Cryptocurrencies don't need to do things like make sure that no human gets more than one vote, only humans (no bots) from a specific part of the world get a vote, and keep votes secret. Blockchain is not the solution.
> Cryptocurrencies don't need to do things like make sure that no human gets more than one vote
That's pretty much the problem they were designed to solve no? It's called the double spend problem, and it's crypto's big comp-sci innovation. The whole paper was about it.
The secret ballot requirement foils this. Transaction identities are well-known and public; voter identities are secret and unverifiable. Any attempt to link ballots with identities to prevent double-voting also reveals how someone voted.
Crypto identities are identities, as much as human names or Social Security numbers. If you know who the identity represents, then you know that human's transaction history for all time on that blockchain.
Ballots do not have any identifying information, intentionally. There is no tracking number or possible mechanism to de-anonymize a ballot back to the human who cast it. Notably, there is not even a unique identifier for a single ballot that could potentially be used to identify a person.
Most importantly, there is no value that is unique to the ballot that I can use to verify that I am indeed the person who filled it out, so some nefarious organization could threaten me or my family to produce proof of how I voted. Or pay me, or influence me based on the outcome.
So there is no "identity" that you can record in a blockchain to prevent that identity from casting two ballots in the same election.
They are until you need to verify them and ensure nobody owns multiple identities. The following must be true:
- We should know whether you may vote (you are a citizen, over the legal voting age, and haven't been taken away that right because of a crime, etc.)
- We should know whether you did or didn't cast a vote (to prevent you from voting twice)
- We should NOT know who you voted for
- You should be able to know the votes are counted towards the party intended
You can't solve that with crypto, since you need a way of proving your identity, while at the same time making the payload anonymous and not traceable back to you.
> You should be able to know the votes are counted towards the party intended
These requirements are contradictory. If you can verify that your vote was counted toward one outcome or another, your vote can be coerced as that verification can be demonstrated to a third party.
At some point, one needs determine whether voting transaction 123 by votecoin address 3456 was made by a valid voter and that the voter has only voted once.
So how do you do that? If a central authority does it by say, issuing votecoin addresses to voters or asks voters for their self-generated addresses, then your ballot is no longer secret since they can see exactly who voted for what.
If a voter shares their votecoin address with anyone, then anyone can see how they voted inviting vote buying and pressure schemes.
I think you're restricting your thinking to Bitcoin. The question is, can cryptography methods solve the problem, not can Bitcoin solve it.
I'm not a super expert, but from the little I know, I think it's possible to issue a one time use key that lets you sign a private/public key pair.
So when that public key enter the network with 1 vote and cast it on the distributed ledger, the network can validate the key is signed by the authority.
You know that the authority allowed the key to exist, but not who the key ties back too.
And the user could only sign one key, so they can't create more.
> I think it's possible to issue a one time use key that lets you sign a private/public key pair
Keys are just numbers, there's nothing inherent to them that prevents their reuse. These one-time-use schemes rely on out-of-band protocols to honor that they should not be reused, for example by trusting in a central authority to check and reject such keys, which defeats the purpose of using the cryptographic scheme in the first place.
> You know that the authority allowed the key to exist, but not who the key ties back too.
That's not the point of ballot secrecy. Under this scheme, I can be coerced into revealing my vote, because you can't create a control to prevent me from storing the signing key or signed keypair; either of which would suffice for a third party to find the public key on the chain which corresponds to my signing key. If you make these actions entirely remote, so I have no access to key material, then you are trusting the remote authority to issue me a secure keypair that can't be reused.
That said, there's no good reason to issue a keypair or use PKI for this, as there is no encryption happening and there's only one subject (the voter). A cryptographically-signed ID in this case can only be useful to tie votes to voters, which we have established violates the secret-ballot constraint.
Haven't crypto an opposite bias, with no guarantee that any given transaction's ledger will stay relevant ?
Dropping votes is as problematic as allowing too many.
In general, money transactions have failure modes that don't match what we want for other use cases. That's the same trap as using credit card payments for ID verification, it only works if you don't actually care about the ID.
Yes and no. Confirmation takes time. But it heavily depends on the crypto. Some can be pretty fast. Once confirmed it's guaranteed, it won't drop off.
Assuming you can vote from the comfort of your phone or home, that's kind of the whole point, it doesn't matter much if you have to wait even 30 min to get confirmation.
the double-spend problem is unrelated to account-association (KYC, etc.) problems, solving the former doesn't solve the latter
the core problem with keypair-based systems is that people will lose their private keys, and that has to be accommodated, which requires trust delegation, which blah blah blah we've already worked thru these issues 1000 years ago and the result is representative government
Correct, there are several aspects to voting that blockchains don't address:
- The Human Identification Problem (not sure if there is a more official name): uniquely identifying a human being. If you solve this, you solve many forms of fraud (anything rooted in identity fraud) and eliminate entire industries dedicated to reducing fraud losses. Best attempt so far has been the Estonian ID system [0]; Sam Altman tried with Worldcoin but that ended up being yet another crypto grift. Incidentally, Estonia uses its identity system for electronic voting.
- Proof of citizenship; citizenship in the US for most people is a birth certificate issued by a hospital or other authority several decades ago, or a proxy to this document such as a passport. Naturalized citizens have it easier here because they have a state-issued document declaring their citizenship.
- Proof of residence: This is also something not verifiable via a blockchain or smart contract, because it depends on the state and relies in part on your physical location and your intent. Legally you can only vote from one voting address, but there are countless people registered with multiple addresses across states as they move residences.
- Secret ballots: You cannot tie votes back to voters in a free election. Blockchains are open and publicly-verifiable, which is good; but cast ballots cannot be verified _even by the voter_. Blockchain doesn't bring anything to the table here over, say, a database; because the recorded ballots must not be tied back to human identities, you cannot use any of the work done to verify the three previous points to verify the election outcome. Blockchain would boil down to replacing or augmenting paper ballots with a provably immutable record, where you still need to place trust in the system recording votes on the chain.
Well it would still be the government that gives you a "voter id". That part wouldn't change. It would still be a manual verification of your IDs and what not. But once you have a "voter ID" you actually vote online.
I believe you can do this with crypto. It's still anonymous. The government verify you, then give you a signed key that you use to generate your voter ID locally yourself. The network accepts your voter ID because it's signed. I think there's even ways to allow single use signatures and so on.
Now everyone gets one and only one voter ID (which is like their wallet) but for voting.
That's pretty much the problem they were designed to solve no? It's called the double spend problem, and it's crypto's big comp-sci innovation. The whole paper was about it.