The Application and Shortcomings of Blockchain Voting System

Updated on :June 18, 2024
By :Kevin Brookshire

Voting is the bedrock of democracy, and it’s crucial to maintain its integrity. Otherwise, we might see a repeat of January 6, where a group of people with distrust in existing systems may take violent means to secure the electoral integrity they imagined being robbed of.   

Today, more than ever, the hoi polloi expects that the voting results are accurate and the entire process transparent and secure so that everyone is convinced about the genuineness of the elections.   

And chances of anyone interfering with or preventing someone else’s vote from being counted shouldn’t arise at all. 

But we don’t live in an ideal world, and we occasionally hear stories about how an entire election was marred with pre-poll rigging and intimidation. 

But with the advent of blockchain technology, many have begun to see it as a technology that guarantees the integrity of the voting process. And they do have a point as this technology does provide many benefits that the current voting system needs.  

For instance, everything that runs on a blockchain runs as per predetermined code that no one can tamper with or prevent from being executed. It is also not possible to censor or block any user's input from getting processed on a blockchain.

Given these advantages, the idea of using blockchain for elections has gained serious attention in the past year. In fact, countries like Estonia have even successfully implemented blockchain voting systems.

So what's the catch? 

Well, despite their advantages, blockchains do have their flaws that may raise potential challenges when trying to implement large-scale blockchain voting. In this post, I aim to discuss these challenges in detail as well as explore popular alternative blockchain voting systems. But first, let's dive into Estonia’s case to understand how blockchain voting can be implemented in a real-world scenario. 

Estonia’s Success With  Blockchain Voting

Estonia embraced blockchain technology in its attempt to free its technology and telecommunication hardware from Russian spies.

It’s said that the country’s digital revolution began when the Estonians decided to get rid of the bronze statue at the Soviet war memorial in the bustling capital city of Tallinn due to their ongoing tension with Russia at that time. The Russians didn’t like what happened and launched a massive cyber attack that disrupted the websites of national organizations ranging from political parties to banks and newspapers. 

The Estonians were in a state of shock and helplessness as their entire nation was taken off the grid. But they vowed never to again be the victims of such a digital assault. 

The country decided to get rid of every piece of technology and telecommunication hardware that was vulnerable to Russian spies. In 2008, Estonia was internally testing “hash-linked time stamping,” and in 2012, the Estonian cryptographers created K.S.I, a scalable blockchain technology.  

The new technology was meant to ensure data integrity and protect against insider threats. Whether it is the hackers, system administrators, or even the government itself, no one can manipulate the data and get away with it. This is what made Estonia the first country to successfully implement blockchain on a national level. 

But then, one thing that separates Estonia from other countries which allowed the country to go full-throttle on blockchain voting was that it was already a pioneer in electronic voting technology, where 99% of services are online, and 100% of government data is stored on a blockchain ledger system. Whether it is E-Estonia healthcare, property, business, court systems, and even official state announcements, everything is digital.   

Although, just because it worked for Estonia doesn’t mean that it is completely foolproof. While Estonia stands as a rare success story that the world can learn from, below, I share a few more stories that demonstrate the risks involved in blockchain voting. 

The Vulnerabilities of Blockchain Voting System  

Turns out, there are a good number of interesting stories doing rounds on the internet that speak staunchly against the coming together of blockchain technology and the electoral process.   

Here are a few excerpts to give you a gist:

However, in this threat-filled environment, online voting endangers the very democracy the U.S. military is charged with protecting.

Source: Computerworld

This situation will not fly for government elections, where state and local authorities manage lists of eligible voters. Neither would most governments tolerate the possibility of a voter being disenfranchised if their digital voting key is swallowed by a damaged hard drive or stolen by a thief to cast a fraudulent vote.

Source: Scientificamerican

No, blockchain isn't the answer to our voting system woes.

Source: Cnet

Blockchain-based elections would be a disaster for democracy.

Source: Arstechnica

What good is it to vote conveniently on your phone if you obtain little or no assurance that your vote will be counted correctly, or at all?

