[mckmk]

There is fundamentally no way to do voting on the blockchain that limits one person to one vote and still maintains a system that isn’t completely reliant on trusting a third party at every important level. To start, and this is really important. The end users MUST maintain their own private key and choose their own software that interacts with the blockchain directly. If they use some common website or mobile app then the blockchain is providing nothing. That site / mobile app is already in the middle of 100% of the data. BUT, how we verify people and distribute private keys without again trusting a middleman? And if we don’t distribute private keys and instead have people register online, what stops someone from registering 2 times, 10 times, 1000 times, 1 million times? If some party is saying who can and can’t register for private keys for this blockchain then they are… what? A trusted third party.

What if I lose my private key? Can I just no longer vote for the rest of my life? If I can somehow reclaim my vote that means there is somebody that’s actually controlling that blockchain and it’s no longer trustless and reliable if some party has that power. If I lose my private key and lose my right to vote then that’s a bad system.

What if somebody starts paying people for their private keys? It seems like it’s illegal and immoral to let the practice continue but there’s no way of stopping it. Those private keys are either irrevocable which stays true to the blockchain and not trusting of a middleman OR there is some party the ability to revoke those keys and in that case… THAT’S a trusted middleman.

What happens if a user claims the vote they cast isn’t what the public ledger shows their public key/address as having voted for? What if a lot claim that?

What does the blockchain really provide in these kinds of imagined uses? That a certain set of private keys DID sign a certain set of transactions - assuming a 51% attack isn’t affordable enough for some party wanting to sway the election. That’s it. No connection to reality. Any non awful implementation of it involves inserting trusted third parties at every part of the process. And this isn’t because we’re ‘early’ and we’ll somehow figure these out. They’re fundamental to blockchain design.

[lawn]

> BUT, how we verify people and distribute private keys without again trusting a middleman?

In the case of a national election it's of course okay to trust that the government distributes the keys.

As I said in Sweden we have BankID. With it you log in to all banks, do your taxes, doctors appointments and journals, etc. These are given out at banks and service points which require your ID and send to your address (the exact same security checks as when you're voting). They can be withdrawn and renewed as needed.

We distribute the votes so 1 vote = 1 BankID vote. It's also technically possible to allow users to change their vote if done before the deadline.

All this can happen on any blockchain for example the very secure Bitcoin chain.

> What if I lose my private key?

You renew your BankID and you can change your vote.

> What if somebody starts paying people for their private keys?

What if somebody starts paying people to vote for them? Same problem.

> What happens if a user claims the vote they cast isn’t what the public ledger shows their public key/address as having voted for?

That it's even possible is an improvement over what we have today. Now I just don't know if my vote was counted incorrectly either by a tired worker or a corrupt one(s).

> What does the blockchain really provide in these kinds of imagined uses?

All votes can be counted publicly by anyone. There's no possibility for more votes than registered residents for example. There's no delay.

A lot of money is spent on setting up voting booths, collecting votes and counting them. This is much cheaper. We also don't throw away so much paper.

> assuming a 51% attack isn’t affordable enough for some party wanting to sway the election

Firstly a 51% attack would be easily detectable.

Secondly the only thing you can do is prevent people from voting. You cannot vote for them.

Thirdly all votes cast on the orphaned blocks can still be detected.

[mckmk]

>We distribute the votes so 1 vote = 1 BankID vote. It's also technically possible to allow users to change their vote if done before the deadline.

You're describing a system where the government has a list of IDs and associated Private Keys and therefore knows who everyone votes for. That IS NOT OK.

[lawn]

There are ways to anonymize transactions. For example Monero's ring signatures and stealth addresses or ZCash's shielded transactions.

Also it's not that the government has their private keys. The government basically sends a token to an address the voter controls. So they cannot steal their votes and they cannot see where their transactions went.

So this is solvable.

[mckmk]

> So this is solvable.

I'm not so confident. The Monero output from those transactions is actually only knowable to the intended recipient so I don't really know how this would work best. Would there be a pre-determined address that we're all sending our vote transactions to? Would that key be public so it could be audited by everyone? It seems like in this scenario systematic abuse by the government would be trivial. Just grant a few % extra tokens to address you control and sign the transactions to vote your way and the'd be no auditability, no knowing which votes came from where. In many elections the polling is good enough and the margin narrow enough that it would be extremely easy to do and not look suspicious.

[lawn]

For example we could have a single address and you vote by tagging your transaction in some way or several addresses which each correspond to one answer. These should all be public.

The initial seeding should also be public so the total amount of votes could be audited as well. It's possible to set it up so you can't ever create any new votes after the initial seed (this is possible in all current token schemes for example).

> Just grant a few % extra tokens to address you control and sign the transactions to vote your way and the'd be no auditability, no knowing which votes came from where. In many elections the polling is good enough and the margin narrow enough that it would be extremely easy to do and not look suspicious.

This is a big problem with paper voting actually. At least with the blockchain based voting you cannot create extra votes out of thin air.

With paper voting you might be able to say "the faulty votes came from this district". You could accomplish the same by setting up separate blockchain votes for each district and then just adding them together to form the final vote to get the same property.

[mckmk]

>The initial seeding should also be public so the total amount of votes could be audited as well. It's possible to set it up so you can't ever create any new votes after the initial seed (this is possible in all current token schemes for example). I don't think this addresses the problem. In the US voter turn out is often 30-40% of registered voters. Total vote count would certianly not be a useful metric there.

I hate to be too pedantic about this but that's sort of the point. It doesn't sound like you're describing a blockchain anymore or at least getting any of the purported benefits of a blockchain. You have a central authority now setting up numerous separate instances, controling who gets the voting tokens, able to revoke and re-grant tokens at will, and in charge of setting and publishing the destination. The whole advantage of the blockchain is that there isn't a trusted 3rd party.

If you're already trusting the government you can do cryptographic hashing, a publicly readable database and build in a ton more transparency.

[tim333]

>What if somebody starts paying people to vote for them? Same problem.

Not really - paying someone to vote with the usual paper system doesn't work because you can't verify that they've voted the way you paid them to.

[vinni2]

>you can’t verify that they’ve voted the way you paid them to.

Not if the voter opts in for the vote by mail.