Our in-house Know-It-Alls answer questions about your interactions with technology.
Q: Wouldn’t it be great if people could vote on the blockchain?
A: From Moscow to Denver, election officials and startups have embraced the idea of voting on the blockchain as a way to make mobile voting safer. Perhaps soon the whole US will jump on board! 2020 candidate Andrew Yang has added blockchain voting to his official campaign platform. “It is 100 percent technically possible to have fraud-proof voting on our mobile phones today using the blockchain,” he writes, a proposal sure to excite his technophilic followers.
Sounds appealing—even downright populist. Mobile voting could indeed increase voter participation, but it’s plagued by security issues in search of a solution.
The solution isn’t blockchain.
Let’s start with Yang’s grammar. Rude, I know—it’s never a good look to rag on linguistic tics—but it’s time to ban the “the” in “the blockchain.” The article suggests a platonic ideal, an infallible technology that exists in an air-gapped void. It’s language that leads to words like “unhackable” and to the marketing of blockchain as solution to everything from supply chains to fake news.
But hold up, we’re not discussing love or abstract geometry here; we’re talking about a technology that, like any technology, hinges on the gritty details of implementation. Blockchain is a type of database, secured by a group of computers, known as nodes. But it depends on people, with all their flaws, and on connections to older, not totally secure technologies, like the internet. That’s why you shouldn’t cast your ballot for blockchain for secure elections.
For an especially egregious example, take September’s local elections in Moscow, where blockchain-based mobile voting will be open to all. The system there uses a “smart contract”—a fancy word for a computer program—hosted on the Ethereum blockchain. First off, better hope the programmers wrote that program right: Flaws in smart contracts have been the target of massive hacks in the past. But a French security researcher looking at the system found a more straightforward problem: He could crack the keys that encrypt the ballots in just 20 minutes using a home computer. Why such a silly error, security researchers wondered, gawking in disbelief around the world? Blame careless human coders.
It wasn’t enough to scuttle the blockchain plans; officials say they replaced the keys with a more robust set. Hope they got it right the second time, Moscovites.
Still, at least the Moscow election officials put out their code in advance, allowing it to be tested by outsiders (voting machine vendors in the US could certainly learn from that example).
In the US, companies are starting to test blockchain in real situations. The leader is a company called Voatz, which has conducted pilots in West Virginia and Denver for military voters abroad. Unlike Moscow, which used the public Ethereum blockchain, with its many thousands of nodes, to secure votes, Voatz relies on a “permissioned” blockchain with up to 32 servers. That’s troubling, because when few entities control the nodes on a blockchain, they become security targets. There’s no evidence (so far) that the Voatz system was breached, or was even targeted, and the company has said its security protocols were rigorously audited. But you might ask, and indeed many cryptography experts have, what’s the point of using the blockchain in the first place, if you’re going to centralize it after all?
There’s another, inescapable problem here: the internet. Say you implement your blockchain perfectly (you didn’t). It’s still intertwined with all the same flawed systems that plague online voting. Verifying voter identity from afar is always a challenge; vendors have tried “biometric” solutions, like facial comparison, but that can be subject to bias and easily gamed. (Blockchains are plagued by the question of how to tether them to real world people and things. Take supply chains: It’s near impossible to know if that crate of lettuce you recorded so securely on a blockchain is the one that’s actually on the truck, and not some other, tainted batch.)