Feb 4, 17 / Pis 07, 01 14:00 UTC

Online and safe voting system  

[Personal] Asgardians are located everywhere in the world. We all know that.

We also know that The Head of Nation, Igor Ashurbeyli will be head of Nation until "Asgardia adopts a Constitution and elects its authorities".

But how are we going to vote in order to elect our authorities?

USA have an online voting system for its presidential elections. We've all seen its flows (AKA "Russian" hacking). And at the same time, can we really think about doing it with paper? We're all around the world, that would be a tremendous task. And cheating would be really hard to counter (if possible).

So, what choices are we left with? We can't do it using paper votes. And online votes are not secure enough using the traditional ways.

I, personally, have been looking around and wondering how one could achieve such thing as a online and safe voting system. There have been new proposals and drafts using the blockchain, during the past year. That's the technology used for crypto-money such as BitCoins. It basically tracks every changes and allow everyone to verify the votes has not been tampered with.

I believe having a reliable software to handle public votes is extremely important for the future of Asgardia. I hope it is something discussed already amongst Officials because it definitely is something difficult to achieve nowadays and needs qualified people working on it. Also, it is a big project, no one alone can handle such task.

For all those reasons, and even more, I started working on a draft about the functional specifications of such project and I'd like this to be discussed by the community.

For instance, I believe we should be able to do traditional votes (list of people to vote for, each person will vote for one person and one only), but also more advanced-cases where we can vote for multiple people at once, upvoting or downvoting them. I believe the later is much better because it involves people more and give an actual choice. Today with our elections we feel required to vote for someone in order to vote against someone else. I believe we should be able to vote for the people we believe in and downvote those we don't. But, it is my personal opinion on the matter.

I published the draft itself on GitHub so everyone can read it, open issues, and propose changes through Pull Requests.

https://github.com/Vadorequest/online-safe-voting-system

Let us know what you think about all that.

Thank you.

  Last edited by:  Ambroise Dhenain (Translator, Asgardian)  on Feb 4, 17 / Pis 07, 01 20:18 UTC, Total number of edits: 4 times
Reason: This is not an official post, adding [Personal] tag

Feb 4, 17 / Pis 07, 01 15:24 UTC

how about email voting system, where everyone gets an email with a random word for example and you need to send a new email back to a chosen email address, with that word and your vote

Feb 4, 17 / Pis 07, 01 15:30 UTC

Some voting with a blockchain technique?

Feb 4, 17 / Pis 07, 01 16:46 UTC

I only know our founders and our admins and nobody else. So I must trust in those people and elect them.I'm sure, many Asgardians share the same opinion . We must organize the election as easily as possible, so all Asgardians will be able to understand.

Feb 4, 17 / Pis 07, 01 17:11 UTC

Email, due largely to it's plaintext nature of transmission, would be a most unwise technology to deploy - unless this was wrapped in some sort of encrpytion layer, like PGP/GPG, which for some reason most users seem to struggle with as evidenced by it's lack of use a few decades later.

Blockchain is perfect for wasting loads of cycles on other people's hardware whilst ensuring that any random third party is able to reverse engineer the ledger and see who voted for what, when, giving rise to being able to confirm if the votes you've bought have taken place and the voters should recieve payment. It'd also be trivial to deploy a larger number of nodes - especially to the well funded - in order to poision or adjust the blockchain and influence outcome.

Ultimately, with an online solution - and we really don't have any other sensible options - it's only possible to be rendered as secure as the least secure node on the network. Which is most of the users. There's solutions to this, but experience mandates most users are not going to like it, as most have gone out of their way to make their systems insecure with no regard to the consequences being prevented from doing so will cause them conflict.

This has all largely been covered - and potential solutions provided - about a month or so ago in https://asgardia.space/en/forum/forum/technology-104/topic/how-to-secure-on-line-voting-719/. It's not really possible to progress further than the scope already covered in that thread without first; Securing the current systems in deployment » Making more details about current systems deployed available » Actually deciding on a governmental model to impliment.

Ideally - especially if we progress into a sensible system, like Direct Democracy - the voting system should be facilitated by and intergrated with the other Asagardian services. At least from the user's point of view. It'd make sense to establish some sort of system precursor to the actual in order to decide what model of voting system would be the most sensible to begin construction of.

Feb 4, 17 / Pis 07, 01 18:05 UTC

Email, due largely to it's plaintext nature of transmission, would be a most unwise technology to deploy - unless this was wrapped in some sort of encrpytion layer, like PGP/GPG, which for some reason most users seem to struggle with as evidenced by it's lack of use a few decades later.

True. Emails is one of the worst solutions.

Blockchain is perfect for wasting loads of cycles on other people's hardware whilst ensuring that any random third party is able to reverse engineer the ledger and see who voted for what, when, giving rise to being able to confirm if the votes you've bought have taken place and the voters should recieve payment. It'd also be trivial to deploy a larger number of nodes - especially to the well funded - in order to poision or adjust the blockchain and influence outcome.

