Frequently Asked Questions

150 Questions, Answered Honestly

What VoteChain is, what it isn’t, what’s solved, and what’s still open — in plain English

150 Total

118 Answered

32 Open

The Basics

What VoteChain is, what it does, and what it does not do.

What is VoteChain?

VoteChain is a proposed voter verification and ballot integrity system for U.S. federal elections. It uses cryptographic proofs — not trust in any single person or agency — to confirm that voters are eligible, that each vote is counted exactly once, and that nobody can tamper with the record after the fact.

Is VoteChain a voting machine?

No. VoteChain is a verification and audit layer that sits alongside existing election infrastructure. It does not replace ballot casting or counting equipment. A companion protocol called the Election Web Protocol (EWP) handles ballot integrity — the chain of custody from cast to tally.

Has VoteChain been used in a real election?

No. VoteChain is a technical blueprint, not a deployed system. It has not been certified by any election authority. The performance and security numbers in the design documents are targets, not proven results. A working proof-of-concept demo runs entirely in your browser for educational purposes.

Why use a blockchain instead of a normal database?

A normal database has an administrator who can change or delete records. A blockchain distributes the ledger across 74 independent nodes — operated by federal agencies, all 50 states, independent auditors, and congressional oversight bodies. Altering a record would require corrupting a majority of nodes across multiple categories, which is computationally infeasible.

Is this like Bitcoin or cryptocurrency?

No. VoteChain uses a permissioned consortium blockchain with no tokens, no mining, no gas fees, and no speculation. Only authorized government and oversight entities can operate nodes. It borrows the tamper-resistance properties of blockchain technology without the economics.

What problem does VoteChain solve?

Today, the U.S. has 50 different voter ID systems, fraud detection that takes weeks, and contested results that erode public trust. VoteChain aims to answer four questions with mathematical certainty: Is this person a citizen? Are they eligible here? Are they alive and present? Have they already voted?

Do I need to understand cryptography to use VoteChain?

No. For voters, the experience is simple: enroll once, then tap your phone or card at the polls. All the cryptography happens behind the scenes. You never see a hash, a proof, or a blockchain address.

What are the "Five Pillars" of verification?

Every verification checks five things: (1) Citizenship — confirmed via government databases at enrollment. (2) Eligibility — registered in the right jurisdiction. (3) Liveness — the person is alive and physically present. (4) Uniqueness — they have not already voted in this election. (5) Chain of custody — the verification device itself has not been tampered with.

What is the Election Web Protocol (EWP)?

EWP is the companion protocol that handles ballot integrity — ensuring every ballot is encrypted, recorded on a public bulletin board, included in the tally, and counted correctly. It provides the cryptographic chain of custody from the moment you cast your vote to the final count.

Who controls VoteChain?

No single entity. Consensus requires agreement from at least 3 of 4 node categories (federal, state, auditor, oversight), and at least one independent category must always be in the approving set. No political party, branch of government, or state can unilaterally control the system.

What happens to my current voter registration?

Your state voter registration remains in place. VoteChain links your cryptographic credential to your registration using encrypted state storage. On-chain, only a hashed jurisdiction linkage is recorded — not your name or address.

Can I still vote with a paper ballot?

Yes. VoteChain is a verification layer, not a ballot format. How you mark your choices — paper, touchscreen, or accessible device — is a separate decision. The EWP ballot integrity protocol works with both electronic and paper-based casting systems.

Privacy & Surveillance

12 2 open

How VoteChain protects your identity and prevents government tracking.

Can the government see how I voted?

No. VoteChain verifies eligibility and ballot issuance only. Ballot selection is handled by a completely separate system (the Election Web Protocol). The two are architecturally separated — VoteChain literally cannot reveal how you voted because it never has that information.

Is my name stored on the blockchain?

No. No personally identifiable information (PII) is stored on-chain — ever. The blockchain only stores cryptographic attestations tied to your Decentralized Identifier (DID), which is a random-looking string of letters and numbers that is not linked to your real identity on-chain.

What are zero-knowledge proofs and why do they matter?

A zero-knowledge proof lets VoteChain confirm "this person is eligible and hasn't voted yet" without revealing who they are. It is a mathematical way of proving a statement is true without showing any of the underlying data. Poll workers see a green light or red light — nothing else.

