Nonprofit and opensource startup looking for people to develop electronic voting system

Hello, everyone!

I am currently founding a nonprofit tech startup PeaceFounder with a purpose to give equal voice to everyone anywhere and thus in the process found a peace. The technology which enables to achieve such ambition is PeaceVote protocol which I developed as part of a Twitter conversation to find the fundamental reason which makes electronic voting unsafe*. And so I came up with a protocol which satisfied all requirements - anonymity, legitimacy, uniqueness, verifiability, mobility, openness and transparency, security and lastly no bribery and coercion in the voting process. I also had email correspondence with recognizable pro-paper bailout experts who could not find a flaw. If you find one let me know it here as I could still save a lot of time if this all is nonsense

To get the right feeling of the protocol you can imagine a paper bailout except where usually person puts his vote in the envelope one puts his generated public key and instead of count, the observers publish the anonymous public key ledger. Then each citizen can sign a vote and deliver that anonymously (for example TOR) to the collection server or to a bailout box. Such a protocol satisfies all requirements** but is not practical.

Fortunately, there are other ways to establish anonymous public key ledger. The one which I propose for the PeaceFounder organization is assuming that there exists a closed group chat where one can establish a confidential communication between the members. The idea is that the maintainer can generate a private key (let’s call it a block key) and send that to all members in the waiting list at the same time. Then users only need to sign their own generated public keys with block key and send it over an anonymous channel. Either a user leaks the key or maintainer viciously adds a fake one himself users can detect that. In this way, electronic voting can be made extremely transparent.

Julia, for this project, is the obvious choice because of three reasons. First, the code used for the voting platform must be readable for as many members of the community as possible and should be easy to tinker and modify the code. Second, for absolute transparency, each user does vote counting on his device himself. That requires performance for big data processing (relative to the device). And lastly, it would be great to make a community registry to endorse those whose implementations are safe, but different.

Currently, I am alone at writing a simple prototype hosted on Github. For making a demonstration of its usability, I need something which can host a group and make a confidential messaging between the users. An obvious choice seems to be Telegram since it has open-source front-end and API. However, I still need to wrap it in one ore another way. Other issues I could work on are in https://github.com/PeaceFounder/PeaceVote.jl/issues

In the future when the PeaceVote would be a mobile application at least for Android, a requirement would be built in the software to make communities to vote once a year (or a different period) on how much they would like to donate for the PeaceFounder organization. Then the spending would be voted on by the members of the PeaceFounder organization. So the significance of contributions should correlate with the salary.

In the end, I need your help. Let me know are interested in contributing to the project send me a private message so I could add you to the PeaceFounders Telegram group. Currently, besides me, there is an experimental physicist and a political scientist. Perhaps, I can also pay something for the contributions as I do have some savings.

*: The academic consensus with professor Ron Rivest in the frontlines is that electronic voting is not safe, especially internet voting. Exceptionally clear and strong words had been made about blockchain solutions pages 103-105 in the report Securing the Vote: Protecting American Democracy |The National Academies Press
The thing which I think which had blocked academic minds is that one needs secrecy to have anonymity and so one concludes logical impossibility.

**: The problem is, however, that such protocol would give bribers and coercers a room to celebrate. An essential extension to the protocol is the ability to be able to make marked signatures. See peacefounder.org/PeaceVote for details.

JE

For security and mobile app use case, many would recommend Rust to you

Indeed, I see Rust has a place for the mobile app interface (see that here). To have a safe storage of the keys, sand-boxing the environment and etc… But I also know that Rust has a very steep learning curve thus Julia is more reasonable as a glue language as anyone can see and tinker with the protocol. Security is not only about the software, it is also about people who looks into it and can understand that.

From the description, I am not even sure if your project is a client (eg an app), something that runs on a server, both, or something else entirely. This is relevant because Julia’s comparative advantage at this point is composable generic code used more or less interactively or in scripts (eg for scientific programming). The repository has no Julia code I could discover at this point.

As for your reasons above, it is useful to know what your “community” is. If they already program Julia, then sure, it is worth a try, but this is not obvious to me, since you are the sole contributor to these repositories.

Transparency would be served by any open source platform, and if the algorithm is otherwise fixed, C, C++, Rust, or Go may be better choices. Maybe they already have the crypto libraries you need.

The project is about a client app, community repository, and two server processes - one for collecting stuff from users anonymously and another one which issues a private block key to the new users so they could sign their private keys. The client app is the interface of the community repository. The community repository (which is currently a package) is the one which defines - how messages are delivered, what are policies for counting the votes, how the proposal gets being officially voted on and etc. That is a political decision on which community starters needs to decide uppon. The code needs to be readable so as many people who have an idea could experiment and establish their own community repositories. Currently, the prototype of the community is in the progress where blueprints are in the issues and documentation.

Julia has REPL which make easy to interact with the code, because of the design the code is more readable and open, and the execution of code can reach the capability limits of the hardware. I saw before that someone had managed to run Julia on Android. That seems enough for me to design UI in Rust and couple that with Julia so the community code could be executed - to count votes, check the integrity of public keys in the repository, to synchronise with the collection server (in rsync -a fashion) and etc.

Perhaps an analogy is to look on the community (for example Community.jl) as an application and PeaceVote.jl as an operating system where instead of hardware it manages user interaction with the applications.

C++ is a horrible language. It is sure possible to use one of those but then I would not have fun. Rust comes close to my choice, but my knowledge about it is only theoretical. I haven’t even written a hello world program. It just looks too hard. From this personal experience, I conclude that Julia is a more accessible language.