Secure Voting in US Elections

Hi, this is Charles Hoskinson broadcasting live from warm, sunny Colorado. Today is February 21st, 2025. I'm making a video to talk about something I get asked all the time by many different people. Many people have come to me and said, "Charles, can we use blockchain for the American election system to make it far more secure?" The answer is maybe.

First off, let me share a little something with you, written by some very famous academics. It's a paper I disagree with, and I actually think it's a deeply unfair paper. But sometimes, you have to submit yourself to open criticism. The authors are very well-known: Nihan Nula, who is part of MIT's Digital Currency Initiative, and Ron Rivest from RSA, the "R" in RSA, a Turing Award winner. The paper details a lot of challenges about blockchain systems, and their conclusion is pretty stark.

They basically say that blockchains don’t do anything to improve a system. Blockchain technology does not solve the fundamental security problems suffered by all electronic voting systems. Electronic online blockchain-based voting systems are more vulnerable to serious failure than paper-based systems. Adding new technologies to systems may create new potentials for attack. Of course, they received some funding from MIT to do this, and I disagree with this paper because I think they were being a bit unfair about the reality of where the world is moving.

People have tried to construct blockchain-based voting systems. In fact, this is an example of one called Votes. They created a hybrid system, and I think this is the way to do it. Let me show you a little something about their technology. Their approach combines encryption, a paper trail, secure digital receipts, blockchain storage, biometric verification, risk audits, and a data security play.

You have a paper ballot combined with blockchain data and a ballot receipt. To build a system like this, there's a collection of components that have to work together. The first thing is that you need a really good identity system for blockchain voting, or voting in general. A lot of people come to me and say, "How about we do a blockchain voting system for the state?" Well, I've had numerous states come to me and talk about it, and the first answer is no unless we’re also talking about the identity system.

Typically, how nation-states identify people is through an artifact called breeder documents. Breeder documents are things like driver's licenses, passports, and birth certificates. There are all kinds of various things that you can use to identify a person, but typically they’re government-issued and have some notion of tamper resistance and the ability to verify. You’ll have an ID that might have a little hologram on it, a watermark, and your picture. Voter ID people say that the security of your entire voting system first relies upon the security of your identity system.

These are not terribly secure; there are many ways to counterfeit them, tamper with them, and manipulate things. There’s not even a very good audit log in the government systems that exist. Breeder documents are notoriously unreliable, and in many cases, forged documents can even be made by a government entity itself, especially abroad. So your identity system is the very first component that has to change before you even begin to talk about voting. We have standards the DID standard and things like AnonCreds.

Let me show you this real quickly. AnonCreds in the DID system come from the W3C, and these are open standards. Here’s the decentralized identifier (DID) V1 standard; it’s a way to represent identity. It’s been around for 10 years, and people have worked on it. AnonCreds are a way to represent identity where you can prove properties of somebody without revealing the underlying information.

For example, you can prove you’re at or over the age of 21 without revealing your actual age, name, or any other information. This person has this property—super cool idea. The Anon working group has been working on this since 2017, and there’s now a second version of the standard. Hyperledger Indy actually supports this. So we have some notion of how to do secure identity.

Now, are we done? No, not even close. That’s just the entry point. First, you need secure identity, and then you need secure registration. The people who are registering you to vote, for whatever that process is—whether it’s real-time or takes some time—have to understand the identity system in a way that no one can fake it.

The reason is that if you have a super secure voting system, which is completely unforgeable, meaning the tallies are completely accurate, that no one can manipulate your ballot or change your ballot or introduce counterfeit ballots, what if you’re registering dead people or fake people? A strong identity system is good, but you also need things like proof of life. For example, you need proof of location. Why? Because let’s say you’re registered to vote in the state of Colorado, but you actually live in Wyoming or California or somewhere else, and you never updated your voter registration.

There’s a temporal component to these types of things. You also need proof of good standing. What do I mean by proof of good standing? Are you a felon? Are you eligible to vote?

Are you over some criteria? There are criteria for voting that exist. Secure registration means there’s a process where they’re watching, and nothing bad can get through. For a secure voting system, you need a secure and fair ballot. After you register your people, you need a ballot that can’t be forged, and candidates cannot be omitted from it if they are legitimate.

You need that property. You’ll hear things, for example, about getting on the ballot. Robert Kennedy had that issue, and then there’s the idea of fake ballots or other such things. Paper ballots that are injected into the system have to be forge-proof and have some wonderful properties. Finally, after you have all of those, the person voting—the registered voter who has been authenticated—has to have some means of voting.

Some people like mail-in ballots, and I think they’re actually one of the least secure ways of voting. Why? Because we have no chain of custody here. It is the single easiest way to sell your vote. Another person can be sitting at the coffee table with you and can pay you money to fill out that ballot on your behalf.

