[maneesh]

This is why I always have thought that election voting would be a perfect use case for a blockchain.

Imagine a way that you could look up the blockchain with your key (SSN?) that is somehow one-way-hashed to show you the result of your vote. The value param would be plain-text. Someone else wouldn't be able to see your vote without your key, but you could confirm yours was recorded properly. Anyone could tally the values to get the final value.

Because the blockchain is trustless and distributed, you wouldn't have to worry about an election machine flipping your vote.

Apart from currency, this seems like a great use-case! Are there any flaws in this basic structure?

[andrewla]

First of all, what you're talking about more resembles a Merkle Tree rather than a blockchain, because the "chaining" property is really useless in this scenario. Each election can publish the Merkle Tree of its results and you can be sure that your vote was properly registered. Or frankly, just publish the list of one-way hashes and their vote, and you can dispense with all the Merkle-ing.

But what about a Sybil attack? How do you ensure "one person == one or zero votes"? I could submit a jillion votes for Donald Duck and how would you ever know that those votes were all cast by the same person? Any sort of election scheme has to deal with messy real-world identity, and there's no cryptographic solution to that, only various weak social network approaches that are pretty much the norm.

[creeble]

A Sybil attack in this case is just a reveal (once again) of the oracle problem - a blockchain doesn’t provide proof that you are you. Therefore, it cannot provide proof that you cast only one (or no) vote.

Verifying your identity is outside the blockchain. Thus it can provide no value for voting.

[maneesh]

As to your first point, I'm not familiar with Merkle Tree's, so I'll learn about that before I respond. Thank you for the insight.

To the second point--I would imagine you would vote in the same way we do today for MVP, in-person / mailing, etc. So the main function would be to verify that your vote was properly recorded and counted.

[ninjanomnom]

Voting is intentionally designed for it to be impossible to verify what your final vote is so that it's impossible for someone to use that to hold you to a particular vote. A classic example being a household all being forced to vote one way by the head of that household. With no verification possible you can freely vote without influence from others who would use that verification for their own ends.

This is also why taking a picture of your ballot will nullify it if you're caught doing so. Not as punishment, but so you can vote again with potentially different choices and a valid excuse for having no verification.

[maneesh]

This is interesting and something I hadn't thought of. Thank you.

[b3spoke]

https://www.youtube.com/watch?v=w3_0x6oaDmI elaborates on that point, and has some other useful points against electronic voting

[mechanical_bear]

> This is also why taking a picture of your ballot will nullify it

In what jurisdiction is this the case? I have never heard of it.

[amalcon]

It generally won't, because the systems are designed to make it difficult to nullify a specific person's ballot after the fact. In some jurisdictions, though, there are specified criminal penalties for doing this.

[mikestew]

You can do a search, but a minority of states in the U. S. outlaw it.

[pron]

> This is why I always have thought that election voting would be a perfect use case for a blockchain.

You mean, other than trusting elected representatives to oversee the election you'd rather trust miners?

[brazzy]

Of all the things you could do with a blockchain, it's probably the worst.

The legitimacy of voting outcomes depends critically on everyone understanding and in principle being able to verify how it works, and it being resistant to tampering at scale.

Very few people would understand a blockchain based voting mechanism well enough to really verify, and any implementation error could give an attacker complete and untraceable control over the results.

Relevant XKCD: https://xkcd.com/2030/

[mitchdoogle]

You telling me everyone understands computerized voting machines? Because I don't think there's that much of a gap between people who know about those vs people who know about block chains

[brazzy]

No, those are a bad idea as well.

[Nursie]

You also need a way to use your key to show a false result, or someone can use rubber-hose cryptanalysis to see your vote.

[maneesh]

Is rubber-hose cryptanalysis the concept of extracting info by torture? I guess... I mean, if you're willing to beat someone to get their SSN, you could probably do a lot more harm already just using that info to apply for CCs and loans in their name.

Maybe I'm mistaken or confused here, but in that specific case you could just give any random 9-digit sequence and it would suffice? A non-SSN voter ID would work just as well for a key.

Are people threatening others based on their votes these days?

EDIT: /u/ninjanomnom brought up a good point regarding heads-of-households, which I hadn't thought of before. I suppose some sort of method would be necessary to obfuscate your vote in some situations.

[Nursie]

Right so the problem is that you want to be able to verify your vote, but you don't want anyone else to be able to verify your vote. Your SSN is semi-public and lots of people likely already know it (e.g. employer, who is also a prime candidate to try to buy/coerce your vote). But even with a private key, you have to assume you can be coerced into giving it up.

So any system that allows you to verify a vote needs to come not only with a way for you to validate it, but also with deniability built in. Because if it's not then you can a) sell your vote or b) be intimidated into showing how you voted (which may result in a firing/beating if you did it wrong).

There are, I think, one or two ways to achieve this, but it's a non-trivial problem.

[keyanp]

There are a number of attempts to accomplish this goal by using homomorphic encryption, without needing blockchain. For example, https://en.wikipedia.org/wiki/Helios_Voting