Could someone correlate my identity by tracking when and where I voted?

The system mitigates this: verification records use polling-place hashes (not addresses), and timestamps are rounded to 15-minute windows on-chain. Linking a DID to a real person requires court-ordered access to the encrypted state PII vault.

What if a node operator reads my verification data?

All verification data is encrypted in transit and at rest. Node operators see encrypted blobs, not cleartext. They can confirm the ledger is consistent without being able to read individual records.

Can VoteChain data be subpoenaed for political targeting?

DIDs are pseudonymous. Linking a DID to a real person requires a court order to access the state PII vault. The proposed legislation explicitly prohibits using VoteChain data for non-election purposes — including immigration enforcement, law enforcement, and commercial use.

Where is my biometric data stored?

If you choose the biometric path, your template is stored only on your personal device or secure card — never in a central database, never on the blockchain. At the polls, only a "match: yes/no" result is produced. The raw biometric never leaves your device.

What happens to my data after an election?

On-chain verification records are permanent (that is the whole point of the audit trail). Enrollment PII in the encrypted vault is purged 10 years after your last verification. Biometric templates remain under your control on your device until you delete them.

Could a future government misuse the system for mass surveillance?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

This is a legitimate concern. The architecture is designed to make misuse structurally difficult: PII is off-chain, DIDs are pseudonymous, multi-party consensus prevents unilateral access, and legislation prohibits non-election use. However, no technical system can fully prevent political misuse if laws change. Ongoing independent oversight and public auditing are the long-term safeguards.

Can I opt out of VoteChain entirely?

The design mandates VoteChain for federal election verification, but provisional ballot rights are always preserved. If you cannot or will not enroll, you can still vote via the existing provisional ballot process under HAVA. Your vote would be adjudicated through a tracked workflow.

How does the receipt system avoid proving how I voted?

Cast receipts contain only a bulletin board leaf hash, a signed tree head, and a VoteChain anchor — none of which reveal ballot content. Even if you share your receipt with someone, they cannot determine your vote selections from it. Threshold decryption ensures no single party can decrypt an individual ballot.

What stops the government from tracking IP addresses of remote voters?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

For remote voting (Mode 3, which is gated and not yet approved), the design requires an OHTTP or equivalent proxy layer to prevent gateway operators from correlating IP addresses with voters. However, this is an unsolved gate criterion — independent traffic-analysis audits must validate it before any remote deployment.

Security & Hacking

12 2 open

How VoteChain defends against nation-states, insiders, and hackers.

What if a nation-state attacks the blockchain?

Nodes are geographically distributed across the country, use hardware security modules (HSMs) for key storage, run on separate networks, and have DDoS protection with air-gapped backup nodes. Compromising the system would require corrupting a majority of nodes across multiple independent categories — federal, state, auditor, and oversight.

What if a single node is hacked?

A compromised node is reduced to observer status. The other nodes continue consensus without it. The affected operator has 24 hours to bring a backup node online. No single node compromise can alter the ledger because consensus requires multi-category agreement.

What if someone hacks a poll worker's device?

Every verification device has its own cryptographic identity (device DID) stored in a hardware security module. If a device is compromised, its attestations are revoked, all verifications it performed are flagged for review, and backup hardware is deployed. The Benaloh challenge also lets voters audit their encrypted ballot independently.

Can quantum computers break VoteChain?

VoteChain specifies post-quantum cryptographic algorithms (following NIST PQC standards published in 2024) for all new key generation, plus a migration plan for existing keys. This is a long-term threat, not an immediate one, but the architecture is designed for cryptographic agility.

What if someone steals my credential?

Your credential requires liveness verification at the polls — either a biometric scan on your device or a PIN/passphrase plus your device/card plus poll worker attestation. A stolen credential alone is not enough because the thief cannot pass the liveness check.

Who does the security testing?

The plan requires annual red team exercises by at least two independent firms, a continuous bug bounty program with rewards up to $500K for critical vulnerabilities, and a pre-election stress test 60 days before each federal election simulating 2x expected load. Results are published publicly.

What is the Benaloh challenge?

