Nice to see Civitas would use a tamper evident log file (rolling temporal hash). Alas, generally, encoding the order of the ballots cast destroys voter privacy.
I stand by my earlier comment (cross thread): These crypto based voting systems rely on hash collisions to hide individual ballots within a herd of ballots. Because Civitas encodes votes as ranked preference (to support winner takes all, Condorcet, approval voting), there's even more information contained within each ballot, decreasing the likelihood of a hash collision, increasing the likelihood of inferring each voter's unique ballot.
Something did occur to me, however. Right now, all races are encoded onto a single ballot. Making it more likely that every ballot within a precinct is utterly unique.
But if each race was split onto its own ballot, then a crypto based voting system might be workable.
As loathe as I am to validate a crypto-based scheme in any way, these schemes aren't going away, no small part because the geeks keep pushing technological fixes for perceived societal problems. So I'm somewhat resigned that I should make the most of it, help make sure the worst parts are mitigated.