This is a tricky UX issue at the moment, but I'm sure this will be doable in time.
The nice thing about blockchains is that once transactions are finalized, the state is known, independently of whether or not the user was hacked. With zero-knowledge proofs, voters could theoretically verify that their "right to vote token" (as I've explained in another answer above) was used to cast a certain vote, without revealing their identity.
Now, if the software they're using is malicious, or their device is vulnerable, the election is screwed.
It's worth noting that Estonia manages digital elections quite nicely with their digital ID cards, which use an underlying blockchain-type system to ensure system integrity
> their digital ID cards, which use an underlying blockchain-type system
The arguments outlined above are really hard to follow, and doesn't really help the blockchain voting case.
Unless something exceptional happened recently, Estonian eID cards are just bog standard ISO 7810/7816 cards.
No blockchain or blockchain-like system involved. Just regular X.509 style PKI. They were even affected by the insecure proprietary RSAlib code a few years ago, like so many others, and all cards had to be replaced.
You're correct, I misphrased that somewhat. The government uses a blockchain (the Keyless-Serveless Infrastructure or KSI blockchain) to ensure data integrity in their government systems. As I understand, this is also used for their digital voting system.
> The Estonian Government started testing blockchain technology in 2008, as a response to 2007 cyber attacks and with an aim to mitigate possible insider threats. Estonia was the first nation state in the world to deploy blockchain technology in production systems - in 2012 with the Succession Registry kept by the Ministry of Justice.
> Which Estonian state agencies are utilising blockchain technology today?
> → Ministry of Economic Affairs and Communications
It's not a UX issue, it's a logic issue. Voting has to count each vote exactly once, must be easily (!) verifiable at every step, and must be anonymous. Every blockchain systems violates at least one of those constrains, mostly the verifiable part.
Estonia is more or less unimportant on the global scale. There is very little incentive to manipulate an election from the outside.
Estonia is probably the most vulnerable country to election tampering in Europe aside from Belarus. Their entire internet and e-voting infrastructure was built up after the largest cyber-attack on a foreign nation, which came from Russia after Estonia removed a Soviet-era war memorial.
This attack also led to the NATO Cybersecurity Center of Excellence being based in Tallinn, and Estonian firms becoming leaders in cybersecurity consulting worldwide. The Estonian example is a splendid example of decentralization and self-sovereign identity done right. All medical records, civil data, banking information, is stored in a decentralized mesh called X-Road.
Finland and other Nordic countries are now adopting X-Road after Estonia's success with it.
If you wish to speak more about this, I'd be glad to, but you're wrong on all fronts. I don't want to regurgitate my blockchain arguments, but if you Ctrl-F this thread for "Right to Vote", you will find my contention about how verifiable, anonymous, and single-vote elections can be held on-chain.
But don't get me wrong, I'm not a proponent of it. I still thing in-person paper-ballot voting is the most reasonable way to vote.
The nice thing about blockchains is that once transactions are finalized, the state is known, independently of whether or not the user was hacked. With zero-knowledge proofs, voters could theoretically verify that their "right to vote token" (as I've explained in another answer above) was used to cast a certain vote, without revealing their identity.
Now, if the software they're using is malicious, or their device is vulnerable, the election is screwed.
It's worth noting that Estonia manages digital elections quite nicely with their digital ID cards, which use an underlying blockchain-type system to ensure system integrity