Elon Musk calls for an end to electronic voting.
(twitter.com)
You're viewing a single comment thread. View all comments, or full comment thread.
Comments (37)
sorted by:
Wait, I think the fog is clearing. I was thinking about storing each separate ballot, however many sheets of paper that is, as a blockchain record but I think you are talking about storing the entire election as a series of blockchain records.
Am I catching up now?
Would you split it by state or just have one federal blockchain database?
If so, I am going to need another think. I apologise for being so slow.
Think of a blockchainas a PO box system, or a storage facility. Everyone has the key to their own box, or storage, so only they check and see what's inside. You can put a coin in there, or a ballot, doesn't matter.
The whole system can check and tally all of the ballots from all of those PO boxes / storage units, but cannot modify them. Imagine a glass window into the PO box, by the computer forgets what that box had in it after it tallies what it saw.
And the system shows how it tallies up said votes, it's completely transparent in the way that math is done. This is why there's the "crypto" part of "cryptocurrency," it's specifically referencing the cryptography involved in those calculations. If anything interfered with the count, it'd be immediately visible to everyone since the "hash" or "count" would be corrupted. Everyone would instantly see it's corrupted. Like seeing that a master key was used on a unit, but it pings the owner immediately.
So, we have a voting system that the users themselves own and are in control of (these are called wallets in the crypto space), the PO boxes. We have a system which automatically tallies all votes made by those with x metadata (say only those boxes with an ID attached). We can then vote, and verify the count, while ensuring there is no tampering with the votes or the count system.
You could add metadata to each vote based on ID, so state votes and federal vtoes would be quantifiable depending on what you're asking for. "Who voted for who in... Arkansas?" and a display of the votes would come up. No fake votes could be applied because this system requires a valid ID to do so.
Sorry if this is complicated or difficult ot understand. The most basic way to learn about this would be to learn how Bitcoin or other Cryptos store their transactions, blocks, etc. Those are the "reciept lists." Dominion was a centralized service, so back end tomfoolery could happen, because no one could check their work. With decentralized ledgers, everyone can check the work.
Another example via analogy. Imagine a computer system, that when you asked "what did so and so vote for?" the system couldn't answer. But when asked "did so and so vote for x?" it wouldn't answer, it would simply tally the truth of the answer. This is kinda how cryptographic systems work.
Thank you for that. I think I am catching up slowly!
So, are you saying that each voter should use his or her own computer to cast votes? Wouldn't that mean that everyone's computer/phone/tablet would need to download the entire federal database of ballots?
I think there is still a voter ID issue. How would the system know that a voter was valid?
One scam with paper ballots was to collect unused ballots when the polls closed then take them round to someone's house where a group of people would be waiting to fill in thousands of blank ballots. Wouldn't using a machine just make that operation easier?
There is much talk of making errors visible in blockchain systems but what would you do if an error was found while people were still voting? You can't just stop accepting votes until you have things sorted out.
And what happens to the "Proof of Work" idea as used by BitCoin to ensure integrity of the hash codes? If you just take the first response then someone with a massive server farm will win every time and so be able to falsify records? Have I got that right? And what if, like BitCoin, the POW takes ten minutes to add a block? isn't that going to be disruptive?
Several countries have tried internet voting and abandonned it as being insecure.
Or would only the machines in the voting stations have access to the P2P network? I think that might be too easy to corrupt.
Would people actually check their own ballots in the database? If they didn't then they could still be erroneous.
Part of the problem with the US election system is that the results for a POTUS rely on about half a dozen swing states each one of which can be swayed by just one precinct in one county. If you can corrupt the right six machines you can control the outcome.
Sorry, that is a bit of a brain dump!
Think of it like a vending machine, you input your ID, the system recognizes it as legitimate, and that you are the only "you" in the mix here. Then you press a button indicating your vote. The vending machine sends the receipt of your vote to all other vending machines for them to save on their system as well, so no one could steal your ID and vote on your behalf elsewhere.
In order to change your vote, someone would have to go around to every single vending machine and hand modify that replicated "receipt" of your vote on every single machine. But this is impossible, because every few minutes all of the vending machines "stamp" the receipt list to prevent tampering.
