VOTING PROBLEMS: Paper ballots are essential to election security, but slow to count and prone to costly disputes, while electronic voting is fast to count, but vulnerable to hacking and risks compromising voter anonymity. What if we could have the best of both?


VOTING PROBLEMS:  Paper ballots are essential to a secure voting system because they provide a tamper-evident trail and thwart large-scale ballot tampering, but the counting method  (by hand or by scanner)  is  slow, prone to inaccuracies, vulnerable to manipulation, minimally transparent, unable to give voters confirmation that their ballot was included in the count, and  often results in disputes, costly and time-consuming audits, court cases, and destabilizing delays in voting results; meanwhile electronic voting is fast to count, but risks compromising voter anonymity and is vulnerable to hacking that is large-scale and potentially undetectable. 

VOTING SOLUTION:  PaperBallotchain pairs paper ballots and blockchain technology to provide the first-ever cryptographically-verifiable, voter-verifiable, yet still anonymous, near-instant-count, paper-ballot voting system. 

(Patent No. 12132827)


VOTING SOLUTION:  PaperBallotchain  pairs paper ballots and blockchain technology to provide  the first-ever cryptographically-verifiable, voter-verifiable, yet still anonymous vote-casting system  and the first-ever fully transparent, perfectly accurate, near instantaneous, and publicly-verifiable vote-counting system—solving the critical technical vulnerabilities of blockchain voting  described by MIT and blockchain experts that have justifiably caused them to strenuously warn against blockchain voting. 

(This system holds both the credibility and innovation of a patent:  Patent No. 12132827)








.


You don’t need to understand blockchain technology because

you can privately verify that your scanned paper ballot has

been added to the blockchain using your Ballot ID#,   

while bad actors can’t verify which ballot you cast.   


But if you're interested...


Contents

Here's what PaperBallotchain can solve for you

(Back to Contents)


Vote-Casting Problems

Solution:  PaperBallotchain's vote-casting pairs paper ballots and  blockchain technology with only open-source code that

  • enables cryptographic verification of ballots
  • enables individual voters to privately verify that their scanned paper ballot has been, added to independent stakeholder blockchains,
  • yet obfuscates bad actor efforts to verify which ballots were cast by which voters.

 This vote-casting method includes solutions to critical technical vulnerabilities of blockchain voting identified by MIT and blockchain experts.


Vote-Counting Problems

Solution:  PaperBallotchain's vote-counting of all cryptographically verified ballots on the independent stakeholder blockchains is

  • fully transparent,
  • perfectly accurate, and
  • near instantaneous.

This vote-counting method includes solutions to critical technical vulnerabilities of blockchain voting identified by MIT and blockchain experts.


(Blockchain: a specialized type of database—a cryptographically secure, transparent, immutable, tamper-evident, distributed, digital ledger.)

Compare Voting Methods

(Back to Contents)

Solutions to problems in a system often come with tradeoffs.

But in comparison to traditional paper-ballot voting (which is the second best-rated system after PaperBallotchain), PaperBallotchain brings 9 rating improvements (out of 15 categories) and no rating decreases or tradeoffs, shifting 9 categories from ‘weakness,’ ‘minor strength,’ or ‘strength,’  to 'strength' or 'major strength’

Additionally, in comparison to electronic-ballot-to-blockchain voting, PaperBallotchain makes only one trade-off on the speed/ease of vote casting, favoring security, while bringing 9 rating improvements (out of 15 categories), shifting 9 categories from 'major weakness’ or ‘weakness’  to 'strength' or 'major strength’

Moreover, “online voting may not increase turnout. Studies on online voting’s impact on voter turnout have ranged from finding no impact on turnout (e.g., Switzerland [1]) to finding that online voting slightly decreases turnout (e.g., Belgium [2]) to finding that online voting slightly increases turnout but is nonetheless “unlikely to solve the low turnout crisis” (e.g., Canada [3]).1[4] Studies of Estonian elections have also suggested that turnout changes due to online voting may favor higher-income and higher-education demographics [5]. Recent US studies demonstrate significant demographic disparities in smartphone ownership (e.g., in gender, income, and education) [6].” ( Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity)

                                  Rating Scale

Compare Blockchain Voting Methods

(Back to Contents)

On the surface, blockchain voting appears to be the optimal solution to voting-system problems because... 

  • it can enable convenient casting of electronic ballots from mobile devices 
  • to a public, cryptographically secure, transparent, immutable, tamper-evident, decentralized, digital ledger (a blockchain), 
  • where the ballots can be automatically counted perfectly and nearly instantly. 

However, MIT and other blockchain experts have strenuously warned against blockchain voting, explaining...

  • although data is highly secure and tamper-evident once on a robust blockchain, 
  • blockchain voting has three critical technical vulnerabilities (problems), 
  • and paper ballots are vital to a secure voting system. 

For more details, see

Thus, if only we could transfer paper ballot data onto a blockchain securely, then the ballot data could be safely stored and counted on the blockchain, but how can we do that?    A key problem is that a paper ballot would need to be scanned, and that scanned ballot data would be subject to the same vulnerabilities as the electronic ballot  in its creation and on its path from the scanner to the blockchain. The PaperBallotchain patent solves that problem. 

Problems (Critical Technical Vulnerabilities)

in Traditional

Electronic-Ballot-to-Blockchain Voting

Solutions (Low-Tech & Non-Tech)

in New

Paper-Ballot-to-Blockchain Voting

This method is vulnerable to undetectable and large-scale hacks and would require a whole new election if the scanned ballot data or blockchain were hacked because no paper ballots would exist for a hand-count or otherwise.

