CryptoBallot
CryptoBallot is a cryptographically secure decentralized E2E voting system meant for real-world elections. It is a "backend" service providing vote storage, cryptographic operations, and an API. It does not provide a user interface - although it is built to make creating a UI that interfaces with it easy.
It uses Shamir Secret Sharing for election decryption keys, blind-signing for voter anonymity, and an optional blockchain backend for distributed transaction storage and verification. It supports all tally methods including write-in candidates.
Goals
- Verifiable - the entire voting process should be end-to-end verifiable.
- Ergonomic - Easy to use.
- Fast - 1,000 votes per second.
- Scalable - Millions of voters.
- Secure - Rock solid security guaruntees.
Current State
Under active development. Not ready for production use!
Road Map
| Status¹ | Feature | Notes |
|---|---|---|
| ✓ | Migrate from Go to Rust | 🦀 |
| ✓ | Blind-Signing (RSA) | Uses RSA-FDH |
| Blind-Signing (ed25519) | Will replace current RSA bling-signing | |
| ✓ | Shamir Secret Sharing | Uses Sharks |
| ⚠ | Blockchain backend | Uses Hyperledger Sawtooth |
| ⚠ | Support all tally methods | Uses Tallystick |
| REST frontend | ||
| Distributed key generation | Replace Shamir, uses ElGamal, fully verifiable and distributed | |
| Onion mixnet (likely Sphinx) | Strengthened voter anonymity - Depends on REST frontend | |
| Re-encryption mixnet | Strengthened voter anonymity - far future if ever |
- ✓ means done, ⚠ means in-progress, blank means not started but support is planned.