Seeing is not Believing: America’s Election Security Problem Runs Deeper than the Blockchain
On November 4th, 2020 a crowd descended upon the Maricopa County Recorder’s Office in Phoenix. They held flags, picket signs, and rifles, chanting pro-Trump messages to protest what they believed to be a flagrantly stolen election. Having served as an aid to the Biden Campaign in Maricopa County, the protests soured a day that should have been celebratory, as Fox News had projected Joe Biden the winner in Arizona the night before. Disturbed, I imagined the protests would die down as the votes were independently verified.
We know now that this protest was not the last or most violent of its kind, but even before the events of November 4th, the American public had little faith in US election security. After mailing in my ballot and confirming its reception with my phone, I was certain that my vote had been counted accurately in my home state of North Carolina. But this sentiment placed me in the minority according to a 2018 Pew Research poll in which only 8% of Americans reported that they were “very confident” that our election systems would come out on top against foreign or domestic hacking attempts.
In the past year, our democracy has proved itself more resilient than expected, holding off intense political rhetoric, myriad legal challenges, theatrical audits, and an attempted insurrection at the US Capitol. Even so, voting security and access remains a hot button issue, and some outlets have suggested a unique solution to dispel these disagreements and render our electoral system more secure, transparent, and convenient: the blockchain. Would a blockchain election have enabled the Maricopa County protesters to lay down their guns and verify the vote themselves—or are we looking for a solution on the wrong side of this equation?
To envision the blockchain, imagine a group of Harvard roommates at a table, balancing their weekly credits and debts to each other. They each have their own ledger and can see how much money each roommate has, but they can only exchange money through a communal ledger in the middle of the table. Each line in the ledger contains a difficult math problem—only solvable through guessing and checking—that the roommates race to crack. Whoever gets the correct answer first not only gets to add a transaction to the ledger but gets a dollar added to their balance. Importantly, this numerical answer also influences what the next math problem will be, so no one can work ahead. Wanting to ensure the transaction is correct, all members take note of what is being written in the communal ledger for their own records as well. Let’s say one roommate, Tom, tries to steal money by writing a fraudulent transaction in the ledger. The rest of the roommates can recognize this and, when it is their turn to add to the communal ledger, they can place their correct personal ledgers in the center of the table, setting the record straight. To keep up his con, Tom would have to consistently beat his roommates to the correct answer, a tall order among his Harvard peers, especially when money is involved.
Although its network spans tens of thousands of computers instead of a handful of roommates, it is through this algorithm that users around the world securely trade cryptocurrencies like Bitcoin. But if we trust the blockchain with billions of dollars of real money, then why not our votes? Couldn’t American voters be assigned a private token that they could “pay” to a candidate as a vote, with the country watching the tally in real time? This is exactly what virtual voting startup Horizon State proposes: citizens vote with a unique and publicly visible code submitted on the blockchain so that everyone sees your vote, but only you know that it is yours.
Although at first it seems a straightforward upgrade, a system like this presents significant drawbacks when compared to traditional paper ballots and voting centers, even on the topic of
security. Although it is unlikely that hackers could change votes directly through the blockchain, they can absolutely influence the thousands of different devices and softwares through which people access the blockchain. Even further, hackers could target Internet or power sources that serve these devices, denying voting capabilities to key parts of the country on election day. Instead of changing the ledger, this is the equivalent of Tom locking his roommates out or stealing their pens.
Another fault of a blockchain voting system is that it is, in some ways, more centralized than a traditional voting system. One unique strength of paper ballots is their disbursement across the country in physical form. To sway the vote, malicious actors would need to physically alter many ballots, likely in several geographical locations. To decentralize a blockchain-based system, many voting blockchains would have to be run separately, their smaller size rendering them more easily outnumbered by comparatively smarter Toms. Additionally, with multiple blockchains, ensuring that not a single example contained security vulnerabilities would be nearly impossible. A 2020 MIT paper points out that, even today, 27% of Bitcoin networks contain a known security vulnerability first identified two years earlier.
Even immutable blockchains suffer from another security risk: human error. In 2020, cryptocurrency fraud claimed tens of millions of dollars even from technologically literate blockchain users. In a blockchain-based voting scenario, how could we protect voters from having their tokens stolen or used against their will? This presents a final caveat with blockchain voting and online voting in general: they come with the inherent alienation of certain demographics, particularly those without stable internet connections or technological experience. If an election system requires citizens to locate an approved device and network from which to vote, how does this provide more convenience and security than a mail-in ballot?
Finally, we cannot pretend this conversation is really about election security, or that America’s growing distrust in our democracy is based on hard evidence. Cases of election fraud in the US remain exceptionally remote, and although blockchain voting is unlikely to significantly improve voting security, speed, or accessibility, it also fails to improve on what may be the most important consideration for our current political climate: stigma. In a country, where “auditors” scanned ballots for bamboo to verify whether or not they originated from China, do we seriously expect a good-faith attempt for politicians and pundits to understand the blockchain, for some a topic already associated with dark money and ransomware?
At the end of the day, paper ballots, electronic scanning machines, and phone calls are simply easier to digest in the event of inevitable confusion. It was the very precinct in which I was working that, in an event deemed “Sharpiegate” by Twitter, a voting station mistakenly provided some voters sharpies to fill out their ballots, leading to a multi-day storm of speculation about the fate of these votes. In the end, they were counted by hand, with election observers watching. But to the armed protesters outside of the Maricopa County Recorder’s Office—or the US Capitol—election observers weren’t good enough, and the blockchain won’t be either. Our concern should not be that Tom will rob his roommates; it should be that Tom will declare the ledger rigged, and flip the table.