing decentralized voting.
edit: As it turns out it looks as though people voted using traditional paper ballets and it was inputted into the block chain via a neutral third party: https://www.bitguru.co.uk/sierra-leone-presidential-election...
Either way, I can't see how fraud is prevented even with a blockchain in place.
Older thread below.
Perhaps if the company had used Postgres to store the results there would have been an article called "Sierra Leone just ran the first RDBMS-based election"? Probably not, since relational DBs are not buzzword material.
Does this basically mean authentication is centralized?
Instead of burning 200kWh for one transaction, a voting consensus system is enough.
BTW, there is also an e voting system in that repo, using neff shuffles.
I'm happy to see articles on the practical benefits of blockchains. I feel like they been drowned out by the media hysteria of cryptocurrencies lately.
Is the ledger hidden until the end of the election or publicly visible throughout?
I only ask as it's a subtle technical difference that could massively influence the outcome.
> Experts say a presidential run-off is likely as a first-round win would require one candidate taking 55% of the vote.
When even Sierra Leone has a more democratic voting system than Freedom Land™ (and I'm not talking about blockchains).
I’m convinced the blockchain is here to stay. Bitcoin? Not so much.
The blockchain, on the other hand, I think is more like XML/XSLT: a really interesting technology that has almost no real-world use that couldn't be done more easily with some other technology. And that 15-20 years after its popularity will be similarly obscure.
I've been looking for years, but, digital speculative pseudo-commodities aside, I still have not found an in-production, value-delivering use of blockchain technology that couldn't be done as well or better with some more well understood technology.
But for those who don't know the history, the vision was that XML would be this amazing interchange technology, and XSLT would be used to transform the XML as needed between and within apps, without needing real programmers.
For example, I know of one top-10 website circa 2004 that had their Java programmers producing only XML output. Then, XSLT specialists would transform that into HTML for rendering.
In theory, this provided a clear separation between back-end and front-end programmers. In practice, it was a giant clusterfuck, because any real work required coordinated changes at multiple levels. Although in theory the front-end work was independent, the reality was absurdly convoluted XSLT trying to turn not-very-good XML into something that rendered well on screen. Nobody sensible does this today.
At the time, XML/XSLT was expected to be central to a new, better way of making software. But now it's a weird niche thing, because although it was technologically cool, it was not actually better for 99% of use cases.
FWIW, there was a time when many people (embarrassingly, even myself) who thought that XML was a good way to represent data in a language agnostic way (these days, JSON fills that void -- there are even people trying to recreate SOAP and CORBA with JSON ;-) ). I won't go into the details of that, but even now I can probably make a pretty convincing argument that it's a good idea (which is why people are trying to recreate SOAP and CORBA with JSON ;-) ). But the point is that once you have data in XML, it's kind of a PITA to parse it (well, JSON is slightly better off there). If I just want a subset of the data, or I want to take bits of it and insert it into a different XML data set it's quite a lot of code to write. XSLT was for that.
But where we agree is that XML is not a great way to represent data (and, jokes aside, while JSON is much better it's also being overused). So without XML, there is no need for XSLT. But given that HTML can often be parsed as XML, it's still really useful for its intended purpose: to extract and transform data.
However I have seen one neat use in a previous job. We we dealing with a crappy API from a vendor. Crappy because it was a weird XML format, partially specified by a DTD but did unexpected things.
So we created an XSLT for the XML returned by their API. .NET allows you to generate classes from XSLT, so now we had a handy way to parse the data and process it. If we made any mistakes in the XSLT, just fix and regenerate the code. If the build breaks fix up any issues. The strong typing end to end meant we knew we had most of the cases covered.
I wouldn’t confuse that with rejection of the blockchain tech, just the cynical implementations that have mostly emerged.
The big issue these days is that the word "blockchain" is so broad that it's almost meaningless. I'm sure cryptocurrency advocates see this election as a win for instance, but in essence what do cryptocurrencies and this voting architecture share besides this rather nebulous concept of "blockchain"? Clearly the election is neither trustless, nor particularly decentralized.
Blockchain is not "tulip bulbs" (cryptocurrencies might be). Blockchain is like "cloud computing", "web 2.0", "web scale" or "full stack". It's a fancy marketing name that doesn't mean much on its own.
UNLESS THERE IS A WAY TO PHYSICALLY AUDIT THE SYSTEM, AND ESPECIALLY YOUR OWN VOTE, ALL SUCH VOTES SHOULD BE CONSIDERED NULL AND VOID.
DIGITAL ONLY VOTING IS A FORM OF VOTER SUPPRESSION AND CANNOT BE CONSIDERED LEGITIMATE.
Social interaction suffers greatly today, because of the success of Social Media, which was praised as a new and easy way to socially interact without going outside.
Blockchain might be the right choice of technology for the voting process, people still need to be obliged to go to the city hall to issue their vote, in person!
Don't worry; in the United States, it largely already has. Blockchain tech can't make it much worse.
>> people still need to be obliged to go to the city hall to issue their vote, in person!
Yeah, that's not ableist at all. Don't worry about those with limited transportation options. And piling tons of people into city hall will totally make people social again.... ???
You could argue from the Swiss example that more voting occasions wouldn’t change the main issues of modern democracies, but it doesn’t seems to lower the importance of voting either, with a similar turn out that elsewhere.
(Also, a technical solution to constant voting and flexible, transferable delegation of voting power is the main goal of the fluid democracy movement.)
It seems people only vote on what they care about. Which I think can be expected if there are many votes.
And you can also then police the undesirables by putting them through onerous identification processes.