Open Protocol
VoteChain
Cryptographic voter verification and ballot integrity for U.S. elections — replacing trust assumptions with mathematical proofs
Two protocols, one mission → 60 seconds
AI Document Summarizer
█ Reading verification layer (VoteChain PRD)...
█ Reading ballot integrity layer (EWP)...
█ Cross-referencing architecture & assurance...
█ Mapping the proof-of-concept demo...
█ Compiling summary...
The school election version:
What is VoteChain?
Imagine your school is holding an election for class president. Right now, someone collects the ballots, goes into a back room, and comes out saying "here are the results." You have to trust that person. VoteChain is a plan to replace trust with proof — so everyone can check for themselves that the election was fair.
Two big jobs:
- Job 1: Are you allowed to vote? Before you get a ballot, the system checks that you're a real student at this school (not someone who graduated last year, not someone from the school across town, and not someone pretending to be you). It does this using special math that proves you're allowed without telling anyone your name.
- Job 2: Was your vote counted correctly? After you vote, your ballot goes into a locked glass box that everyone can see but nobody can open alone. At the end, a group of teachers (not just one) open the box together and count the votes in front of everyone. They show their math so anyone can double-check the answer.
What's on this site?
- The VoteChain PRD — the blueprint for Job 1 (checking who's allowed to vote)
- The Election Web Protocol (EWP) — the blueprint for Job 2 (making sure ballots are counted right)
- The Architecture page — a map showing where all the servers live and who runs them
- The Proof of Concept (POC) — a working demo you can try right in your browser
- The Assurance Playbooks — 14 checklists for testing the system before anyone uses it for real
Why publish all this?
Because "trust me, it works" isn't good enough for elections. Everything is public so that security researchers, election officials, journalists, and regular citizens can read it, poke holes in it, and help make it better. If something is wrong, it's better to find out now than on election day.
Want more detail? Slide the bar to the right. Or close this and explore the pages below.
Here's what VoteChain is and what's on this site:
What is VoteChain?
VoteChain is a two-layer protocol for U.S. election integrity. It replaces "trust the institution" with "verify the math." The first layer handles voter verification (are you eligible?), and the second handles ballot integrity (was your vote counted correctly?). Together, they create an end-to-end chain of cryptographic proof from registration to final tally — without revealing who you are or how you voted.
The two layers:
- Layer 1 — Verification (VoteChain PRD): A permissioned blockchain with 74 nodes operated by federal, state, auditor, and oversight entities. It answers four questions about each voter: citizen, eligible, alive, and not already voted. It uses zero-knowledge proofs so the system can verify eligibility without learning the voter's identity. No PII is stored on-chain.
- Layer 2 — Ballot Integrity (EWP): An Election Web Protocol that provides end-to-end verifiability. Ballots are encrypted so only a group of independent trustees (not any single person) can decrypt them. A public append-only bulletin board records every encrypted ballot, and VoteChain anchors ensure the log can't be tampered with. At tally time, trustees cooperate to decrypt the aggregate results and publish mathematical proofs that anyone can independently verify.
What you'll find on this site:
- VoteChain PRD — The 1,525-line blueprint for voter verification: enrollment, credentials, fraud detection, and the five verification pillars (citizenship, eligibility, liveness, uniqueness, chain-of-custody).
- Election Web Protocol (EWP) — The ballot integrity specification: encrypted casting, Benaloh challenge (cast-as-intended), bulletin board transparency, threshold decryption, and verifiable tally proofs.
- Architecture — The server map showing where each component runs, who operates it, trust zone boundaries, and three deployment modes (polling place, supervised kiosk, remote).
- Proof of Concept — A browser-based demo implementing simplified versions of the protocols: generate credentials, cast encrypted ballots, verify receipts, and inspect the oversight dashboard. Everything runs locally in your browser.
- Assurance Playbooks — 14 internal testing guides covering threat modeling, crypto review, red team exercises, privacy audits, equity testing, and more. Published for transparency so anyone can evaluate whether the testing is rigorous enough.
Design principles:
- No single point of failure. The 74-node ledger requires 3 of 4 operator categories to agree before anything is recorded.
- Ballot secrecy by design. Threshold encryption means no single trustee can see individual votes. Only the aggregate is decrypted.
- Verification, not trust. Every claim the system makes comes with a mathematical proof that anyone can check independently.
- Free for voters. Enrollment, credentials, and verification are provided at no cost to the voter.
Close this and explore the protocol documents, architecture, POC demo, and assurance playbooks below.