This method is not vulnerable to undetectable or large-scale hacks and would not require a whole new election if the scanned ballot data or blockchains were hacked because paper ballots would exist in official custody for a hand-count or otherwise.

1.  Jeopardizes ballot integrity (Critical Technical Vulnerability):  “If vote-casting is entirely software-based, a malicious system could fool the voter about how the vote was actually recorded”—and that system would be prone to large-scale error and hacks that could overturn the election results in undetectable ways, or if detected, would require a whole new election.  (Sources: 1)  MIT experts: no, don’t use blockchain to vote | MIT CSAIL.  2) Would Voting Be Better On A Blockchain - YouTube.)

2. Jeopardizes voter anonymity (Critical Technical Vulnerability):  The software required to simultaneously 

1) verify voter identity, 

2) ensure voter anonymity (remove voter identity when casting the ballot), and 

3) remember voter identity to prevent voters from casting multiple ballots

—has not yet been developed/solved, and even if it were developed/solved—it would be prone to large-scale error and hacks that could compromise voter anonymity on a large scale and could enable casting of fraudulent ballots on a large scale that could overturn election results in undetectable ways, or if detected, would require a whole new election.  (Source:  Would Voting Be Better On A Blockchain - YouTube.)


If using coins to vote: “it does not provide a secret ballot: all votes are public, and users can prove to a third party how they voted, enabling coercion and vote-selling.”


If using zero- knowledge proofs: 

  • “While this would mean that transaction data would no longer be publicly visible, the resulting scheme would still be far from providing ballot secrecy.”
  • If the software were hacked, voter anonymity would be compromised on a large scale.
  • They are “designed for a setting where the party with secret information wants to keep it secret…—they generally do not prevent that party from revealing information voluntarily.”

(Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)


3. New Blockchain Database Vulnerability (Critical Technical Vulnerability):   New blockchain databases typically have a small number of computer node participants, which makes them inherently vulnerable to “51% attacks,” in which a bad actor gains control of the majority of the blockchain nodes/computers, enabling them to “create multiple versions of the blockchain to show different people, sowing discord.”  Even though the hack would be detectible, it would require a whole new election. ( Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)

4. “If a user loses their private key, they can no longer vote, and if an attacker obtains a user’s private key they can now undetectably vote as that user.” (Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)


5. “If a user’s voting device (probably a mobile phone) is compromised, so could be their vote.” (Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)


6. Targeted ballot censoring:  

  • During storage: “if a majority of the miners or validators collude—then they could…. Or, they could censor certain users’ votes.”
  • During transit over the internet:  filtering or blocking ballots of a specific criteria at an intermediate node on their internet path, thereby preventing them from reaching their blockchain destination.

(Source: Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)


7. Denial of service (DOS) attack—by overwhelming the blockchain with invalid ballots/transactions, causing cast-ballots to miss the cutoff time to add ballots to the blockchain. (Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)


8. Denial of service (DOS) attack—by influencing/disrupting network connectivity, causing ballots to miss the deadline to be added to the blockchain. (Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)


9. “the inadvisability of using new distributed consensus protocols or new cryptographic primitives for critical infrastructure until they have been well-tested in industry for many years” (Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)


10. “it takes more time and effort to deploy security fixes in a decentralized system than in a centralized one, and [so] “blockchain systems can be vulnerable for longer periods of time than centralized counterparts.” (Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)


11. “Elections are inherently centralized (with a central organization, the government, that is in charge of election procedures, the contests of the election, the eligibility of the candidates, and eligibility to vote),” so blockchain technology is not a good fit for voting. (Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)


12.  “Scalable attacks (SHOWSTOPPER CATEGORY):  If the adversary’s cost to tamper with the election is much less than the defender’s cost to prevent such attacks, attempts to prevent, remediate, or even discover the failures may be impossible in practice. Scalable ‘wholesale’ attacks affecting election outcomes are much more dangerous than ‘retail’ attacks affecting only a few votes.”  This is one of “two categories of ‘showstopper’ vulnerabilities that effectively eliminate election authorities’ ability to prevent or remediate serious failures.”  Several of the previously discussed problems in electronic-ballot-to-blockchain voting are scalable attacks. (Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)


13. “Undetectable attacks (SHOWSTOPPER CATEGORY):  If an attacker can alter the election outcome without any realistic risk of the modification being caught (by voters, election officials, or auditors), the attack becomes impossible to prevent or mitigate.” This is one of “two categories of ‘showstopper’ vulnerabilities that effectively eliminate election authorities’ ability to prevent or remediate serious failures.” Several of the previously discussed problems in electronic-ballot-to-blockchain voting are undetectable attacks. (Source: Going from bad to worse: from Internet voting to blockchain voting | Journal of Cybersecurity | Oxford Academic.)


1. Low-tech solution:  1) Print the following on a folded, sealed, tamper-evident paper ballot:  

  • a Ballot Private Key (unique number, in non-human-readable, machine-readable code/format, such as a QR code) to create a ballot digital signature on a scanned-ballot datafile that will be cast onto multiple independent-stakeholder blockchains and verified using a corresponding Ballot Public Key that is published before the election, 
  • a unique Ballot ID# to enable a voter to look up their scanned paper ballot on the independent-stakeholder blockchains, 
  • machine readable code that causes a ballot-scanner-set assembly to shred the ballot private key after the independent-stakeholder scanners in the scanner-set assembly transmit the scanned-ballot datafile to the independent-stakeholder blockchains (thereby preventing someone form altering and/or recasting the ballot).   