A cast-as-intended verification mechanism. Before casting, you can "challenge" the device to prove it encrypted your actual selections correctly. A challenged ballot is spoiled (not counted) and the encryption is revealed for verification. You can then re-encrypt and cast or challenge again. A cheating device cannot predict which ballots will be challenged.

What happens if the entire network goes down on election day?

Polling devices cache the last known chain state and continue verifications in "optimistic mode." Provisional ballots are always available. Post-election reconciliation resolves any discrepancies. The incident command structure has a runbook for this exact scenario with a 30-minute workaround activation target.

Can a rogue enrollment authority create fake voters?

Credential issuance uses threshold signing — at least 2 of 3 independent enrollment authorities must co-sign any credential. A single compromised authority cannot mint valid credentials alone. Enrollment anomaly detection also watches for patterns like burst registrations from a single address.

What if multiple enrollment authorities collude?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

If the required threshold of issuers collude and stay within the voter roll ceiling, the attack succeeds cryptographically — the system cannot distinguish forged credentials from legitimate ones. This is a known residual risk mitigated by operational controls: independent issuer selection, legal deterrence, audit trails, and post-election statistical analysis.

What if someone tampers with the bulletin board?

The bulletin board is an append-only Merkle log. Independent monitors (at least 3 operators from at least 2 different organizations) continuously check signed tree heads, consistency proofs, and VoteChain anchors. If the BB shows different histories to different observers, monitors detect the inconsistency and alert.

How is the system protected against insider threats?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

No single operator can alter records. Consensus requires multi-category agreement (federal + state + auditor + oversight). All operator actions are logged on-chain. Smart contract updates require multi-party approval with a 30-day public comment period for non-emergency changes. This is an area where governance design is as important as cryptography.

Voter Experience

11 1 open

What enrollment and election day actually look and feel like.

How do I enroll in VoteChain?

Enrollment happens once (or once per decade for re-verification). You provide your name, date of birth, and identifiers at any enrollment location — DMV, library, community center, post office, or via a mobile enrollment van. The system verifies your identity through government databases, not by looking at a card. Target time: under 30 minutes.

Do I need a government-issued photo ID to enroll?

No. The system verifies identity through multi-source database matching — SSA, USCIS, state vital records, and passport records. A positive match from any 2 of 4 sources constitutes verification. No enrollment channel requires you to already have a photo ID.

What does election day verification look like?

You tap your phone or secure card at the polls. A quick liveness check confirms you are present (biometric scan or PIN entry). The system runs a zero-knowledge proof in the background. The poll worker sees a green light within seconds. Total target: under 60 seconds.

What if I lose my phone or card before election day?

Recovery is available at designated enrollment offices using Shamir secret sharing — a cryptographic technique that splits your recovery key across multiple designated agents. If recovery is not completed in time, you can still vote with a provisional ballot using the existing HAVA process.

What if I get flagged at the polls?

You still cast a provisional ballot. Your case enters a tracked adjudication workflow with notice, status updates, and appeal pathways. The system defaults to provisional handling whenever data is uncertain — it never silently denies anyone the right to vote.

Do I have to use a fingerprint scanner?

No. Biometrics are optional. A non-biometric path — PIN or passphrase plus your device or card plus poll worker attestation — is always available with equal legal standing, the same wait-time targets, and the same ballot access.

How do I verify my vote was counted?

After casting, you receive a receipt containing a bulletin board hash and a VoteChain anchor. You can independently verify that your encrypted ballot appears on the public bulletin board. Tally proofs let anyone confirm the published count matches the recorded ballots — all without revealing individual votes.

What if I am homeless and have no address?

You can use a shelter address or county election office address for enrollment. Residency is not required for federal elections. Mobile enrollment units and community partner organizations provide support for voters without stable housing.

What happens in same-day registration states?

Same-day registrants cannot complete full enrollment on the spot. The proposed solution is a rapid-enrollment track (target: under 10 minutes) with reduced verification, plus a provisional ballot that is upgraded to regular once full verification completes.

Can I enroll online?

You can start the process online (pre-enrollment) and complete it in-person for the liveness-method setup step. Fully remote enrollment is not supported in version 1 because liveness verification requires a physical presence at least once.

What happens if the verification device at my polling place breaks?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

The immediate switch is to the non-biometric path or a backup device. If all devices fail, provisional ballots are issued under the existing HAVA process. Incident command runbooks specify a 30-minute workaround activation target.

