undefined | Better HN

0 pointsscott_s8y ago0 comments

I don't think verifiability is the same. Yes, assuming the public database has some unique ID per vote, one could go in and verify their own vote was in the tally, and we could also verify that the final tally is the sum of everything in the public database. But what about someone who claims their vote was eliminated after voting occurred? There's no way to verify that either way. That kind of tampering, though, would not be possible using a blockchain, where the chain is constructed as the vote happens.

0 comments

3 comments · 1 top-level

MaxBarraclough8y ago· 2 in thread

Part of the point of voting machinery is to make it impossible for the government to see which way a specific person voted. (Excepting a totally unanimous vote, I suppose.)

But I figure we could tag each vote with a unique hash that's generated by, and known only to, the voter.

Then, when all votes are cast, the database can be made public, including the hashes. Then each voter can check that their vote has been registered correctly, without the government knowing who voted what way.

This wouldn't be good enough, though. We want to make it impossible to confirm to anyone else which way you voted, even if you want to, in order to prevent vote-selling.

> But what about someone who claims their vote was eliminated after voting occurred? There's no way to verify that either way.

You mean someone who cast a vote but then doesn't see it turn up on the public voting database? I imagine we could solve that with crypto. In my model: when you vote, you are given a cryptographically-signed proof-of-vote that is tied to your unique hash.

> would not be possible using a blockchain

Unless I'm missing something (which is entirely possible), I've shown that blockchain isn't the only solution.

scott_sOP8y ago

If I understand your scheme, tampering is still possible, we can just detect that it happened. The major difference with a blockchain-based voting solution is that after-the-fact tampering is not possible; you can't arbitrarily remove votes from the chain. And if we try to modify your scheme so that we start cryptographically ensuring that votes are included in the final tally, it's going to start looking a lot like a blockchain.

Let me reiterate: I am a blockchain skeptic. I think that, for the most part, it's a solution looking for a problem, and there's enough trust in most interactions that it's not worth the trouble. I just think voting is one of the rare instances where it does make sense.

MaxBarraclough8y ago

> If I understand your scheme, tampering is still possible, we can just detect that it happened

True, the voter can prove that tampering happened, as the signature receipt they are given is specific to their voting choice (as well as to their secret hash).

How would a blockchain fare against a 51% attack? What secret/proof does the voter have that an imposter doesn't have? Is each person issued a 'votecoin'? How could we maintain voter anonymity?

1 more reply

j / k navigate · click thread line to collapse