2) Then scan a voter-marked paper ballot using a scanner-set assembly containing multiple independent-stakeholder scanners (each with a unidirectional data diode) that can each separately create and apply a stakeholder-scanner digital signature to a scanned-ballot datafile that can be verified by the public and a blockchain using a corresponding pre-election-published Stakeholder Scanner Public Key.  


Those two steps are the foundation of a paper-ballot-to-blockchain voting system that:

  • Preserves the tamper-evident, auditable paper trail of paper ballots.
  • Enables the public and the independent stakeholder blockchains to verify the integrity of each scanned-ballot datafile using the corresponding pre-election-published Ballot Public Key and pre-election-published Stakeholder Scanner Public Keys. 
  • Makes it impossible to re-cast an altered or unaltered marked-paper ballot onto the blockchain because the Ballot Private Key is destroyed/shredded when it travels through the scanner set assembly.
  • Enables each voter to nearly instantly verify their paper ballot data has been cast onto a blockchain and is currently included in the vote count—using the Ballot ID#.  (Yet, gives a voter has plausible deniability about which Ballot ID# they cast since the voter can claim that their Ballot ID# is any Ballot ID# cast onto the blockchain around the same time as theirs from the same polling station, which would obfuscate bad actor efforts to verify which ballots were cast by which voters when seeking to buy or coerce votes.)
  • Prevents bad actors from sending malware into the scanner device from the internet because the unidirectional data diodes physically guarantee that data can only exit (not enter) the scanner device.
  • Makes a large-scale hack of scanner devices nearly impossible because each competing stakeholder maintains hundreds of unconnected unidirectional data diode scanners in hundreds of different locations.

2. Non-tech solution: The voting system software never knows the voter’s identity.  After election officials verify voter identity in whichever manner they choose, they provide a folded, sealed, tamper-evident paper ballot to the voter that 

  • 1) is not tied to voter identity, 
  • 2) is folded and sealed in a tamper-evident way that conceals the ballot contents until the voter opens it in private, and 
  • 3) contains a Ballot ID# and a Ballot Private Key that are not linked to a human identity (thereby preserving voter anonymity) and enable the ballot to function with blockchain technology in a cryptographically secure and anonymous way. 

Optional use of Ballot Vending Machines:  Instead of election officials selecting which folded, sealed, tamper-evident paper ballot to give to each voter, each voter can select a ballot from a Ballot Vending Machine, so election officials won’t know which ballot the voter will get.  


Additionally, the voter has plausible deniability about which Ballot ID# they cast because the voter can claim that their Ballot ID# is any Ballot ID# cast onto the blockchain around the same time as theirs from the same polling station, which would obfuscate bad actor efforts to verify which ballots were cast by which voters when seeking to buy or coerce votes.


3. Low-tech solution: The scanned-ballot datafile is stored in multiple competing  independent-stakeholder ballot blockchains (each redundantly backed up) that stakeholders centrally build/control (but are duplicated & validated in many places by members of the public to reveal any tampering), so there’s no possibility of a 51% attack.  This system instead uses the competitive nature of the stakeholders; comparison of their blockchains; and public and stakeholder validator computers (running opensource blockchain building software) to duplicate and check the integrity of the information on the blockchains.       


Alternatively, the scanned-ballot datafile is stored with a third party blockchain database service that saves the scanned-ballot datafile itself or a link to the scanned-ballot datafile as a non-fungible token (NFT)—in either a layer-2 sidechain database of the Bitcoin blockchain database or a different third party Blockchain Database—that is already essentially invulnerable to a 51% attack due to many blockchain computer node participants that store copies of the blockchain.  The Bitcoin Blockchain database is currently the most secure blockchain database in the world because it has the greatest number of nodes in the world and has maintained its data integrity despite more than a decade of hack attacks since its inception. 


4. Private keys are not assigned to users.  


  • Private keys are assigned to paper ballots, so if a person loses their ballot (containing the ballot private key), they can still vote if election officials give them a second ballot.  
  • If a bad actor wanted to cast a stolen ballot obtained from outside the secure voting area, then the bad actor would need to pass the voting eligibility check of election officials before casting the ballot through the stakeholder ballot scanners in the secure area, so if the bad actor was seeking to vote a second time or was not eligible to vote at all, then election officials would be able to detect that and prevent the bad actor from sending the ballot through the stakeholder scanners.  
  • In this voting system, voters and election officials will need to treat paper ballots with similar security protocols as paper money.

5. Personal devices are not used in the system.  

  • Instead, each voter casts their ballot through a state-supervised scanner-set assembly with multiple independent-stakeholder scanners (each with a scanner private key) (built by a manufacturer of the stakeholder's choice), so that all scanned-ballot datafiles can be compared for unanimous agreement to detect tampering. 
  • Additionally, each scanner has a unidirectional data diode that only permits data to exit, not enter the scanner.  
  • Moreover, each scanned-ballot datafile has a digital signature from both the ballot private key and a stakeholder scanner private key, so ballot tampering would be evident.