Source: MIT

It can make ballot secrecy difficult or impossible.

Source: Schneier

One big reason behind the relentless criticism Blockchain voting faces could be the fact that even Blockchain-based electronic voting systems can be hacked. 

Here are two interesting stories that explore the vulnerabilities of Blockchain further. 

How Moscow's Ethereum-based Voting System was Cracked Open by a French Security Researcher in 20 Minutes 

In 2020, Russian officials announced that the Moscow City Duma would use a blockchain voting system for its election. They wanted to have a fair and transparent election, which was most likely conducted to improve the government’s image in the eyes of the Russian people and the world at large, as Russia has often been accused of not having free and fair elections ever since Vladimir Putin became the President. 

A few weeks before the election, the officials decided to test the system and offered a reward on GitHub. Anyone who was able to successfully crack the new voting system would be awarded the prize of $15,000. 

Pierrick Gaudry, a French researcher from Lorraine University, was able to break the Ethereum-based smart contract encryption in just 20 minutes. That too from a basic computer and software. He didn't rely on any sophisticated techniques or modern equipment, which, if he had, might have taken him only 10 minutes to hack the system then.

How West Virginia, the first US state to Use a Blockchain-based Mobile Voting System, came under Fire from Technology Experts 

Similarly, in 2018, West Virginia became the first US state to allow overseas voters to cast absentee ballots for midterm elections via a blockchain-enabled mobile application. Voatz, the company that West Virginia worked with, claimed that 144 individuals from 31 countries successfully submitted ballots via their app for the November election. They even deployed their app in Denver, Oregon, and Utah elections.  

So, how was the reception? Well, many technology experts expressed their concerns over this application.     

They felt that there was an enormous potential for glitches and security risks on people's mobile devices, the networks that hosted them, and the servers that held their information. Many experts described West Virginia's experiment as follows:

"Horrible"

"Horrific"

"Completely nuts

"High-flying blockchain promises."

"The Theranos of voting"

"Just No"

And researchers from MIT attested to them right when they identified many security vulnerabilities in the voting application. They reverse-engineered the app and created a model of Voatz's server. 

The researchers then found that an adversary with remote access to the device can alter or discover a user's vote and can change those votes if the server is hacked. Also, it seems that the app's protocol does not attempt to verify genuine votes with the back-end blockchain. 

Further investigation revealed that a passive network adversary like an internet service provider or some stranger nearby if you are on public wifi could detect which way you voted through some configuration. A more aggressive attacker could even detect in which way you are going to vote and then stop the connection based on that alone. 

Voatz's application also poses privacy issues for users. They use external vendors for voter ID verification. So anyone can potentially access a voter's photo, driver's license data, or other forms of identification if that vendor's platform is not secure. Their privacy policy is also vague and does not explicitly mention what kind of data they are sending to external vendors.  

Voatzpaper

  (Source

The problem with Voatz's app was that its infrastructure was completely closed-source. Also, the people that built the application didn’t have the expertise to keep the voting process secure.

In general, the blockchain voting system as implemented by Votaz lacked transparency. For the sake of maintaining the integrity of elections, there is a need for more openness because if a part of the election is opaque, not viewable, not public, or has proprietary components, then that system is inherently suspicious and needs to be scrutinized.  

All of this harms the credibility of the blockchain voting system, making it difficult for it to get normalized. 

The above-mentioned cases are instances of poor blockchain implementation that perhaps could have been avoided had the developers taken the necessary precautions. 

Unfortunately, however, this may just be the beginning of potential challenges that can spell the doom for blockchain voting. In particular, two major concerns surface when implementing wide-scale blockchain voting: lack of privacy and coercion resistance.

Let's take a moment to understand these better and how if at all, these concerns can be addressed. 

Major Stumbling Blocks within Blockchain Voting System  

In the recipe for the perfect electoral voting system, there are four essential ingredients:

  • Censorship resistance
  • Immutable execution
  • Privacy protection
  • Coercion resistance

Censorship resistance refers to the system’s ability to ensure that everyone who is eligible to vote is able to vote, and immutable execution ensures that every vote gets counted correctly. Both of these attributes are well preserved and fully supported in typical blockchain-based electoral voting systems. 