Technical overview:
System scope:
Two complementary protocols for U.S. election integrity: VoteChain (voter verification on a permissioned ledger) and EWP (end-to-end ballot integrity with verifiable tally). This site publishes the complete specifications, a production architecture map, a browser-based proof of concept, and 14 internal assurance playbooks.
Layer 1 — VoteChain (Verification):
- Ledger: 74-node permissioned BFT network (Hyperledger Fabric-class). Node distribution: 6 federal, 50 state, 12 auditor, 6 oversight. Category-quorum consensus: 3-of-4 categories, ≥2/3 intra-category.
- Identity: W3C DIDs with voter-held private keys. Enrollment via multi-source identity checks (SSA, USCIS, state vital records). DID-to-PII linkage only in state-operated encrypted vaults.
- Verification: Five pillars — citizenship (2-of-4 attestation), eligibility (per-election smart contract), liveness (biometric or non-biometric first-class path), duplicate prevention (nullifier = H(DID, election_id)), chain-of-custody (device HSM attestation). All verified via zk-SNARKs without disclosing identity.
- Fraud detection: Synchronous (nullifier collision, invalid ZKP, geographic impossibility) + asynchronous (death matching, judicial drift, enrollment anomaly clustering). Flag lifecycle: Detected → Triaged → Investigated → Resolved (immutable on-chain).
- Cost model: ~$870M capex, ~$375M/yr opex (~$5.60/vote). 5-year phased rollout.
Layer 2 — EWP (Ballot Integrity):
- E2E verifiability: Cast-as-intended (Benaloh challenge), recorded-as-cast (BB inclusion proof + VoteChain anchor), counted-as-recorded (tally proof against BB closing STH).
- Crypto suite: Exponential ElGamal (
ewp_suite_eg_elgamal_v1). Ballot validity via disjunctive Chaum-Pedersen proofs. Homomorphic tally. Threshold decryption (Pedersen DKG / Shamir) with published partial-decryption proofs. Compatible with ElectionGuard. - Bulletin board: Append-only Merkle log with HSM-signed STH checkpoints. Non-equivocation via monitor gossip + VoteChain anchor linkage.
- Deployment modes: Mode 1 (polling place, primary), Mode 2 (supervised kiosk), Mode 3 (unsupervised remote, gated behind 7 hard criteria including coercion mitigation red-team validation).
Architecture:
- Strict two-plane separation: eligibility plane (VoteChain) and ballot content plane (EWP). Sole coupling point: audit anchors (hash commitments).
- 13 server roles across 5 operator categories: election authority, consortium, trustees, monitors, external data sources.
- Trust zones: no single operator can alter outcomes. Multi-category quorum for writes, public read path, air-gapped trustee key material, independent monitor infrastructure.
Proof of Concept:
- Browser-only implementation (localStorage state, no server). Simplified Schnorr-style ZK eligibility proofs + ECIES ballot encryption + t-of-n threshold decryption model.
- Four views: Voting Client (credential → challenge → cast → receipt), Receipt Verification (signature + Merkle + anchor checks), Oversight Dashboard (VCL events, BB leaves, fraud flags, tally), Trust Portal (independent key/proof verification).
Assurance:
14 internal playbooks: threat modeling, attack case library, penetration testing, crypto/protocol review, EWP conformance testing, red team exercises, VDP/bug bounty readiness, secure code review, operational audit, monitoring/non-equivocation, privacy audit, usability/phishing defense, equity/access testing, load/failover drills. Published pre-3P audit to raise the baseline.
Explore the full specifications, architecture diagrams, POC demo, and assurance playbooks below.
VoteChain is a two-layer protocol for election integrity. The verification layer answers “is this voter eligible?” using cryptographic credentials on a permissioned ledger — no PII on-chain, no biometric mandates. The ballot integrity layer (EWP) provides the chain of custody from cast to tally — encrypted ballots, append-only logs, and verifiable decryption proofs.
Everything here is published for transparency and critique. The POC runs entirely in your browser. The protocol documents are open for review.
Two-Layer Architecture
Layer 1: Verification
VoteChain PRD
- 1. Citizen?
- 2. Eligible (jurisdiction + election)?
- 3. Alive / liveness satisfied?
- 4. Already voted (nullifier uniqueness)?
Layer 2: Ballot Integrity
Election Web Protocol (EWP)
- 1. Ballot encrypted (voter client)
- 2. Recorded on bulletin board
- 3. Included in tally set (Merkle proof)
- 4. Counted correctly (verifiable decryption)