6. Defense against targeted ballot censoring: 

  • During storage: Each stakeholder is required/expected to maintain a blockchain with all cast ballots, so if a stakeholder’s blockchain is missing opponent ballos, then their censorship will be evident and likely ineffective because a competing stakeholder lacked the incentive to censor those ballots.
  • During transit over the internet: Ballots are sent via multiple methods—multiple ISPs and multiple Radio Frequency (HF, VHF, and  UHF) antenna—so that any member of the public can receive them and re-broadcast them.  Additionally, a deterrent  is that each scanned-ballot datafiles is “wrapped” with a cryptographic puzzle, so an adversary must expend resources/time/money to solve the cryptographic puzzle to determine if the ballot meets their criteria for censorship.

7. Defense against DOS transaction flooding:  

  • Centrally controlled (permissioned) blockchains, which are used in this system, are “more resistant to [DOS] transaction flooding” than public (permissionless) blockchains because only authorized participants/nodes (“tightly controlled by a governing entity”) can submit transactions, so “attackers cannot easily gain access to spam the network.”  
  • Additionally, “a central authority can monitor and control the flow of transactions, preventing overload.” Furthermore, even if the attack was successful, paper ballots would still be available for hand counting, optical-scan counting, and audit.

8. Defense against DOS connectivity disruption:  

  • Ballots are sent via multiple methods-multiple ISPs and multiple Radio Frequency (HF, VHF, and  UHF) antenna—so that any member of the public can receive them and re-broadcast them. 
  • Furthermore, even if the attack was successful, paper ballots would still be available for hand counting, optical-scan counting, and audit.

9. The system does not require distributed consensus protocols, and it can use old, basic, battle-tested (rather than new, novel) cryptographic primitives because the system uses centrally controlled blockchains (each controlled by an independent stakeholder), where each blockchain uses the same validation protocol.  

10. Rather than decentralized blockchains, the system uses multiple centrally-controlled blockchains (each managed by an independent stakeholder), so fixes can be deployed quickly. 

11. The system uses centrally controlled vote casting and counting methods that are consistent with the centralized nature of elections, while also employing blockchain technology in a novel yet basic way to provide the security, transparency, and counting speed that is required and desired in elections. 


12. An adversary would need to corrupt multiple independent groups of stakeholders (without being detected) to accomplish a large-scale attack:  

  • multiple independent scanner manufactures (each selected by different stakeholder) or many independent-stakeholder-scanner custodians—to obtain scanner private keys, 
  • multiple independent printer custodians or many paper-ballot custodians (guarding paper ballots like paper money)—to obtain ballot private keys, and  
  • many blockchain node custodians. 

Even if a scanner was running malware that was altering scanned-ballot datafiles, each voter would have an opportunity to see and report it after they cast their ballot, which would cause that scanner to be taken offline. 


13. Each of the following are detectible and publicly evident throughout the PaperBallotchain voting process. 


Ballot censorship is evident.

  • If just one stakeholder publishes a validated scanned-ballot datafile from their independent scanner onto their independent blockchain, then it will be evident if another stakeholder(s) is censoring the ballot if they do not publish it and their own scanner’s copy of the scanned-ballot datafile onto their own blockchain too. 

Ballot tampering is evident.

  • If a stakeholder alters and publishes a scanned-ballot datafile, then it will not pass a data match check against the other stakeholders’ copies of the scanned-ballot datafile for that Ballot ID#.  
  • And if the stakeholders do not have unanimous agreement on their published scanned-ballot datafiles for a given Ballot ID#, then the disparity will be automatically detected and the Ballot ID# will automatically be discounted from the vote tally. 

Ballot counterfeiting is evident.

  • It would be very difficult for bad actors to create counterfeit scanned-ballot datafiles that could pass a validation check by the stakeholder blockchains because the bad actors would need to steel both paper ballots (or Ballot Private Keys) and a stakeholder transmitting scanner (or a scanner private key) from each stakeholder without the stakeholders, election officials, or election observers noticing.
  • If duplicate ballot private keys or scanner private keys were used to cast fraudulent ballots onto the blockchain, those duplicates would be detectible and all scanned-ballot datafiles with those ballot and scanner digital signatures would be discounted from the automatic blockchain explorer vote count, and the actual paper ballots could be counted instead. 

Ballot and vote miscounting is evident.

  • Since the independent-stakeholder blockchains are published publicly and any open-source blockchain explorer (search engine) can be used to search all the stakeholder blockchains, any discrepancies in vote tallies by any of the blockchain explorers will be evident. 

The electronic-ballot-to-blockchian voting method is vulnerable to undetectable and large-scale hacks and would require a whole new election if the scanned ballot data or blockchain were hacked because no paper ballots would exist for a hand-count or otherwise.

The paper-ballot-to-blockchian voting method is not vulnerable to undetectable or large-scale hacks and would not require a whole new election if the scanned ballot data or blockchains were hacked because paper ballots would exist in official custody for a hand-count or otherwise.

Key Steps 
in PaperBallotchain

(Back to Contents)

Step 1

After election officials verify voter eligibility via whichever method they choose, they dispense, via whichever method they choose, a folded, sealed, tamper-evident paper ballot (containing a hidden printed Ballot ID# and a hidden Ballot Private Key QR Code) to the voter.   

