Democracy is a fundamental piece of modern societies and it’s constantly evolving. What hasn’t evolved really much is the way in which the central act of democracy, voting, is performed: it’s still done using inefficient, expensive and non-environmentally friendly ballot boxes and papers.
The alternative is electronic voting, but that system doesn’t have widespread adoption nor acceptation. That is because two main reasons: the implemented solutions have poor UX, mainly due to unclear and clunky interfaces and then, the security and reliability of them is sometimes questionable.
Because of this inefficiency, the economic cost of doing an election is quite high, meaning that small entities with low budget may not be able to run voting events by themselves.
What it does
We have implemented a voting system that is attractive, easy to use (from the voter perspective), easy to deploy (from the voting authority perspective) and most importantly, secure.
Our system is has a decentralized architecture, therefore the trust and the availability of the system is distributed. It runs on fully on serverless services, which means that is easily scalable and resilient to failure. At the same time, the system guarantees the absolute privacy of electors, because the votes cannot be tracked to a single user and the results are not revealed until the time expires.
From the user perspective, a local administration can setup a system of polling stations. It needs a series of nodes for hosting the network, which can be owned by the same party or different external parties that verify the fairness of the electoral process. During the setup, the authority sets the people that will be able to participate and an expiration date.
Those people receive an email with a unique QR code, that is protected by their ID number as an authentication barrier. Then, they go to a polling station, scan the QR and can cast the vote once.
When the electoral process finishes, the nodes reveal the votes they casted and each node can do the counting by itself.
How we built it
The system is designed to run in different AWS accounts controlled by different parties that interact with each other. The services used are Lambda for application hosting, Dynamo for persistent storage, S3 for static file serving, API Gateway for public routing, Simple Email Service for sending the emails.
For encryption, we’re using SHA-256 for hashing and AES for symmetric encryption.
The application is divided in two parts: client and node. Client is a static web application responsible for displaying the UI and handling the interaction with the users. It’s build using React. The nodes are serverless Lambda applications that share state and store the data for persistence in Dynamo. For encryption, we’re using PyCrypto.
The communication between nodes is an adaptation of a Gossip protocol and onion encryption. Every time a node receives a vote, it encrypts it with its secret key and propagates the message through the network using broadcasting. When the time of the voting has expired, every node can call other nodes to decrypt the messages and therefore
We've also added a cool .tech domain: decvote.tech
Challenges we ran into
QR codes are sometimes difficult to work with (store long hashed keys).
What's next for Decentralized Voting
We'd really like to test with small election events.