You sign it, mail it, and no one will ever know. You can sell your vote super easily. The other thing is that the ballots can be intercepted, and people can submit them. People say, "Well, we have signature verification." Yeah, but that’s not very good because the signatures on the breeder documents are seldom very useful, and too many are processed for that in practice to be effective.

What about voting with your cell phone? Well, you can still sell your vote. I guess we don’t care about that. Signature verification can be replaced with biometrics. If your identity system has a biometric fingerprint during the registration process, then at least we know that it was actually Bob, not Alice, who was voting.

But your phone can be hacked. That’s the assertion of the paper that Ron Rivest wrote with the other authors. I would say that’s less of a concern with trusted execution environments. Every phone has one now, and there’s unhackable software that you can put on that’s pretty good. It’s still a little problematic because the system is entirely digital.

So what if we create a hybrid system? This is not a new idea; in fact, this is a very old idea. I’ll introduce two things: one from the Greeks and one from the Middle Ages. In Greek times, they had this thing called the ostracon. It was usually a piece of pottery that was broken off a vase, and they would write something on it.

The term "ostracize" comes from this because they would use this voting method to write a name on a person. If you had more than 6,000 shards, that person would be exiled for 10 years. Sometimes they used this to wipe themselves, so it must have been someone they were really angry with. It’s almost unforgeable because you can put the pot back together. In general, there’s a concept called tally sticks.

The split tally became a prevalent technique in medieval Europe, a time characterized by a scarcity of coinage and widespread illiteracy, to document bilateral exchanges and debts. Typically fashioned from square hazel wood, the stick was inscribed with a series of notches before being split lengthwise. Each party in the transaction retained one half of the marked stick, both pieces bearing identical records. Over the years, this method was refined to the point of becoming virtually impervious to tampering. One such refinement was to make the two halves of the stick of different lengths.

The longer part was called the stock, which was given to the stockholder who had advanced money or other items to the receiver. The shorter end of the stick was called the foil and was given to the party that had received funds or goods. Using this technique, each of the parties had an identifiable record of the transaction. The natural irregularities in the surface of the tallies, where they were split, would mean that only the original two halves would fit back together perfectly, verifying that they were matching halves of the same transaction. If one party tried to unilaterally change the value of their half of the tally stick by adding more notches, the absence of these notches would be apparent on the other party’s tally stick.

The split tally was accepted as legal proof in medieval courts, and the Napoleonic Code still makes reference to the tally stick in Article 1333. In Switzerland, the tally is still used in the 20th century in rural economies. So, why is this relevant? You can create a voting tally stick concept using blockchain and paper ballots. The basic idea is that, assuming you have a secure identity system, a secure registration system, and the ability to generate unforgeable paper and unforgeable blockchain, you can construct an election system where a person has two options.

They can either vote with their phone using a special app running in the trusted execution environment of that phone registered to a DID, which is their national ID. When they do that, the record goes to a blockchain record and also produces a paper receipt. That paper receipt can be treated a tally stick. It’s a piece of paper linked to that blockchain record and some property of the trusted execution environment phone in person. This means that this tally stick, this component, can only match together with the blockchain record, proving that record.

The advantage here is that if somebody tampers with something—they break the blockchain and somehow change the records—the tally papers will not agree with the blockchain record. If someone tries to tamper with the environment of the phone, there are ways you can build this scheme to detect an issue, for example, if it runs in a trusted execution environment. When you go to audit the election, you can count up the paper ballots and compare them to the blockchain ballots. These are different indexes; they should match just a UTXO system where the inputs match the outputs. If you want to be really pushing, you can even create two paper ballots and have them physically linked to each other, meaning that one is connected to the other by the design of the paper.

You can mail that receipt to the person who voted on their phone. If you want to go in the other direction, they could vote at a voting machine or a voting booth, and when they vote, that creates a blockchain record. They can check it on their phone through the registration. This is what’s called a hybrid digital system. It’s only as good as your ability to authenticate Bob.

You have to have a strong ID system for Bob—very strong. If you can’t authenticate them, it’s no good. This is a distributed system; the blockchain lives in the cloud, and the paper ballots would be held in different places. You’d have two independent sets of counters: the blockchain counts and the tally stick concept paper receipt counts. As they count, they can even mail it back to people.

If you want to create a double paper system, you can for high-priority elections. You can even create two independent tally systems where the phones can preserve the records for a period in their local trusted execution environments, and they count it up. Then you have a blockchain record, so you can do a tri-tally system if you want. Now, here’s what’s really cool: Bob can also query the blockchain, and as a result, Bob can verify that his vote was counted. Bob can verify the entire integrity of the system, which has inclusive accountability because the application knows how many registered voters there are.