  • Election officials can dispense ballots in-person by hand, via Ballot Vending Machines at polling stations, and/or via mail.
  • The Ballot Vending Machines provide an added layer of security to voter anonymity because election officials do not know which ballot a voter will select from a vending machine, nor do they know which vending machine a voter will choose.  
  • To dispense ballots via Ballot Vending Machines (located in polling stations), election officials can dispense a ballot token (identical to all other tokens) that enables the voter to select a ballot from a Ballot Vending Machine.    
  • The folded, sealed, tamper-evident paper ballot enables a voter to ensure that 1) no one else knows which Ballot ID# the voter received and 2) the Ballot Private Key has not been compromised.
  • The hidden Ballot ID# enables the voter to use it and a blockchain explorer to verify their ballot data has been added to the independent stakeholder blockchains.
  • The hidden Ballot Private Key QR Code enables a digital signature to be applied to a scanned datafile of the ballot so that the public and recipient blockchains can verify the integrity of the scanned-ballot datafile using the corresponding pre-election-published Ballot Public Key.
  • The hidden Ballot Private Key is printed in invisible ink in the form a QR Code to thwart any bad actor voters who seek to copy the Ballot Private Key, which would be a pointless effort because the repeated use of a Ballot Private Key to cast a different ballot would be detected and invalidate both cast ballots.

Step 2

The voter enters a private space or voting booth to open and fill out the paper ballot.

  • Optionally, the voter writes down the Ballot ID# if the voter wants to verify their ballot was added to the stakeholder blockchains. 
  • The voter has plausible deniability about which Ballot ID# they cast because the voter can claim that their Ballot ID# is any Ballot ID# cast onto the blockchain around the same time as theirs from the same polling station, which would obfuscate bad actor efforts to verify which ballots were cast by which voters when seeking to buy or coerce votes. 

Step 3

At a polling station, the voter (or an election official) feeds the marked paper ballot into a Ballot-Casting Automated Teller Machine (ATM), which contains a Ballot-Scanner-Set Assembly with multiple independent-stakeholder scanners (each with a unidirectional data diode) that can each separately apply a stakeholder-scanner digital signature to each scanned-ballot datafile as well as a paper ballot digital signature (that can each be verified by the public using the corresponding  pre-election-published Stakeholder Scanner Public Key and Paper Ballot Public Key).

  • Each stakeholder contributes a transmitting scanner (with a unidirectional data diode) that transmits scanned-ballot datafiles to all the independent-stakeholder blockchains. 
  • The unidirectional data diode on each stakeholder transmitting scanner only permits data to exit, not enter the scanner, in order to physically prevent malware from entering the transmitting scanner from the internet.
  • Each stakeholder contributes a receiving scanner (with a unidirectional data diode) that receives confirmation from each independent-stakeholder blockchain when a scanned-ballot datafile has been validated and added to a blockchain.
  • The unidirectional data diode on each stakeholder receiving scanner only permits data to enter, not exit the scanner, in order to 1) physically prevent the scanner (which  could become infected with malware from the internet) from transmitting a falsified scanned-ballot datafile to the blockchains and 2) prevent hackers from getting needed feedback on any malware they attempt to send to the scanners.

Step 4

Each independent-stakeholder scanner (within the Scanner-Set Assembly inside the Ballot-Casting ATM) independently transmits the scanned-ballot datafile with a digital signature from the Ballot Private Key, a digital signature from the stakeholder Scanner Private Key, and a scanner-generated Cryptographic Puzzle to all participating independent-stakeholder Ballot Blockchains, which are each independently centrally controlled by a stakeholder.

  • The ballot digital signature and the scanner digital signature on the scanned-ballot datafile enable the public and the blockchains to verify the integrity of each scanned-ballot datafile using the corresponding pre-election-published Ballot Public Key and Scanner Public Key.
  • The scanner-generated cryptographic puzzle serves as a deterrent to bad actors who want to censor/withhold the scanned-ballot datafile from the blockchains.  The cryptographic puzzle forces bad actors to expend resources/time/money to solve the cryptographic puzzle to determine if the contents of the scanned-ballot datafile meet their criteria for censorship.

Step 5

A shredder (within the Scanner-Set Assembly inside the ATM) shreds the Ballot Private Key off the paper ballot.  


Doing so makes it impossible to re-cast an altered or unaltered marked-paper ballot onto the blockchains because the blockchains will reject any datafile that lacks a valid ballot digital signature (and a valid scanner digital signature) if the blockchains are running valid blockchain builder/validator software.

Step 6

Each independent-stakeholder Ballot Blockchain uses the same validation protocol to add a scanned-ballot datafile to its blockchain.  

(A member of the public can use the same validation protocol to build a duplicate ballot blockchain and then compare it against the stakeholder ballot blockchains using a blockchain explorer designed to compare them.)  


The validation protocol used to add a new scanned-ballot datafile to a ballot blockchain requires that the scanned-ballot datafile:

  • has a valid ballot ID# (that is on the pre-election-published “Ballot ID# & Corresponding Ballot Public Key List”), 
  • has a valid corresponding ballot digital signature (which is confirmed using the pre-election-published “Ballot ID & Corresponding Ballot Public Key List” ), 
  • has a valid scanner digital signature (which is confirmed using the pre-election-published “Stakeholder Scanner Public Key List”), and 
  • passes a data-match check, using the designated open-source cryptographic hash function to show the ballot-image hash was created with the designated open-source cryptographic hash function.

Each stakeholder blockchain likely stores the scanned-ballot datafiles in different sequences (based on their differing travel paths and speed over the internet from the scanners to the stakeholder blockchains), but the count of scanned-ballot datafiles on the blockchains will be identical if all the blockchains store all the scanned-ballot datafiles.  


