VoteChain: Blockchain-based Electronic Voting
Blockchain technologies have been widely talked about in the realm of cryptocurrencies, IoT, smart contracts, or even data analytics. A lot of this has already been well researched and there are several frameworks (Hyperledger, Ethereum) that allow developers to build their own blockchains. However, almost all of these frameworks hide the complexity of the cryptographic primitives and consensus algorithms under the hood, thereby not helping a novice understand exactly how the blockchain works.
As part of a course in Information Security, I wanted to learn more about blockchain technologies. At the same time, my goal was not to recreate existing code for building a blockchain, but more to adapt blockchain to a novel application. One of the applications that immediately came to mind was electronic voting and preventing voter fraud. A public immutable ledger to store voter and vote information was an ideal solution to tackle election dishonesty such as the recent U.S. Elections 2016. VoteChain is a proof-of-concept e-voting system developed using a blockchain backbone. It uses two blockchains - one to store voter details, and the other to store ballots.
Here's a brief schematic of how the system works.
The first chain, called the VoterChain allows registration of voters for the election process. This chain is modeled as a permissioned blockchain. Organization (or government) approved nodes join the VoterChain to persist information about registered voters. Voters presents their details to a VoterChain node to register themselves for an upcoming election and will be added to the VoterChain upon successful verification. Each node aggregates a set of registrants (aka transactions) into a block and adds a block periodically to the chain. Once a block is published, all the other nodes can see the transaction and will prevent the voter from being re-added to the chain.
The second chain, called VoteChain, operates very similarly to the first. The only difference here is that VoteChain is a public blockchain. A user interacts with nodes of the VoteChain to cast their vote, which in turn verifies the authenticity of the user, checks if they have already voted, and adds their vote to the VoteChain.
Overall, there are 6 steps from voter registration to voting.
- A user, Alice, registers herself on the VoterChain by submitting her name and ID to the VoterChain nodes.
- The VoterChain nodes check against a database of eligible voters to confirm that Alice is permitted to vote and add her to the VoterChain. In the process,
they generate a voter ID that is returned to Alice.
- Alice uses her name, ID, and voter ID and submits her vote to one of the VoteChain nodes.
- The VoteChain nodes interact with the VoterChain nodes to confirm that a user with the given name, ID, and voter ID is allowed to vote
- The VoterChain nodes check the chain to confirm a record with the given details exists.
- The VoteChain nodes add a record with the vote from Alice into the VoteChain and return an ID that corresponds to the vote.
VoteChain is implemented in Python 3 (support for Python 2 is untested). Underlying the blockchain, a proof-of-work consensus algorithm is used that checks for the last 4 characters of a hash to be zero. While the Bitcoin network is a broadcast protocol over TCP, I used a simpler ReST protocol over HTTP implementation. Each VoteChain and VoterChain node runs a Python Flask2 server that allows each node to communicate between themselves. The implementation supports distributed synchronization and is resistant to failure of individual nodes. Feel free to check out the implementation on Github.