[ANN] PeaceFounder's project - PeaceVote.jl

Hello, everyone

I am announcing three packages PeaceVote, SynchronicBallot, PeaceFounder as well as a prototype community https://github.com/PeaceFounder/Community.jl for transparent, secure and anonymous electronic voting. The mainstream approaches which I have encountered in the literature focuses on anonymising the vote. The design I am proposing focuses on anonymizing the signer of the votes. The way I do it is through a process I call braiding.

In simple terms, one can imagine the braiding to be a process of electronic voting where you use your current voter key to authorise and generate a new key pair to be put in the ballot box. After the ballot, the list of ids (public keys) would be published and signed by participants (unaccountable) forming a new current voter set. The process can be repeated, forming a list of blocks which are cryptographically multilinked to the previous ones creating what I call a BraidChain.

The BraidChain allows solving multiple problems of the electronic voting systems. First, it allows making unaccountable voting protocols robust against malicious participants by having multiple small ballots (braids). Second, it is an ideal medium to distribute trust for keeping your identity anonymous over multiple ballot (braiding) servers. And lastly, the ballot (braid) is software-independent due to the validation step.

To show how that would work, I made a prototype https://github.com/PeaceFounder/Community.jl which uses mixnet based electronic voting protocol SynchronicBallot. I also defined API for the communities which they are encouraged to support to enable easier participation by enabling them to define the web of trust for certification of members and allowing users to participate in multiple communities through a single app.

By moving fast on the design and wanting to see a functional prototype, I left behind multiple isolated problems which now needs to be addressed. For example, the performance is terrible as well as the way I use Serializers everywhere! Another pressing issue which needs to be addressed is how to prevent a community from reading all user keys and sending them over the internet. And the last part is on accessibility. Making an app and making a service which can verify existing social media identity and issue a certificate for the user so communities could grow in peace. It is an excellent time to get involved

References:

• The docs of PeaceVote.jl covers the big picture on BraidChain with more details. Also, see carefully selected references there.
• peacefounder.org contains more info.
• Nonprofit and opensource startup looking for people to develop electronic voting system for a historical record when the development started.

JE

4 posts were split to a new topic: Side discussion on xkcd comic

Sounds ok for accessibility, but I hope social media will not be required.

That would depend on the community hosting TheirCommunity.jl. One community might decide to use already available social media identities for automatic gate-keeping or be fancier and use state-issued ID cards. Others may have a real people delegated who sign the keys of new members or have a protocol on how members agree on legitimacy.

Currently, I am exploring the idea of tabletop voting where people are actually present in the same room, and thus, registration could be made simpler.

How do you ensure the privacy of the voter? I.e. that his public key won’t be mapped to a personal identification by loggin the timestamp when he inserted? When voting at the local town hall I see that nobody opens the box directly before/after I put my vote into it. So I can be sure they won’'t log the vote/id pair.

To protect privacy I need two elements - an anonymous network which does not allow to link the IP address of the voter to the vote and braid and the braiding server(s). The braiding server is where the anonymity is acquired and is an electronic protocol of its own. That can be visualized as follows:

braidchain1101×609 38.4 KB

The question then may remain how one ensures that privacy is preserved during the braiding procedure. What if the malicious person has full access to the server and records everything on the network?

There are two options - there are multiple ballot servers (and configurations in the case of mixnets) and members braid through them all to distribute trust. Or use a ballot protocol with a single server which requires multiple participating parties to collaborate to reveal the anonymity. For example in SynchronicBallot.jl enemy camps could host mixer and gatekeeper or TookenBallot.jl (which is not yet implemented) requires to break the anonymous network. These protocols are really bad at scaling, and that is the problem which BraidChain solves.