If a stakeholder tries to censor opposing ballots by not transmitting them (from their scanners or from internet nodes on the internet paths of the ballot datafiles) to the blockchains) or by not publishing/adding them on their own blockchain, that is likely a futile effort for the following reasons:

  • The competing stakeholder’s scanners will likely transmit their own scans of the ballots and add/publish them to their own stakeholder blockchain, where they can be validated by the public with the corresponding Ballot Public Keys and Scanner Public Keys.  
  • The censoring stakeholder blockchain will not be used in isolation to count the votes.  The other competing stakeholder blockchains will also be used to count the votes. 
  • The censorship of the censoring stakeholder blockchain will be apparent publicly, which is a deterrent because a competing stakeholder is seeking legitimacy in winning an election. 
  • The blockchain explorer vote-counting software is only looking for unanimous agreement among the validated blockchain-posted ballot datafiles for a given Ballot ID#, so the absence of one stakeholder-scanner’s ballot datafile from the blockchains will not prevent the other stakeholder-scanners’ ballot datafiles of the same Ballot ID# from being counted by the blockchain explorer software. This rule prevents a stakeholder from causing opposing ballots to be discounted by withholding their own scanner’s copy of them.
  • The only way a Ballot ID# will be discounted from the blockchain explorer’s vote-count is if there is not unanimous agreement from all the validated blockchain-posted ballot datafiles for that particular Ballot ID#.  
  • --Thus, there must be a validated scanned-ballot datafile with information that conflicts with another validated scanned-ballot datafile with the same Ballot ID# in order to discount that Ballot ID#.  
  • --Then, the paper ballots of any discounted Ballot ID#s (without unanimous agreement among the stakeholder scanner-signed datafiles) can be hand-counted if they exceed the number sufficient to overturn the election results.

Step 7

The Ballot-Casting ATM flashes a green light if it received confirmation that the scanned-ballot datafile was added to a stakeholder blockchain or a red light if not, and then drops the paper ballot into a corresponding transparent green or red plastic box inside the clear plastic ATM machine. 


  • If the green light doesn’t flash within 30 seconds, then the voter can report it to election officials in Step 9 (without giving the Ballot ID# or their name), and 
  • if the total number of such reports exceeds the number of votes required to overturn the election results, then a hand count and audit of paper ballots is conducted.

Step 8

The voter can use their privately viewed Ballot ID# (optionally written down inside their private voting space) and a blockchain explorer on a government computer or a personal mobile device to lookup their ballot data on the Stakeholder Ballot Blockchains.  


Meanwhile, bad actors seeking to buy or coerce votes can’t verify which ballot the voter cast  because the voter's Ballot ID# could be any Ballot ID# cast onto the blockchain around the same time at the same polling station.

Step 9

If voters are unable to find their ballot data on the blockchains or they find their ballot data has been altered, then voters can verbally inform an  election official who keeps a paper tally of such reports (that doesn’t identify the voter).  


If the total number of such reports exceeds the number of votes required to overturn the election results, then a hand count and audit of paper ballots is conducted.

Step 10

A blockchain explorer provides a live report (throughout the vote casting and counting process) with the following information pulled from all the stakeholder blockchains:


1) Tallies of votes for each candidate (from all the validated, blockchain-posted scanned-ballot datafiles for a given Ballot ID# that have unanimous agreement on their data across all stakeholder blockchains). 

  • The criteria to count a ballot (and it’s vote(s)) is unanimous agreement among all the stakeholder-scanner-signed, paper-ballot singed, validated, blockchain-posted scanned-ballot datafiles for a given Ballot ID# across all stakeholder blockchains.  

2) The total number of ballots that would be required to overturn the election results.


3) A tally and list of every Ballot ID# that lacks unanimous agreement among its stakeholder-scanner-singed, blockchain-posted, validated scanned-ballot datafiles (and are thus excluded from the automatic vote tallies).  

  • The list indicates which scanned-ballot datafiles are invalid (lack a valid Scanner Public Key or a valid Ballot Publick Key), which cannot happen if a blockchain is using valid Ballot Blockchain Builder Software/validation protocol.)
  • The list specifies which scanned-ballot datafiles are on which stakeholder blockchains. 
  • The list is sequenced by Ballot ID#.

4) A tally and list of every Ballot ID# that has unanimous agreement among its stakeholder-scanner-singed, blockchain-posted, validated scanned-ballot datafiles (and are thus included in the automatic vote tallies).

  • The list specifies which scanned-ballot datafiles are on which stakeholder blockchains.
  • The list is sequenced by Ballot ID#.

5) A tally and list of every Ballot ID# that is missing from each blockchain. 

  • The list is grouped by stakeholder blockchain and sequenced by Ballot ID#. 
  • The list enables the public to see if any stakeholder blockchains appear to be censoring ballots.
  • The list enables stakeholders to add any ballots that are missing on their own blockchain yet published on the other competing stakeholder blockchains.
  • The list enables the public to see how many ballots have not been cast onto any stakeholder blockchains.

6) A tally and sequential list of all Ballot ID#s and their corresponding validated stakeholder-scanned-ballot datafiles that are published on each Stakeholder Ballot Blockchain 

  • The list specifies which pre-election-published Paper Ballot Public Key was used to validate each scanned-ballot datafile.
  • The list specifies which pre-election-published Stakeholder-Scanner Public Key was used to validate each scanned-ballot datafile. 
  • The list specifies which Stakeholder Ballot Blockchain recorded each scanned-ballot datafile.