Privacy refers to ensuring that the status and choice of one’s vote remain hidden, and coercion resistance is the ability to defend against external forces trying to dictate a voter's choice. Blockchain voting, at least in its current implementation, has been heavily scrutinized to be lacking these two attributes. Let's take a deeper look at these to understand how. 

Lack of Privacy And Coercion Resistance 

Privacy protection can be a concern for blockchain voting because the digital infrastructure deployed to facilitate blockchain-based electoral voting can always get hacked. However, coercion resistance is the greater of the two concerns. 

We need coercion resistance to prevent vote-selling. If you can show how you voted, then selling your vote becomes easy. The coercer may also demand that you show some proof of whether you voted for their preferred candidate or not. So, the provability of votes would enable forms of coercion in return. 

If anyone can find out who you voted for, they can easily influence your vote. Therefore, when implementing blockchain voting, we need to ensure that votes remain completely anonymous and protected, with no way for any third party to influence any voter. 

So how can Blockchain maintain privacy protection and coercion resistance? 

The Ethereum ecosystem has been experimenting with a system called MACI to implement a robust coercion resistance voting system. Let’s take a look into it.

How Ethereum Ecosystem is Trying to Address one of the Blockchain’s Stumbling Blocks

This system combines together a blockchain, ZK-SNARKS, and a single central actor that guarantees coercion resistance. It has no power to influence any properties except coercion resistance. MACI is user-friendly as it allows users to participate by signing a message with their private key, encrypting the signed message to a public key provided by a central server, and publishing the encrypted, signed message to the blockchain. 

The server then downloads the message from the blockchain, decrypts and processes them, and displays the results along with ZK-SNARK to ensure that the computation was correctly performed. 

MACI

   (Source

Users cannot prove how they participated, as they can send a "key change" message to trick anyone trying to coerce them. It will change their key from A to B and then send a "fake message" signed with A. The server then would reject the message, which no one will be able to find out. 

There is a trust requirement on the server, although it applies only to privacy and coercion resistance protocols. The server cannot publish an incorrect result either by censoring messages or computing incorrectly, and in the future, the multi-party computation can be used for decentralizing the server, which will further improve the privacy and coercion resistance guarantees.

Whether systems like MACI will completely address the problem of privacy and coercion resistance still remains undetermined. In the meantime, it might be worth exploring alternative electoral voting systems to see if they are any better than Blockchain. 

An Electoral Voting Alternative to Blockchain Voting

It wasn’t the blockchain nerds that came up with the idea of electoral voting. This concept of electronic voting existed outside the blockchain space, and for the past 20 years, cryptographers have been trying to solve different problems associated with it. Some of which I have already mentioned above.  


Coercion resistant

        (Source

Many solutions have popped up so far, but a paper titled coercion resistant electronic elections has been cited the most in this regard. The idea highlighted in this paper has gone through many iterations, and the protocol mentioned there uses a similar set of core techniques. 

Here is what the paper states: 

There is an agreed-upon set of people who will do the counting, and it is assumed that the majority of them are honest. 

A private key is divided into multiple parts, and each part is given to a different tallier. A corresponding public key is published, which allows voters to publish their votes in an encrypted manner to the tallier. 

The talliers use their shares of the private key that comes with an MPC protocol to decrypt and verify the votes and calculate the results. The MPC protocol is a secure multi-party computation. 

The calculation is done inside the MPC, and the talliers compute the final result without learning anything about the private key or the individual votes. 

Encrypting votes provides privacy, and additional infrastructure like mix-nets make it more strong. For coercion resistance, two techniques are employed. 

In the first one: 

Voter generates or receives a secret key during the registration phase (In this phase, talliers get access to the public key of the registered voter). The public key is secretly shared among the talliers, and their MPC only counts a vote that is signed with the secret key.    

No third party can gain access to the secret key that was assigned to the voter. So, even if a voter is bribed or coerced, they can simply cast a vote with the wrong secret key. 

