How to create an anonymous, unhackable voting system on the blockchain
How to create an anonymous, unhackable voting system on the blockchain
…using the magic of zero-knowledge proofs
Paper-based voting (like the US Presidental Election) is an expensive and nonoptimal way of voting. I have no exact data, but it costs billions of dollars. Managing the voting process and counting votes needs a really huge amount of human work. Can we do it better, cheaper, and more secure? The answer is yes! The cost of a blockchain-based voting system would be only a fraction of this money, and it would be much safer than the current paper-based method. In this article, I would show how this blockchain-based system would work.
The method of paper-based voting is the following:
- After an identification process, you get a ballot, and a poll worker marks your name on his list. This ensures that you get only one ballot.
- You fill out the ballot and put it into the ballot box.
- When the voting day finishes, poll workers count the votes.
This is the classical, paper-based voting method. It’s not a bad method, and not easy to cheat in it, but it has several attack points. If the poll workers are fraudulent, then they can skip ballots from counting, help malicious actors to vote more times, etc. Another disadvantage of this method is the huge amount of human work, but the technology of blockchain can solve these problems.
Why blockchain? Blockchain is a public and immutable database of transactions. Everybody can track the voting method in real-time, and detect any malicious behavior.
When somebody votes, the system writes his unique identifier (hash of the driving license, or security number, etc.) to the blockchain and checks if he already voted, so double voting is impossible. Because of the immutability removing votes is also impossible, and if the list of possible voters is written to the blockchain in the preparation phase then fake voting (voting with a non-existent identity) is also impossible.
The only way to cheat the system is if somebody votes instead of some other person, but we can prevent it in different ways:
- the real voter can detect the malicious voter by checking the blockchain (because the data are public), and making a report
- one or more witnesses testify that the voter used his real identity (false testimony is a crime)
- identity proof can be stored for the vote (ex.: a video where the voter shows his driving license to prove his identity) — this can be used as proof of the witnesses were malicious
By using these methods, blockchain-based voting is more secure than the paper-based method. Because of immutability and publicity, the voting method is fully verifiable even if the voting happened online through a video conference system, which is more comfortable than paper-based voting in a polling place.
The only question is anonymity. How can this system prove the same anonymity as paper-based voting? The answer is zero-knowledge proof.
With zero-knowledge proof (ZKP) you can prove something without revealing any information about it. In the case of anonymous voting, the voter generates a public and a secret token. After the identification, he sends the public token to the system that writes it to the blockchain. When he votes, he uses the secret token and a ZKP that proves that the secret token is assigned to one of the public tokens without revealing the public token. This system ensures that every registered voter can vote only once, but nobody can assign the voter to his vote. This makes the system anonymous, and this anonymity is mathematically provable! (I have a full article about zero-knowledge proofs. It is highly recommended to read it to understand how ZKP works. In the article the public token is called ‘commitment’, and the secret token is ‘nullifier’.)
Now we have everything to build our blockchain-based voting system. Let’s see the process:
- Instead of getting a ballot, the voter sends his public token to the poll workers.
- The poll workers identify the voter (by using his driving license, etc.) and write the public token to the blockchain with the unique identifier of the voter and optionally the validation proof (ex.: a video where the voter identifies himself). The whole process can be done online, and the validation proof is digitally signed by the poll workers.
- The voter votes by his secret token that cannot be assigned to the public token, so nobody can assign the voter his vote.
In this system counting of votes is done automatically and in real time without any manual intervention.
As you see, it’s absolutely possible to build a highly secure and cheap online voting system based on blockchain, that can be used for the presidential election, referendums, or in any case where voting is needed. It’s almost impossible to cheat this system, so there is no valid reason to use paper-based (in-place or postal voting) voting anymore…
UPDATE: I’ve built a proof of concept. You can read the article here: