[wh1te_n0ise]

I can see how that would be a concern, and I'd say to that - it really depends on the implementation.

You could have a blockchain-based system where everything is public (say, like Bitcoin), which from your perspective would be bad.

You could have a blockchain-based system where you need a "view key" in order to actually view the details of a particular transaction (say, like Monero), which from your perspective would also be bad.

In the latter system I'm describing, you could have a procedural control that you have a choice of receiving your "view key" or something along those lines to deter coercion and vote buying.

Other possibilities would be allowing voters to change their votes at a later date, or creating a system that allows voters to vote remotely such that they could do so in the comfort of their own home where they'd be (presumably) free from coercion and other influences.

[Godel_unicode]

If it's possible to get vote attestations (using view keys for instance) then coercion and vote buying will happen. Consider that if I can coerce/buy your vote I can coerce/buy your view key (no a duress key doesn't help, if it exists I'll demand both).

The system needs to retain the current property of being able to lie about having voted a certain way with 0 chance that you will be discovered because getting proof is impossible.

Consider that it won't be "comfort of their own home" it'll be the comfort of their union bosses office so he can be sure they voted as directed.

[wh1te_n0ise]

First off, I hope you realize that in the current paper systems that your "union boss" could literally walk down to the voting station themselves and give them your name & birthday and just submit votes on your behalf without needing to "coerce" or "buy" any votes.

Regardless, I said that it was dependent on the implementation. If I am able to change my votes at a later date, then who cares if my union boss can pull me into his office and force me to vote a certain way? I'll just go in that evening and issue a corrective vote and be issued a new "view key" associated with that transaction and my boss would be none the wiser.

Or you could have a system where the blockchain isn't public, but rather it's only accessible by a few designated government machines. Then for auditing purposes if you want to verify your vote, you go into a facility (no electronics [besides your identification] allowed) with your "view key" and prove your identity (biometrics, smart card) and then you're able to then receive assurance that your vote was recorded as expected by viewing the transaction from one of the government machines.

Then your union boss doesn't have the ability to check your votes.

You know what I love though - people who make all discussions black and white and don't consider the large spectrum of possibilities.

[rspeer]

> First off, I hope you realize that in the current paper systems that your "union boss" could literally walk down to the voting station themselves and give them your name & birthday and just submit votes on your behalf without needing to "coerce" or "buy" any votes.

Your threat model is nonsense.

Yes, people do commit fraud in elections, but they do it as insiders where they have the opportunity to covertly meddle with large numbers of votes.

They do not do it by walking into a precinct in plain sight and claiming to be someone else, risking everything for the chance to cast one vote, unless they are very, very dumb.