Waves Enterprise, the business-focused spin-off of the Waves project, has announced the public release of its blockchain voting system aimed primarily at corporations and board governance.
The Waves system uses the blockchain at every stage of the voting process, as votes are recorded and then counted with full cryptographic guarantees. Homomorphic cryptography is used to accurately count votes without having to reveal the identity of the person who cast each ballot.
Although the system is primarily aimed at low-stakes environments such as corporate boards, the technology was recently tested in Russia during local and parliamentary elections.
The team says experience has shown that the platform is ready for distribution, but the public product is somewhat different from that used in Russia, chief product officer Artem Kalikhov told Cointelegraph:
“Those elections used a voting system developed in collaboration with Rostelekom […], which is based on a similar cryptographic protocol but has several important distinctions. For example, it uses Russian cryptography, has different identification and anonymization mechanisms, [and] the voting process has changed. “
Although Kalikhov said Brazilian authorities are also exploring a potential implementation of blockchain voting, the current product is meant for corporate settings and council voting, a market estimated by Waves to be worth $ 100 million globally.
Having several target customers helped make the platform more accessible to the public. During the Russian elections, the platform was criticized by some for the inability for external parties to connect and verify blockchain nodes. Kalikhov said the commercial version runs on Waves Enterprise Mainnet, an authorized but public blockchain.
The platform uses a variety of techniques to prevent fraud in the voting and vote counting processes. Kalikhov said the use of the blockchain and cryptographic signature of transactions ensures that the vote will not be changed or canceled after being saved in the ledger. He went on to explain:
“The use of homomorphic encryption makes it possible to automatically collect the results of the elections without decrypting every single card, guaranteeing the confidentiality of the vote. The use of a distributed key generation protocol and several independent cryptographic servers excludes the possibility of a single actor with a “master key” and ensures that no one will be able to decrypt the results or examine individual ballots before the voting ends “.
Overall, the combination of cryptographic techniques, blockchain and a system of checks and balances aims to minimize the possibility of fraud during the electoral process. However, the use of the blockchain does not rule out bugs or potential backdoors, as some other platforms have shown.
Assuming the electoral system is robust, the platform is still only as strong as the voter registration process. Electoral fraud often revolves around the creation of fake or manipulated ballot papers, such as casting ballots in the name of dead people, criminals or unsuitable voters pay or harass people to vote for a particular candidate; or leaving loopholes that allow the same person to cast more votes.
Kalikhov said voters are registered through a system of public and private keys. Smart contracts keep a record of all valid voters via their public keys, while each private key remains on their personal devices. To guard against insincere voting, the system allows voters to change their preference at any time before the elections are over.
But the system “cannot, of course, protect users’ personal devices from hacks, loss or user-initiated key transfers,” Kalikhov noted. Although the voting software is built to ensure the security of private keys, users must still “follow the rules of cyber hygiene, using anti-virus software and installing the latest operating system updates.”
In the future, the team is planning to implement technologies that can certify the identity of each user, Kalikhov added. However, in business settings the current solution may be sufficient: fraud involving extra voting is likely easier to notice in non-governmental elections.