Blockchain-Based Voting Considered Harmful?

Abstract

Blockchains (BC) and Distributed Ledgers (DL) offer favorable properties, especially immutability and decentralization, which are suitable for voting systems’ Bulletin Boards (BB). In recent years, an influx of BC-based voting systems have been observed. Distributing trust among multiple trustees is a crucial reason to adopt BCs and DLs in voting systems. The practical deployment must be decentralized, too, and not just done through virtualizing interconnected systems. As discussed widely, adopting a BC or DL can incur threats to a system that assumed a trusted and centralized Public Bulletin Board (PBB). Therefore, the exploitation of BCs or DLs requires careful consideration of cryptographic mechanisms and the overall system design, as well as the adversary model. Besides these operational necessities, the long-term privacy of ballots is essential. Thus, the key question investigated in this article is: Can BC, and DL-based voting systems be considered harmful? Hence, first (i) requirements of BC-based voting systems are provided, followed by (ii) terminology definitions, and (iii) complemented by the design and implementation of a fully decentralized voting system: Æternum, which achieves Unconditional Privacy (UP) and neither relies on computational hardness assumptions nor on a trusted Trusted Third Party (TTP). Achieving UP is crucial because future adversaries may be able to break hardness assumptions. Æternum does not present a Single-Point-of-Failure (SPoF) either, since (i) the PBB in use is based on a permissioned DL, and (ii) the final tally and proofs can be verified by anyone, without requiring trust in any authority.