VeriVote

Merging blockchain technology with zero-knowledge proofs and homomorphic encryption, VeriVote delivers a transparent, decentralized, secure, and private voting system with strong security proofs.

Comment

Inspiration

The end goal and inspiration was a decentralized, secure blockchain-like election API utilizing Partial homomorphic encryption for tallying votes with a unique method of authentication/authorization using Zero Knowledge Proof's to secure transaction's anonymously. The idea was to use properties of blockchain technology for more of a utility based approach as a public ledger of transaction's; with each transaction being verified by the previous transaction and transaction following said transaction. Ideally, the end goal was anonymous, secure, verifiable transactions (votes in this case rather than monetary transactions) in such a manner that doesn't divulge confidential personal information regarding the vote itself or who it came from and the PII needed for typical voter registration/identification.

Objectives

Learn more about blockchain programming, and how zero knowledge proofs are used in cryptography as well how they are used and implemented in various existing protocols to facilitate anonymous transaction's such as is the case with zK-Snarks and Monero/Z-Cash.

What it does

  • Voter registration
    • Each registrant is assigned personal NIST256p ECC Public/Private key pair for ECDSA signatures, which will be used to provide signed encrypted ballot's.
    • Key pair saved to database (encrypted securely via AES-256-CBC-HMAC) along with user ID (simulated voter ID)
    • Integrity validations
  • Secure vote casting using the shared Paillier public key for secure vote aggregation without comprising confidentiality of vote count/tally or integrity of such.
    • Send encrypted vote
    • Sign signature of the encrypted vote signed using participants private ECC key.
    • Generate's Schnorr Zero Knowledge Proof of the ECC private key, as well as unique hashes for the ballot transasction along with a verifiable/identifiable stub.
  • Lite-blockchain implementation for recording of transaction elements to verify one another non-interactively, not allowing a vote to be cast if anything is invalid. (Interaction and record optimization doesn't really work currently due to some small bugs in the code, it's a library versioning issue with the ECDSA library used. If i had to do this again, I'd simply implment ECDSA from scratch using sage math because I have experience doing so and would simply get the proper NIST256p parameters ($P$, $a$, $b$) from an official source)
  • Rest of planned features I did not have time to implement or debug

Challenges I ran into

  • I am not experienced with Blockchain technology, nor am I particularly familiar with the full scope of implications behind Zero Knowledge Proofs outside of the basics. I spent a large amount of time doing initial research on this topic and performing lots of testing to ensure I was doing the calculations correctly. If I had a partner with block chain experience, or a full group... I think this could be a cool program and has lot's of potential for real world usage particularly in third world countries in which corruption run's rampant.

What I learned

  • How the blockchain works and the challenge's behind implementing an anonymous solution suitable for an election scenario.
  • The different use cases for ZKP's and the wide range of different ZKP "circuits" and similar terms that are used frequently within modern blockchain development.

Accomplishments I am proud of

  • Learned a lot about blockchains and smart contracts as well as the protocols that make them possible.

What's next for VeriVote

  • Do more research.

Built With

Share this project:

Updates