Juliacon 2024

In conventional E2E verifiable e-voting systems such as Helios, Verificatum, ElectionGuard and others, the vote is stored in a group element, encrypted and signed with a digital identity provider, and then submitted to the bulletin board. When the vote closes, votes go through the reencryption shuffle and are decrypted in the threshold decryption ceremony. Voters can ensure that their vote has been counted by finding their encrypted vote within the list of inputs of the mix cascade. Furthermore, everyone can verify the final tally by counting the decrypted votes and verifying supplemented zero-knowledge proofs without compromising privacy. In this way, the integrity of the election result can be assured.

However, issues like forced abstention and potential vote substitution of unverified votes can happen if authorities are corrupt and auditing/monitoring does not occur. Publishing vote-casting signatures can alleviate many of those issues, but that violates participation privacy. The threshold decryption ceremony further compounds the system's complexity; if more than a few collude, votes remain encrypted, while a low threshold risks privacy breaches. The result is that deploying current E2E verifiable voting systems is the unreachable goal for small and medium-sized organisations if privacy, integrity and robustness are assured.

PeaceFounder is an alternative approach that is the first to revitalise the work proposed by Haenni & Spycher and improve it using history trees. The immutability of the bulletin board is maintained replication-free by voter’s client devices with locally stored consistency-proof chains. Meanwhile, pseudonym braiding done via an exponentiation mix before the vote allows anonymisation to be transactional with a single braider at a time. In contrast to existing E2E verifiable e-voting systems, it is much easier to deploy as the system is fully centralised, free from threshold decryption ceremonies, trusted setup phases and bulletin board replication. Furthermore, the body of a vote is signed with a braided pseudonym, enabling unlimited ballot types.

You might wonder why Julia is for such a project. Julia is known for high-performance computing but has yet to be the first pick for e-voting systems, cryptographic protocols or, in fact, full-stack applications. However, its rich ecosystem and code readability, adaptability, and performance make it an excellent choice. Furthermore, Julia's robust type system and multiple dispatch capability have been instrumental in precisely modelling and efficiently implementing the core structures of PeaceFounder.

In the talk, following the introduction, I'll present a brief demo of the system. This will include server setup, registration of members, braiding, proposal announcement, voting, and, finally, the overview and auditing of the public evidence. Then, after the short demo, I will outline the project's requirements and how Julia ecosystem helps to address those needs.

The last part of the talk will concern an obvious question of why the project is not done in the Rust. The reasons will include reliance on heterogonous lists, garbage collection, and operator overloading for cryptographic operations to keep the notations aligned with pseudocodes in the papers. A rich standard library has been a big plus. In contrast, using complex external libraries like QML or SMTPClient without worrying about compilation and linking issues has been a stellar experience. Furthermore, parallelising a proof of shuffle (if the scaling ever would need to be addressed) would be a much more pleasant experience in Julia as it is a simple HPC problem and even allows to explore the utilisation of GPU with elliptic curves on binary fields while also maintaining readability of the code.

However, the lack of ability to deploy mobile apps written in Julia will likely make Rust relevant in the future, and this will be fine. Meanwhile, figuring out the exact details of how the PeaceFounder should function and include all imaginable features that do not impede deployability is much easier in Julia. Ultimately, a detailed specification of the PeaceFounder system will be necessary, and it's better if this specification is tested in practice rather than remaining theoretical.

Through this talk, I present a convincing case for Julia as a viable candidate for complex full-stack applications. Additionally, I will introduce the PeaceFounder e-voting system, which may inspire some to try its deployment, report issues, and contribute to the project.

For more details on the system, refer to a preprint that expanded upon work presented as a poster at the EVoteID 2023. The preprint is available at https://eprint.iacr.org/2024/1040.