You can check and say, "Well, if it was a thousand people that registered and less than or equal to a thousand voted, looks pretty good." You can check your vote, and with AnonCreds, you can prove properties of how you voted without revealing your underlying name. For example, for voter registration purposes, let’s say a major party says to register as a Republican. You had to have voted Republican in the last three elections or only people who voted Republican in the last three elections. You can prove that, but you don’t have to reveal your name.

There are all kinds of really cool things you can do. Voting with a phone is inevitable; it will happen. Phones are super secure when you talk about trusted execution environments like Samsung Knox and others, and they’re getting better all the time. I think there are all kinds of cryptographic schemes that you can layer on with MPC or other things if you don’t fully trust them. We have the identity primitive, the concept of a paper receipt, and the blockchain capability as well.

So the answer is yes, I do believe that you can construct a secure system. The wiring of all these things together is the hard part, and that’s really where the value comes. But no state is really above reproach unless they update and modernize their entire ID system. What’s really crazy to me is when I talk to people about a better national ID system, a lot of people say, "Well, that’s the mark of the beast, and it’s dystopian." They say we can’t allow a national ID, but then they’re comfortable with social security cards, driver’s licenses, passports, and state-issued IDs.

There’s the NSA and the CIA, and you put all your personal information on Facebook and Google. You use all these products; you have an Android phone, you have an Apple phone. They know so much more than what a government-issued ID would have. We have a huge vulnerability in our identity system, and because we have that vulnerability, identity theft is a $50 billion-a-year business. It’s terrible for people who are subject to it.

As a national conversation, you build these things in layers. The first thing you do is build a secure national ID system with programmable capabilities and portability that’s self-sovereign. The DID standard is a really good starting point; we can figure something out with that. The next stage is to talk about secure voter registration processes, assuming the DIDs, and then you can build up to a system that lets you vote with your phone, which will probably become the dominant way that people vote. It’s very low cost to put a blockchain system and a paper ballot system there.

You can either have a single receipt or a dual receipt with a tally stick concept. You can send the tallies to people, and when we do an audit, we could say you have to keep your tallies. Any votes that don’t have a corresponding tally, either digitally or on paper, won’t be counted. Build a system like that and put some accountability back on the voter, requiring them to preserve that for audits. There are a lot of ways you can skin this cat, but it’s a very interesting field with a lot of moving pieces.

By no means is electronic voting an easy topic; it’s actually one of the most complicated of all cryptographic protocols because you are dealing with an intrinsically adversarial and resource-constrained environment with a massive adversarial surface. It’s hard in practice to implement this, but this is a field of cryptography that covers all parts of it: confidentiality, integrity, non-repudiation, and authentication. It’s a very hard information security puzzle, but blockchain does have something to play because it gives you a brokering mechanism for things to coordinate. It gives you a place to put the digital receipt to match your paper receipt. In fact, as the paper receipts are generated, there can be a secret in the blockchain that can decode something on the paper receipt, so they’re tethered in some way.

It gives you a place for your PKI for the registration of people that’s tamper-resistant, time-stamped, and immutable. You can even have nonces or other things that, as you’re connecting to a voting thing, you can commit a secret, and the revelation of that commitment can reveal something. It’s a complicated thing, but in general, it can be designed. A lot of good companies have been thinking about this, and there are many good protocols around. It’s something we could build in probably one to three years with a dedicated team of about five to ten cryptographers and engineers.

It is a system that could be built in a very low-cost way because you create an application that runs in a trusted execution environment. It’s very easy to do registration; literally, just tap your phone. Everybody’s got one of those. But we’re not even going to consider doing it. We’ll never bid on a deal unless we get to also talk about the identity infrastructure at the same time.

Otherwise, you will be building the most secure counterfeit machine. There was a certain president that a lot of people doubted was born in the United States. Being born in the same place that person was born and having a grandfather who was involved in delivering kids there, I always thought it was funny when people said this. They say, "Oh, we have indisputable evidence." One of the things that used to happen in that place before Medicare and Medicaid is that when people came over from various places with young kids, they would just pay the doctors to fill out a birth certificate and submit it to the state, saying they delivered a baby.

The state would say, "Oh, congratulations," the newspapers would report it, and the state would issue a birth certificate. Pretty cool, right? You come from the Philippines or Indonesia or some other place, and now your kid’s a U.S. citizen.

The problem is that the birth certificate is legitimate, but the state doesn’t know any difference between the two processes. Documents were filed, and there’s a signature on it. You can’t really change anything there. Only when people started tracking these things and looking for waste, fraud, and abuse did they clean up the system a little bit and require more checks and balances. The point is that systems operate in stages, and when systems operate in stages, every stage in the chain has to be secure for the end result to be secure.

Just because you have a legitimate breeder document doesn’t mean that the information in it is accurate.