7) A tally and sequential list of which Ballot ID#s were cast from which geographic locations based on their scanner digital signatures and the pre-election published list of stakeholder scanners, their Scanner Public Keys, and their assigned locations.


Optional Voting Cafés

to help maximize voter turnout in a community

Key Security Layers

in PaperBallotchain

(Back to Contents)

Security Layers that Ensure Voter Anonymity

1. Folded, sealed, tamper-evident paper ballots, containing a hidden Ballot ID# and a hidden Ballot Private Key QR Code (printed in invisible ink that is readable by the scanner device).


There’s no software linking a voter to a ballot, and election officials can’t see the Ballot ID#s or track which voters get which Ballot ID#s—as long as the seal on the folded, sealed, tamper-evident paper ballot has not been broken.

  • Batches of sequentially numbered ballots are shuffled, given batch numbers, and assigned to specified polling stations, all of which (batch numbers, corresponding Ballot ID#s, and corresponding polling stations) are publicly published before the election.
  • The batch numbers enable anyone to identify the source of any compromised ballots.
  • The shuffling of the ballots within a batch prevents election officials from knowing which voters got which Ballot ID#s, as long as the seal on the folded, sealed, tamper-evident paper ballot has not been broken—which thwarts bad-actor efforts to buy or coerce votes.

Additionally, the voter has plausible deniability about which Ballot ID# they cast because the voter can claim that their Ballot ID# is any Ballot ID# cast onto the blockchain around the same time as theirs from the same polling station, which would obfuscate bad actor efforts to verify which ballots were cast by which voters when seeking to buy or coerce votes.

2. Optional use of Ballot Vending Machines


Instead of an election official selecting which folded, sealed, tamper-evident paper ballot to give to a voter, the voter selects a ballot from one of multiple Ballot Vending Machines, so election officials can’t know which ballot the voter will get. 

3. Public display of all cast scanned-ballot datafiles on the independent stakeholder blockchains.  


  • The public display of all cast scanned-ballot datafiles on the independent stakeholder blockchains obfuscates bad actor efforts to verify which ballots were cast by which voters because a given voter’s Ballot ID# could be any Ballot ID# cast onto the blockchain around the same time from the same polling station—thereby giving voters plausible deniability about which ballot they cast.
  • Voters can easily search the Live Blockchain Vote Tallies Report for ballots cast at their polling station within in a specified timeframe.

Security Layers that Protect Ballot Integrity and Authenticity


Note: "Integrity" means the data has not been altered. 


Note: "Authenticity" means the data can be verified as coming from an expected source
(in this case, verified cryptographically by 1) a Ballot Public Key that determines whether the ballot digital signature (created from the Ballot Private Key) is valid and 2) a Scanner Public Key that determines whether the scanner digital signature (created from the stakeholder Scanner Private Key) is valid).

4. A hidden Ballot ID# and a hidden Ballot Private Key QR Code (printed in invisible ink that is readable by the scanner device) inside a folded, sealed, tamper-evident paper ballot.


The paper ballot provides a tamper-evident auditable trail.  

  • The paper ballots can be compared to the scanned-ballot datafiles stored on the stakeholder blockchains.
  • If paper ballots were not used, then a whole new election would be needed (requiring voters to re-cast their ballots) if the scanned ballot datafiles or blockchains were compromised.  

The hidden Ballot ID# enables each voter to verify the integrity of their cast scanned-ballot datafile by using a blockchain explorer (search engine) and their Ballot ID# to look up their scanned-ballot datafile on the stakeholder blockchains.  

  • If Ballot ID#s were not used, then voters would not be able to verify the integrity of their scanned-ballot datafiles on the blockchains.
  • Reminder: The voter has plausible deniability about which Ballot ID# they cast because the voter can claim that their Ballot ID# is any Ballot ID# cast onto the blockchain around the same time as theirs from the same polling station, which would obfuscate bad actor efforts to verify which ballots were cast by which voters when seeking to buy or coerce votes.

The hidden Ballot Private Key QR Code (printed in invisible ink that is readable by the scanner device) guards against unauthorized use of the Ballot Private Key to cast a counterfeit ballot(s).

  • Enables anyone with the corresponding pre-election-published Ballot Public Key  to verify the integrity and authenticity of the scanned-ballot datafile. 
  • If the Ballot Private Key was not hidden in a tamper-evident way and printed as a QR Code in invisible ink (that is readable by the scanner device), then a bad actor/voter could for example write down or take a picture of the Ballot Private Key to try to cast multiple counterfeit scanned-ballot datafiles to try to overwhelm a blockchain network. 

5. Ballot Private Key (part of a public-private key pair)—printed as a QR Code in invisible ink (readable by the scanner device) and hidden in a folded, sealed, tamper-evident paper ballot.

  • Creates and applies a ballot digital signature to the scanned-ballot datafile.
  • Enables anyone with the corresponding pre-election-published Ballot Public Key to verify whether the ballot digital signature on the scanned-ballot datafile is valid,  thereby confirming the integrity and authenticity of the scanned-ballot datafile. 
  • If a Ballot Private Key were not used while a Scanner Private Key was used, then bad actors could steal a stakeholder scanner or it’s private key to create and transmit counterfeit ballot datafiles to the blockchain database network. 
  • If neither a Ballot Private Key nor a Scanner Private Key were used, then bad actors could create and transmit counterfeit scanned-ballot datafiles to the blockchain database network and the counterfeits would not necessarily be detectible.