Fraud Detection

11 1 open

How VoteChain catches fraud in real time and resolves false positives.

How does VoteChain catch someone voting twice?

Each voter generates a one-time nullifier — a cryptographic token derived from their identity and the election ID. Before any ballot is issued, the system checks the shared national ledger for that nullifier. If it already exists, the second attempt is instantly flagged and routed to a provisional ballot.

How does VoteChain catch dead people voting?

The system subscribes to continuous death record feeds — SSA Death Master File, state vital records, and hospital/coroner reports. When a death record matches an enrolled voter, a revocation is written to the blockchain within 48 hours. Any future attempt to use that credential is flagged instantly.

Can VoteChain detect someone voting in two different states?

Yes. Because the blockchain is shared across all states, the nullifier check is cross-jurisdictional. If someone votes in Pennsylvania at 8 AM and tries to vote in New Jersey at 2 PM, the second attempt is caught instantly with cryptographic evidence.

What is "geographic impossibility detection"?

If the same credential is used at two polling places closer together in time than physically possible, the system flags it as a geographic impossibility. The second attempt is routed to provisional handling with preserved evidence including timestamps, locations, and device attestations.

What kinds of fraud patterns does VoteChain watch for?

Beyond individual fraud, VoteChain monitors for organized patterns: burst registrations from a single address, a single device verifying unusually many voters, votes from closed polling places at odd hours, mass credential revocations, and statistically unusual verification pass rates at specific locations.

What happens when a flag is raised?

Every flag has a lifecycle: detection → assignment to an oversight team → investigation → resolution with documented legal basis. The voter receives notice and can appeal. No flag permanently blacklists a voter — each has a tracked adjudication workflow.

What about false positives? Will innocent people get flagged?

Any fraud detection system produces some false positives. The critical design choice is that every flagged voter still gets a provisional ballot. VoteChain's cryptographic nullifier system reduces name/DOB-collision false positives compared to current post-election cross-matching, but operational review is still required for every flag.

How fast is fraud detection compared to the current system?

Current systems detect most fraud weeks or months after an election via audits and tip lines. VoteChain operates in two windows: cryptographic checks (nullifier conflicts, invalid signatures) in seconds, and data-feed checks (death records, judicial updates, anomaly patterns) in minutes to hours.

Can an official secretly alter fraud flags after the fact?

No. Every fraud flag, case-state transition, and resolution is immutable on the blockchain. An official cannot delete or modify a flag without it being visible to every node operator and auditor. The evidence chain is cryptographically sealed.

How does VoteChain detect enrollment fraud?

The system watches for fraudulent enrollment patterns: synthetic identity signals, address clustering (50+ enrollments from one address), and enrollment rate anomalies. Credential issuance requires threshold co-signing by multiple independent authorities to prevent single-point forgery.

What is the long-term fraud detection accuracy target?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

The design targets are cryptographic conflict flags in under 30 seconds and asynchronous risk flags in under 24 hours. However, actual accuracy metrics will only be measurable after real pilot elections. The false-positive rate for statistical anomaly detection is still an area requiring calibration.

Accessibility & Equity

11 2 open

How VoteChain works for everyone, not just the tech-savvy.

Do I need a smartphone?

No. Free secure cards are provided at enrollment for voters without phones. These NFC-enabled cards with a secure element work just like tapping a phone. In-person assisted verification is always available.

Do I need internet access?

No. Polling place devices handle all network connectivity. As a voter, you only need your card or phone — the device does everything else. You do not need a data plan, Wi-Fi access, or any internet connection of your own.

Is there a fee to enroll, get a card, or replace a lost one?

No fees, ever. Enrollment is free. Secure cards are free. Device replacement is free. This is a constitutional requirement — the 24th Amendment prohibits conditioning voting on payment, and the design takes that literally.

How does VoteChain serve voters with disabilities?

The design requires audio guidance, large text, and tactile card support for blind or low-vision voters, plus seated-height kiosks. Screen reader compatibility is mandatory. The non-biometric path accommodates voters who cannot use fingerprint or iris scanners due to disability.

What about voters who do not speak English?

