Online voting through the blockchain is recommended by many new startups as a way to curb corruption and fake votes and to make tallying more accurate. The immutability of the blockchain allows for automatic tallies of the votes, producing a near real time vote count along with identity verification that goes far beyond simple ID checks present in today’s paper vote system. This also prevents the votes of dead people or people who emigrated.
The point of the 156-page report is as follows: malware on the devices of the voters would be able to alter the vote before it reaches the blockchain, thereby rendering the blockchain’s security irrelevant.
Unfortunately, as is often the case when people who are not experts in their field make conclusions, the conclusion is only correct because the premise is wrong. The claim that a Tesla Model S is a bad boat is only correct because it is not a boat at all, but a car.
Voting on the blockchain cannot and must not be attempted by letting voters use an app to cast votes. Their identity and vote must be verified on the blockchain but only as they cast the vote in surroundings outside of their influence.
Voting in booths
With dedicated voting centers, we’re merely replacing the old, inefficient, highly corrupt paper system with a secure, blockchain based one.
The voter is given a private root-key derived from their biometric information and a password – e.g. both iris scan and fingerprint – and Ethereum addresses can be generated from that key. The bio data is encrypted and thus not visible while the hash of these biometric data remains unique and permanently verifiable deep into the future.
The generated private key can be used to generate a public Ethereum address with additional data tacked on like age, emigration status, ID expiration date, etc. When entering the voting booth, the voter signs in with his biometric data and the password and this triple factor authentication is plenty enough for securing the space – far above the current simple visual ID check. The voter is then allowed to vote via a simple button which displays the chosen vote option on screen. Given that it’s all on the blockchain, the voter can use a third party app to make sure their vote was cast the way they intended.
For an added layer of security, a voter can have for example 6 hours to cancel or change the vote, and will need to identify themselves in the same way. Blockchain is immutable, yes, but only in that you cannot change what was done but you can change the data. If this wasn’t possible, we wouldn’t be able to send ether and tokens around. So the key owner (the voter) can have special permissions built-in to change the vote within a specific timeframe, further increasing the security of the whole system.
An added advantage of this approach is that the root key can be used to generate more addresses without making it obvious that they come from the same key. If, for example, you look at how the Ledger Nano S works when you connect it to some wallet-interface like MyEtherWallet, you’ll see an infinity of addresses there. There’s no way to determine that they all come from the same key and yet they’re all still yours, usable through a single key.
Such a derivation of single-use addresses based on biometric data would make participation in various raffles, polls, TV votes, reviews in apps and more possible without revealing the identity of the participant until absolutely necessary. Such a system can replace the entire current ID card and driver license system.
Voting at home
Since it’s unrealistic to expect “civilians” to use such methods of voting at home, it’s a little more complex there. One option is a verified government-issued device not unlike a bank token which plugs into a computer or smartphone. This device can run the biometric checks and issue transactions for the user once authorized. The only way to abuse this system is by kidnapping and forced votes or bribery, both of which are present in the current system as well.
Fear of new tech is counterproductive for society. Voting on the blockchain is not only secure, but also the ideal evolution of the voting system. There aren’t many use cases for the blockchain but this is certainly one of them. However, to implement this we’ll need experts that are willing to go beyond theorizing their fears.