6. Stakeholder-Scanner Private Key  (part of a public-private key pair)—on a stakeholder scanner.

  • Creates and applies a stakeholder-scanner digital signature to each scanned-ballot datafile. 
  • Enables anyone with the corresponding pre-election-published Scanner Public Key  to verify whether the scanner digital signature for the scanned-ballot datafile is valid,  thereby confirming the integrity and authenticity of the scanned-ballot datafile.  
  • If a Scanner Private Key were not used while a Ballot Private Key was used, then bad actors could steal valid paper ballots and transmit scanned datafiles of them from any device to the blockchain database network. 
  • If neither a Scanner Private Key nor a Ballot Private Key were used, then bad actors could create and transmit counterfeit ballot datafiles to the blockchain database network and the counterfeits would not necessarily be detectible. 

7. Cryptographic Puzzle—from a stakeholder scanner.

  • Conceals the content of the scanned-ballot datafile during transit over the internet (from the stakeholder scanners to the stakeholder blockchains) by requiring anyone who wants to read the ballot datafile to expend computing power and time to solve the cryptographic puzzle in order to open the datafile.
  • If a cryptographic puzzle were not used, then bad actors could easily censor/block scanned-ballot datafiles without needing to expend time and resources to solve the cryptographic puzzle to find out if the ballot meets their censorship criteria. 

8. Multiple Independent-Stakeholder Scanners—in a Scanner Set Assembly.

  • Creates the ability to automatically determine whether the independent-stakeholder scanners have unanimous agreement on a given Ballot ID #’s scanned-ballot datafiles.
  • Creates the ability to help recognize if an independent-stakeholder scanner is censoring any of its own scanned-ballot datafiles.
  • If multiple independent-stakeholder scanners were not used, then bad actors could corrupt just a single scanner with malware to alter or censor scanned-ballot datafiles, and it would be far more difficult to recognize whether the scanned-ballot datafiles had been corrupted because the scanned-ballot datafiles would need to be manually compared to the paper ballots.   
  • The multiple independent  stakeholder scanners neutralize a corrupt stakeholder censoring scanned-ballot datafiles from its own scanner transmissions (while the multiple independent  stakeholder blockchains neutralize a corrupt stakeholder censoring ballots on its own blockchain).  

9. Shredder—in the Scanner Set Assembly.

  • Shreds the Ballot Private Key QR Code (printed in invisible ink) after its digital signature is applied to the scanned-ballot datafile. 
  • If the shredder were not used, then bad actors could try to use the Ballot Private Key to create and transmit counterfeit scanned-ballot datafiles to the stakeholder blockchains, and although the Ballot ID#s with conflicting  scanned-ballot datafiles would be detectible and discounted from the vote tallies, the extra conflicting datafiles could be used to try to sow discord, force a manual count of paper ballots, and/or overwhelm the blockchain network. 

10. Multiple Independent-Stakeholder Blockchains—in the network of cooperating blockchains.


Store cryptographically verified copies of all scanned-ballot datafiles from all the independent-stakeholder scanners.  


Each stakeholder blockchain likely stores the scanned-ballot datafiles in different sequences (based on their differing travel paths and speed over the internet from the scanners to the stakeholder blockchains), but the count of scanned-ballot datafiles on the blockchains will be identical if all the blockchains store all the scanned-ballot datafiles.  

  • And even if a  stakeholder blockchain is missing all or some of a Ballot ID#s scanned-ballot datafiles from the various stakeholders, that does not cause the Ballot ID# to be discounted from the vote tallies as long as just one of the other stakeholder blockchains has a cryptographically verified copy of the Ballot ID#s scanned-ballot datafile.  
  • Thus, a stakeholder cannot force a ballot to be discounted by withholding the ballot’s scanned datafiles from its own blockchain because a Ballot ID# will only be discounted from the vote tallies if one of its stakeholder scanned-ballot datafiles is conflicting rather than missing on any of the blockchains.
  • The multiple independent  stakeholder blockchains neutralize a corrupt stakeholder that is censoring ballots on its own blockchain, while multiple independent-stakeholder scanners neutralize a corrupt stakeholder censoring scanned-ballot datafiles from its own scanner transmissions.

If multiple Stakeholder Operated Blockchains were not used, then bad actors could censor or alter scanned-ballot datafiles via a 51% attack on the single blockchain, and although the tampering would be detectible (via comparison to previous versions of the blockchain), the tampering could be used to sow discord and force a manual count of paper ballots.


Key Records

in PaperBallotchain

(Back to Contents)

Paper Ballot Template

(Not linked to a human identity)

Folded and sealed in a tamper-evident way that conseals the Ballot ID# and the Ballot Private Key


Live PaperBallotchain Vote Tallies Report

produced by open-source blockchain explorer designed to display consolidated results

from all the independent stakeholder blockchains storing the Stakeholder-Scanned-Ballot Datafiles


Paper Logs of Voter-Reported Problems

Ballots failing to post on all stakekholder blockchains or altered ballots posting on a blockchain


Pre-Election-Published

Ballot ID#s, Ballot Public Keys, Batch #s, and Polling Station Assignments


Pre-Election-Published

Independent-Stakeholder-Scanner ID#s, Scanner Public Keys, and Polling Station Assignments

Share by: