The fields of application for secure electronic transactions is very large. An electronic transaction is nothing more than a digitally signed message .
Therefore , we can consider electronic voting via the Bitcoin blockchain .
Before the invention of Bitcoin , electronic voting solutions were not satisfactory because they were not easily auditable and not sufficiently transparent neither for candidates nor for voters . In addition, they require a costly, labor intensive set up.
With the Bitcoin Blockchain, any community can organize a free, secure electronic voting.
Initially, associations or listed corporations might consider using this technology for elections or general assemby voting of their members or shareholders.
Here's how it might unfold for an association :
1)
Know the list of candidates :
Each candidate (C) provides a public key
KeyC to the voter and publishes everywhere a Bitcoin address like 1Martin.. for candidate Martin.
For the secrecy of each ballot, each KeyC is different for each voter, so the candidate must generate N public keys KeyC for N voters.
Each candidate should be required by the organizers to publish the Merkle root of a hash tree comprising all of the public keys KeyC he supplied.
Each voter should be able to check her branch of the hash tree, linking her keyC to the root.
2)
Check the list of votersEach voter (B) also receives from the association ( A) a public key
KeyA which is listed on the site.
The voters list can be independently verified by all parties because everyone can check that she/he is on the list and make sure that the number of listed public keys is equal to the number of members in the association. The public key should be random and should not be on the Bitcoin elliptic curve bitcoin to prevent the organizers ( the association) from producing a valid signature. This precaution is also independently verifiable and reduces the need to trust the organizers .
3)
Prepare the ballotBefore election day, with the public keys , the voter creates a
2-of-3 multi-signature address and sends to it a 0.001 BTC micro-transaction (about the price of a postage stamp ) to prepare her/his ballot which is now logged in the blockchain .
The output (destination ) of her/his micro-transaction looks like this:
OP_HASH160 Hash OP_EQUAL
where
Hash is the hash calculated by the bitcoin wallet from the following (
SerializedScript) script:
OP_0 OP_2 KeyA KeyB KeyC OP_3 OP_CHECKMULTISIG
This transaction is compliant with BIP-16.
The voter enters the address on the website of the association without having to identify herself/himself : the website validates the address by checking it received a 0.001 BTC transaction .
The amount of the micro-transaction is meant to
mitigate the risk of a denial of service attack on election day: the ballots have a negligible cost to each voter but the cost is still prohibitive for spammers.
The amount of the micro-transactions can also be sent by candidates back to needy voters or be counted as contributions to the association.
4)
Put the ballot in the ballot boxOn election day , candidate Martin creates a signature
SignatureC that spends the output of the multi signature micro-transaction ( 0.001 BTC) to an
address V that he controls and publishes SignatureC and V next to the 2-of-3 multi-signature address on record on the association site. Since the V address is different for each multi-signature address , it is impossible to link a multi-signature address ( a voter ) to a candidate.
With SignatureC and V , the voter can now confirm her/his vote (put her/his ballot in the ballot box) by creating her/his signature
SignatureB of the same transaction and publishing on the Bitcoin network the valid transaction combining her/his signature with that of the candidate without revealing her/his identity (
secret ballot ) .
The transaction to address V includes the following input:
SignatureB SignatureC SerializedScript
At this stage, only the candidate and the voter know that V belongs to Martin so that the voting results are not yet known.
Candidates can not know to whom is intended the multi-signature address prepared by the voter so that each candidate must provide a different address for each voter.
If the address provided by Martin was the same for all voters , the voting results would be known before the processing stage with the risk of influencing the votes not yet cast.
Incidentally, this system uses an advantage of a digital signature compared to a manual signature: a digital signature identifies its author only with her consent , when she reveals her identity.
5)
Counting of election resultsAt the end of election day, candidate Martin simply transfers the bitcoins from the address V to the address 1Martin ..
Now everyone knows that the address V belongs to Martin and can count the votes for each candidate via the blockchain :
Each registered mutli-signature address (representing a voter) which can be connected to 1Martin .. with a transaction from a V address is a vote in favor of Martin .
The votes, while preserving the secrecy of the ballots, are perfectly verifiable by candidates and voters , independently of any organization, with open source software and with the Blockchain, a public, secure database.
Your comments are welcome.
Pierre Noizat
