[imw]

While I agree with your point about client-side vulnerability, I think the central issue you highlight has reached a tipping point. The use of zero-knowledge arguments of knowledge, such as the zk-snark, allows for anonymous, but still verifiable voting systems. These could be decentralized (via blockchain or similar), or built according to a more traditional architecture, but I do think that such a tool would represent a genuine advancement in voting systems.

[lolc]

The problem is that very few people can follow how a zero-knowledge protocol works. We'd all have to trust a small set of people to do it right. And then we'd have to trust the people implementing it to do it right. Then we'd have to trust the people who provision the devices it runs on to do it right. But then we'd have to trust the devices themselves too. All the people who worked on the devices must be trusted. In the end it means we can't know there was no manipulation.

Contrast this with a box where you can watch the pieces of paper as they are put inside. And as they are taken out again. As long as you can watch the box, you can can verify the process.