Monday 6 February 2017

Ballot by Bitcoin.

I worked out a system for online e-voting that each voter could verify as correct for themselves.

The biggest flaw with all online voting is that you have to trust the people running the election.

Unless you can verify that only real voters voted, they only voted once and their votes were counted correctly - then your vote is meaningless, even if correctly counted, it is potentially over ruled by other bogus ballots.

My system fixes all these problems - ensuring that tampering cannot go undetected.

However, I worked out a simplified system with some limitation using bitcoin(!), the main limitation of this system is that the organisers can trace how individuals voted, and votes are counted as they are cast, so giving late voters a chance to change their vote based on progress. However using existing bitcoin infrastructure means it can be used immediately and virtually 'for free' - a little 'training' of users is required as using bit coin is a little more complex than making a cross on a piece of paper.

So here goes.

(Note although I say £1 here for convenience, the amount should be a fixed number of satoshi/division of bit coin)

You open the election by depositing £1 per voter into a new bitcoin account, and creating a new account for each candidate. Voters register using whatever method you want to verify their identity, once satisfied you transfer £1 from the election account to a bitcoin account of theirs.

Once registration is complete, voters are free to establish with the organisers that only valid voters have been registered by whatever physical method is agreed.

Voting entails each voter transferring the £1 they received from the election account to the account of the candidate they wish to vote for.

Once voting is closed the, the accounts are verified - only £1's transferred from the election account, to one voters account and then to a candidates account are valid (this is not a difficult program to write, but is not currently available 'off the shelf') - the candidate with the biggest (valid) balance wins.

The vote is entirely public and can be verified by every voter. The account of each voter is only known to the voter and the organisers. No votes can be changed, no vote can be 'lost', any bogus additional votes can be identified and discarded.

As mentioned, the main limitation is that the votes can be counted as they come in which may be used to influence later votes, but if this is an issue the voting period could be short - hours rather than days even.

If these limitations are too bad, then my full blown system would be the answer - it is more private so the names of all voters can be visible so all voters can be sure they are not stooges or fake, and the count is only available to voters at the end, so later votes cannot be influenced by earlier ones.