CryptoBallot
CryptoBallot is a cryptographically secure decentralized E2E voting system meant for real-world elections. It is a "backend" service providing vote storage, cryptographic operations, and an API. It does not provide a user interface - although it is built to make creating a UI that interfaces with it easy.
It uses Shamir Secret Sharing for election decryption keys, blind-signing for voter anonymity, and an optional blockchain backend for distributed transaction storage and verification. It supports all tally methods including write-in candidates.
Goals
- Verifiable - the entire voting process should be end-to-end verifiable.
- Ergonomic - Easy to use.
- Fast - 1,000 votes per second.
- Scalable - Millions of voters.
- Secure - Rock solid security guaruntees.
Current State
Under active development. Not ready for production use!
Road Map
Status¹ | Feature | Notes |
---|---|---|
✓ | Migrate from Go to Rust | 🦀 |
✓ | Blind-Signing (RSA) | Uses RSA-FDH |
Blind-Signing (ed25519) | Will replace current RSA bling-signing | |
✓ | Shamir Secret Sharing | Uses Sharks |
⚠ | Blockchain backend | Uses Hyperledger Sawtooth |
⚠ | Support all tally methods | Uses Tallystick |
REST frontend | ||
Distributed key generation | Replace Shamir, uses ElGamal, fully verifiable and distributed | |
Onion mixnet (likely Sphinx) | Strengthened voter anonymity - Depends on REST frontend | |
Re-encryption mixnet | Strengthened voter anonymity - far future if ever |
- ✓ means done, ⚠ means in-progress, blank means not started but support is planned.