The wrong secret key will ensure that the vote does not get counted during the tally. Its purpose is to prevent bribery or coercion. 

Voters can even change their secret keys. 

The second technique is that voters can cast multiple votes where the second vote overrides the first. So, again in a situation where they are threatened or bribed to vote for a preferred candidate, they can always fool the perpetrator by overriding their vote. 

experiment exp

       (Source

So, what’s the problem? 

The protocols mentioned above ely on an outside system to fulfill their security guarantees, which in this case is the bulletin board.

The bulletin board is a place where any voter can send a message, with a guarantee that: 

  • Everybody can read the bulletin board. 
  • Everyone can send a message to the bulletin board if it gets accepted. 

Most of the coercion-resistant voting papers mention the existence of a bulletin board. But very few talk about how this can actually be implemented. 

Here is the solution:

The most secure way to implement a bulletin board is just to use an existing blockchain.  

How Can We Implement Blockchain Bulletin Board For Secure Electronic Voting 

There have been many attempts to build a bulletin board before the arrival of blockchain. This paper from 2008 was one such attempt, and its trust model is a standard requirement that “K” of “N” servers must be honest (K = N;/2 is common)  

Similarly, this literature review from 2021 highlights some of the pre-blockchain attempts at implementing bulletin boards as well as exploring the use of blockchains for this role. The-pre blockchain solutions featured here also rely on the k-of-n trust model. 

Even blockchain runs on the k-of-n trust model. It requires at least half of the miners or proof of stake validators to be following the protocol, and failing on that results in a 51% attack. (A 51% attack, also called a majority attack, occurs when a group of miners or an entity controls more than 50% of the blockchain’s hashing power and then gains control over it.)  

So, does this make blockchain a better system than a special-purpose bulletin board? Yes, because implementing a k-of-n trust model that can actually be trusted is hard to implement, and blockchains are the only system that has successfully implemented it. 

Suppose a government introduces a voting system and comes up with a list of 15 local organizations and universities that would be running a special-purpose bulletin board. Will you be able to trust the credibility of these 15 organizations handpicked by the government from a list of 1000? What stops these chosen organizations from colluding with the government? It will be hard for voters to trust the credibility of this voting system. 

On the other hand, public blockchains have permissionless economic consensus mechanisms (proof of stake or work) where anyone can participate, and they have an infrastructure of block explorers, exchanges, and other watching nodes to continuously verify in real time that nothing suspicious is going on.   

A fool-proof voting system won’t just rely on using blockchains only. They will also use cryptography, such as zero-knowledge proofs, to guarantee the correctness and secure multi-party computation to ensure coercion resistance. 

So, blockchain bulletin boards will play an essential role in the security model of the electronic voting system because, without them, there will be no way to maintain coercion resistance even if other safety protocols around the voting process still remain. 

With that, we might have come full circle with blockchain voting, where blockchain might be necessary in an alternate system to address the very issue that threatened its use in the first place. 

Hardware Security Concerns with Implementing Blockchain Voting Systems

While blockchain-based electoral voting may be promising, it is still under development. On the other hand, there might be hardware and device-based security concerns that could hinder blockchain-based electoral voting’s wide-scale adoption. 

 A paper from MIT declared that any form of paperless voting is fundamentally risky to implement. 

four categories

       (Source

The real concerns of the authors are how to ensure that people’s devices are properly secured. They are not concerned with the voting system’s hardware being secure, as risks on that side can actually be mitigated with zero-knowledge proofs. 

Consumer devices getting hacked is nothing new. For example, in June 2011, the Bitcointalk member “allinvain” lost 25,000 BTC (worth $500,000 at the time) after an intruder gained direct access to his computer. The attacker was able to access allinvain’s wallet.dat file and quickly emptied the entire wallet. They were able to do it either by sending a transaction from allinvain’s computer itself or by uploading the wallet.dat file and emptying it on his own machine. 