"Proof of Work" is essentially one of these vending machines drawing straws to see which one gets to "stamp" the "receipt list," the machines have to prove they were randomly selected, and this is done by randomly guessing an answer to a cryptographic mathematical problem. There's no way to pre-determine the answer through logic, the machines just have to say "is it... the number 7?" and the cryptographic proof can only say yes or no. As soon as the correct number is "guessed" (this is what's called mining), that particular computer stamps the receipt list and shows it's proof to the other machines that the work was done "randomly" / "correctly," essentially showing there's no tampering. This whole process serves to keep the receipt list "scribe" decentralized, because in centralized systems, the scribe can be tricked or can be a bad actor.
That is because often the receipt list is held by a centralized entity in those cases. This causes a "honeypot" scenario, where even if the ones hosting the service are trying to be trustworthy, it's still a "honeypot" for hackers, they win if they can get into the "one vault" centralized receipt list. However, in a trust-LESS system like the vending machine example, there can be no tampering, therefore there is no trust involved in the equation.
It's like describing a bank robbery where all your money is kept in one vault, if they get in and out, all is lost. However, if you have your wealth distributed between many millions and millions of boxes, that are all constantly checking on each other's value, the heist on one is noticed and rectified immediately. Not even rectified really, it just can't happen since the other vaults would have to approve the change AND would require your personal ID-"NFT" to even make a change since your vote is cryptographically locked behind your identity.
There's no need to audit in the vending machine example, but at the same time, anyone could if they wanted to. The only way to see what vote my name is associated with, is to use the ID-"NFT" that only belongs to me. Could even make it biometric. But the system doesn't need to know my name to tally the votes, it just needs to know that my vote was given to the system correctly (which is where that tricky cryptography comes in)
But see, with blockchains, and like my vending machine example, you'd have to corrupt EVERY machine at the same time just to modify one person's vote. This is impossible since other machines would notice the tomfoolery and reject the vote / transaction. It wouldn't be saved to the receipt list.
I'm trying to use examples that somewhat coorellate to real world esque systems, so I apologize if it still seems abstract. If you want to do your own research, I'd suggest starting with a basic overview here, which focuses on Zero-Trust architectures that would be best for voting systems. It's a good simple read that will explain what I've gone through here in perhaps an even simpler way.
Again, these systems already exist and are in use, and I would think that the white hat tech guys would realize this would be one of the best options for operating an election. Since we're not seeing a push for that yet, I suspect some tomfoolery will be up on either side come election time. Perhaps to highlight the corruption of the system even moreso
I think I have the basics of how blockchain is supposed to work, thank you, but there are still issues in my mind.
If we start from the vending machine example. The machine would know the ID was unique but how would it know it was you? Anyone, even another machine could enter that ID. If it really does know it is you what happened to secret ballots. If your vote can be traced back to you then we have another type of problem.
If people vote from their own machines then that creates all kinds of issues with blackmail and coercion. There could be anonymity issues and the current issue of people being dead or in the wrong jurisdiction etc still exist.
Going round every vending machine is not necessarily an issue. It all depends on how long it takes to update them. Unless there is a Proof-of-Work type concept then all machines could be updated almost immediately.
Then we have Proof-of-Work issues. If it takes a long time to pack the transactions into a block then the whole election system across the country could be held up. The other issue is the random choosing of machines to perform the mining. Suppose a Google-sized server farm joined the P2P network. That would get most of the blocking jobs so would be a good place to plant any exploit. 51% Exploits are already a known issue.
Before individual transactions are added to a block aren't they vulnerable?
Thanks to your helpful persistence, I have found some articles on blockchains and I could now write a basic one although the networking aspect is still a mystery.
I believe that each county's ballot could be different so that means that nearly 3,000 different front ends will be required for the US.
Rather than pursuing the details, we can also start at the other end. For instance, has any blockchain system been hacked? Has BitCoin or Etherium ever lost any money?
People have an interest in keeping copies of the database if they have money in it so auditing can be performed but I don't think people will be quite as interested in clogging up their machines with an entire US election database so they will get deleted and that will leave the big players in control of the data.
Even if people did check their votes, would they spot the difference between a vote for Trump and a vote for Trսmp? (Clue: the "u" is not a "u" in the second one.)