True, and wrong.

I don't know about the wasting cycle thing, don't really care right now.

If you had read the draft you'd have seen I proposed two different things in order to keep the vote's privacy. One is to use a queue, so we don't know for sure when the vote takes place. The other is to use a couple of public/private id to ensure identity is not leaked.

Also, the https://followmyvote.com/ explains in details how user privacy will be protected. Read more at https://followmyvote.com/cryptographically-secure-voting/. I haven't read everything myself but it seems there are solutions.

About blockchain poisoning, I read an article about being two ways of configuring the blockchain, a few months ago. The first one (common one) was weak against poisoning while the second could handle it. (with other downside if I recall correctly, I can't find the article anymore...)

You're making real strong assumptions about why this idea is impossible/bad but you didn't take the time to properly study it first, IMHO.

[...]This has all largely been covered - and potential solutions provided - about a month or so ago in https://asgardia.space/en/forum/forum/technology-104/topic/how-to-secure-on-line-voting-719/. [...]

Thanks for the link, digging into it.

  Last edited by:  Ambroise Dhenain (Translator, Asgardian)  on Feb 4, 17 / Pis 07, 01 18:06 UTC, Total number of edits: 1 time

Feb 4, 17 / Pis 07, 01 20:15 UTC

No, it just true.

It's defintitely just a waste of cycles, as there's no tangible benefit from the output. You not caring about this, or any other problem you'd be likely to introduce in the effort is more than obvious. You can do far more with far less. To be able to utilise the public/private ID then it's checkable. As it's written into the blockchain, which is publicly hosted, it's leaked to everyone and anyone that wants to pick back the blockchain. It's easier to just not make the correlation than to try and make it harder to spot. Only one of those is assured to work. Blockchain poisioning, AFAIK, is always possible if you hold the larger number of nodes. Which is trivial, least of all to the well funded.

Compare this to a secure system. A secure system would only have one copy, and it'd not be accessible externally. It'd only possibly be interfaced with the software that was designed to interface with it, and it would only be delivered to the end user for execution when they need to access it.

I'm not making strong assumptions, I'm stating facts. The facts I've learned by not taking the time to study this first.

Feb 5, 17 / Pis 08, 01 11:32 UTC

I've been informed there isn't a voting system that is absolutely safe from hackers. I believe we'll need a quantum verification system before voters can be certain the election has been fair and without interference.

Feb 5, 17 / Pis 08, 01 14:43 UTC

It'd be more sensible with PCKS-11 or X.509. Users should be able to play with X.509 right now. Anyone can type in a number, and they are a little predictable.

Nothing digital is "absolutely safe" - especially if I have physical access. It's just time. However, it's possible to layer up sufficiently to give a measure of safety that is abnormally difficult, almost impossible, to bypass. Remotely.

How would this "quantum verification system" actually work? How do you propose to get "quantum hardware" into the hands of every citizen in order that this system could actually be usable?

  Updated  on Feb 5, 17 / Pis 08, 01 14:45 UTC, Total number of edits: 2 times
Reason: Additional data, typo

Nov 30, 17 / Sag 26, 01 15:47 UTC

I guess that online voting is the only sure way for the development of a civilized society. We’re not afraid to book tickets or shop, transfer money and pay taxes online— all these things are so organically inscribed in our life. So, why don’t  we vote online? Actually, we already have. Last week, the European Parliament tested the Polys voting solution based on blockchain technology. So, soon everyone might be able to vote online – in fact, you can already do so at polys.me

Dec 8, 17 / Cap 06, 01 22:26 UTC

In my candidacy platform I list:

* blockchain (and Follow Your Vote)
* Ranked Choice Voting
* proportional representation

Preferably, in the long run and with a needed comprehensive website overhaul and long-term plan we can integrate this into the citizen's account as well as accessing other governmental services, etc.

I have also listed quite a few things concerning elections in my consitutional rewrite.

  Last edited by:  James O'Neill (Asgardian)  on Dec 9, 17 / Cap 07, 01 04:33 UTC, Total number of edits: 2 times
Reason: removed campaign link as there are already areas allocated for campaigning. removed by Denise Blair, 09/12/2017

Dec 9, 17 / Cap 07, 01 04:32 UTC

Crap. I am sorry.
I will try to remember. =(

Dec 12, 17 / Cap 10, 01 06:42 UTC

Hi

I have read Vadorequest's  proposal and immediately was struck with the ease of generating multiple private IDs to vote with as the private ID is kept at the source and only at the source.  

At that point i stopped reading any further as it seems a complete misunderstanding of how the Public/Private key system works.

Blockchain technology is a very resource intensive and "must be linked" technology that might be vulnerable in the future if the ledger processors are few in number.

I personally don't have an answer at this point in time, other than that any solution will have to be a mix of manual checks and automatic responses that have to be used with a certain level of trust in the people overseeing the process.

Kind Regards

Ben Dell