But, despite these disasters, computer security has actually been improving slowly and steadily. It’s difficult to attack a system as the attacker will have to find bugs in multiple sub-systems instead of finding a single hole in a large complex piece of code. 

Trusted hardware has played a big role in all of this. Some of the new blockchain smartphones put a security-focused operating system on the trusted hardware chip, thus allowing high-security-demanding applications to stay separate from the other applications.

Single applications like cryptocurrency wallets and voting systems are much simpler and have less room for error compared to an entire consumer operating system. The benefit of tools like trusted hardware is their ability to isolate the simple thing from the complex and possibly broken thing, and these tools are having some success. The risk will decrease over time.  

Note: Trusted hardware should not completely replace the security protection. It should only augment it further. 

How ‘Risky Crypto’ can actually lead to ‘Secure Elections'

Cryptocurrencies, and blockchains by extension, have gained somewhat of a negative connotation in the minds of the average joe. Convincing the populace to adopt blockchain for elections can, therefore, be a challenge in itself. 

However, I would like to argue that the crypto space can actually be of great help when trying to research and implement blockchain elections. The world of cryptocurrencies and NFTs is highly competitive and full to the brim, with hackers, scammers, and fraudsters snooping around for any opportunity to exploit the systems to make an extra buck. 

That means any and every crypto system, once launched to the public, will certainly be stress tested for security and stability, having to survive constant attacks by these bad players. Theoretically speaking, we can test out electoral systems in the crypto space first, where bad players are equally motivated to break the systems but the stakes are much lower. If a system can survive in crypto space, it can certainly survive in the ‘real world’. 

Ultimately, blockchain will make voting more efficient, allowing people to participate more often. 

Parting Thoughts   

In essence, we discussed Blockchina’s applicability within the electoral system. Here is a quick recap:

  • Blockchain based voting has been implemented within a few small countries and some american state elections. The reception of which has been mixed. 
  • The voting process has four essential security requirements that it needs to fulfill to make voting more secure: Censorship resistance, correctness, coercion resistance and privacy.
  • Blockchains are an excellent system when it comes to censorship resistance and correctness but their current implementations may lack privacy and coercion resistance. 
  • Encryption of votes can add privacy on a blockchain and Zero knowledge proofs can ensure correctness in results despite observers being unable to add up votes directly due to encryption. 
  • Multi-party computation may provide coercion resistance, if combined with a process where users can interact with the system multiple times in which the first interaction invalidates the second, or vice versa. 
  • In simple words, blockchain voting still faces some major technical challenges but theoretical solutions for these certainly exist and new research continues to shed light on better ways of implementing blockchain. 
  • With blockchain based electoral voting, there is also the issue of securing hardware and building a system robust enough to defend against attackers. Borrowing a trick or two from the crypto space can come in hand here. 

For now, any form of blockchain voting should strictly remain confined to small experiments only. The current technology is not secure enough to rely solely on computers for everything. But the security aspect will keep on improving and in future there will be a big incentive to use electronic voting systems for elections.  

Kevin Brookshire
Kevin Brookshire

Kevin Brookshire is a content writer with GoodFirms. He has 2+ years of experience in content writing and marketing. Kevin loves to write about cutting-edge technologies and emerging trends in the IT industry

Read Similar Blogs

Global Ledger Leaders: A Look at the 10 Top Blockchain Countries (Part -2)

Global Ledger Leaders: A Look at the 10 Top Blockchain Countries (Part -2)

Let's continue our journey of exploring the use of blockchain technology in various countries across the globe, which we started in Part 1 of this blog seri ... Read more

8 Skills to Look for When Hiring Blockchain Developers

8 Skills to Look for When Hiring Blockchain Developers

Are you looking for a top blockchain developer but unsure how to choose one or what to look for? This post highlights a list of top blockchain developer skills ... Read more

Global Ledger Leaders: A Look at the 10 Top Blockchain Countries (Part -1)

Global Ledger Leaders: A Look at the 10 Top Blockchain Countries (Part -1)

The business world is Blockchainizing.  Industries' large-scale adoption of Blockchain can be attributed to several countries advocating its large-s ... Read more