Private voting at everyone’s reach

As digital governance continues to gain traction and blockchain ecosystems mature, the demand for privacy-preserving voting mechanisms is stronger than ever. From on-chain governance to civic elections, ensuring both verifiability and voter anonymity presents a challenging problem. The recent development and rise to prominence of easy-to-use zero-knowledge proofs (ZKPs) systems are reshaping the landscape.

In this article we will discuss the current state of the art and showcase a simple PoC app that can be easily implemented for homebrew private voting or whistleblowing systems.

‍

The Rising Need for Private Voting

The shift towards digital platforms necessitates guarantees of:

• Privacy: No third party should be able to link a voter to their vote.
• Verifiability: Anyone should be able to verify that votes were counted correctly.‍
• Resistance to Coercion: Voters shouldn’t be able to prove how they voted to avoid coercion or vote-buying.

These requirements are especially pressing in blockchain contexts where transparency in transactions is enforced, with some notable exceptions (e.g. Aztec, ZCash). 

‍

The role of ZK-proofs

ZK-Proofs are exceptionally well suited to accomplish these features, with their innate ability to enforce arbitrary constraints and publicise only the desired information.

In this realm, Noir stands as a remarkable tool due to its easy-to-use implementation, making zk-proofs widely available and easily integratable to webapps.

Through ZK-proofs, the system can implement

• Eligibility Verification: A voter can prove they are on the official voter roll.
• Uniqueness: A voter can prove they have not already cast a ballot.
• Ballot Validity: A voter can prove their ballot is correctly formed.
• Privacy: All of these proofs can be generated while the voter's identity remains unlinked to their final vote.
• Public Verifiability: The final tally of all votes can be publicly audited and verified by anyone, without compromising the secrecy of any individual ballot.

‍

The uniqueness issue

On digital systems, proving uniqueness is one of the central issues that must be solved. In this domain, several approaches can be implemented and which solution is preferred highly depends on the nature of the election. 

Some relevant assets to be mentioned are

• zk-passport
  
  • Enables identity verification using passports and ID cards.
  • Relies on centralized identity issuers, which is the current most widely accepted and standardized form of identity verification.
• zk-email
  
  • Can be used to identify the user by any information present in its email account
  • Highly customizable information can be verified on the email account
  • Leverages signatures to validate non tempering of sender and email content.
• worldcoin
  
  • The world id provides a unique personhood verification, based on biometric data. With proof of membership through semaphore, It can issue voting permits without revealing information.

‍

Private-voting systems

The landscape is growing and evolving rapidly, leveraging the fast development currently ongoing on the zk-proof realm. 

A few notable projects are mentioned below

• Semaphore
  
  • zk-proof protocol that allows you to cast a message as a provable group member, with on chain verification of ballot.
• MACI (Minimal Anti-Collusion Infrastructure)
  
  • On-chain voting protocol which protects privacy and minimizes the risk of collusion and bribery.
• Freedomtool
  
  • Open source project that leverages zk-passport to enable private voting

‍

Private voting PoC

As part of noirlang’s noirhack we developed a simple private voting PoC. We used  zk-email’s noir-jwt library, which allows you to privately proof any information in a JWT token. 

For this application we used it to prove that the user is logged in with a google account and generate a nullifier derived from the google credentials without revealing them. This nullifier enforces that only one vote is cast per account. 

• The nullifier is derived from private data only known by google and the user, if google databases are leaked, the identities could be brute forced looping through the entire database and generating the corresponding nullifier.

The proof is generated on the client side, and then submitted to the server for verification and ballot submission.

This PoC could easily be extended to verify additional information, such as an email having a specific domain (e.g. username@ratherlabs.com) or containing certain information indicating the role in the company.  Furthermore, zk-email and zk-passport libraries could be used for alternative and more refined identity verification mechanisms. 

Finally, semaphore could be leveraged for a more robust election handling and on chain voting, with the additional burden of handling its identity private keys.

Feel free to fork our repository and use it as a starting point for your own developments!

‍

Final Remarks

The private-voting landscape is quickly changing due to the continuing and rapid development of zk-proof systems.

Though the uniqueness problem remains to be solved, several efforts are already production ready or underway, with an optimistic path forward.

The dream of fully decentralized voting systems that preserve privacy and maintain full accountability is closer than ever! 

We encourage you to dive into the zk-proof realm and explore its endless possibilities.