Enrollment interfaces must support all Section 203-required languages (as mandated by the Voting Rights Act), and polling devices must support the top 15 U.S. languages. Local nonprofits and multilingual volunteers provide additional assistance.

How does VoteChain reach rural voters?

Mobile enrollment units (buses and vans) travel to underserved areas. Enrollment by mail is available with in-person liveness-method setup at the nearest post office. The system does not require broadband or urban infrastructure.

What about elderly voters who are not comfortable with technology?

Assisted enrollment is available with trained volunteers who walk voters through each step. Election day verification can be as simple as tapping a card — no screens to navigate. Community partners provide phone help lines and "come-to-you" onboarding support.

What if I am incarcerated but legally eligible to vote?

Mobile enrollment units visit correctional facilities, and state eligibility rules are enforced by smart contract. If you are eligible to vote under your state's laws, VoteChain provides in-facility enrollment and verification.

How does VoteChain track whether it is actually equitable?

The system must track enrollment rates, wait times, failure rates, and provisional ballot rates by demographic group. If any group has an enrollment rate more than 5% below the national average, the responsible jurisdiction must publish a remediation plan within 30 days.

Can the ZKP proof generation run on a cheap phone?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Zero-knowledge proof generation is computationally expensive. The design offloads the heavy computation to the polling place device — your phone or card provides the signing key, and the device computes the proof. You do not need an expensive phone.

How will VoteChain work with tribal nations?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Tribal IDs and governance structures are unique. The design calls for dedicated engagement with tribal governments and recognizing tribal enrollment authorities as first-class system participants. However, the specific integration model has not been defined yet and requires direct tribal consultation.

Cost & Funding

10 1 open

What VoteChain costs and how it compares to current election spending.

How much would VoteChain cost?

The baseline estimate is roughly $870 million one-time and $375 million per year. More realistic "expected" scenarios, accounting for federal IT delivery risk and legacy system modernization, range from $2–2.8 billion one-time and $500–700 million per year.

How does that compare to what we already spend on elections?

One commonly cited estimate places 2020 U.S. election administration spending at roughly $4.1 billion across all jurisdictions. VoteChain's annual cost represents roughly 9% (baseline) to 12–22% (expected/high-risk) of that existing spend.

What is the cost per voter?

Approximately $8.30 per enrolled voter per year (assuming 150 million enrolled), or about $5.60 per verified vote (assuming 67% turnout). For context, a single contested election recount costs $3–10 million or more per state.

What is the biggest cost driver?

Staffing is the largest ongoing expense at an estimated $150 million per year — enrollment workers, oversight teams, operations staff, help desk, and election-week surge capacity. Hardware and software development are large one-time costs.

Who pays for it?

The proposed model distributes costs across federal and state budgets, similar to how election infrastructure is funded today. Federal legislation would appropriate initial funding and establish ongoing cost-sharing formulas.

Are the cost estimates reliable?

Honestly, the baseline model assumes substantial reuse of existing government infrastructure and minimal API modernization overruns. Given known federal IT delivery risk, the "expected" scenario ($2–2.8B) is more realistic. A high-risk scenario reaching $3–4 billion accounts for multi-year legacy system remediation and procurement delays.

How much does the security program cost?

The security budget is estimated at $20 million per year — covering red team exercises, bug bounty program (up to $500K per critical vulnerability), audits, and pre-election stress tests. This is described as "non-negotiable."

How much do the secure cards cost?

Approximately $3 per card including the NFC chip and secure element, with a total estimated budget of $150 million one-time and $30 million per year for replacements and new enrollments.

Does VoteChain save money anywhere?

Potentially. A system that reduces contested election outcomes by even 10% could save tens of millions in recount and legal challenge costs per cycle. Faster fraud detection may also reduce post-election litigation. However, these savings are speculative and not yet proven.

What are the biggest cost risks?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

The primary risk drivers are: legacy system integration (government APIs may need major modernization), state-by-state implementation variance, hardware lifecycle replacement logistics, 24/7 support staffing, and security hardening costs that grow as the threat landscape evolves.

Legal & Constitutional

10 2 open

How VoteChain fits within the Constitution and existing election law.

Is VoteChain constitutional?

The design is built around constitutional requirements: the 14th Amendment (equal protection — free enrollment, accessibility mandates), 15th and 19th Amendments (non-discrimination), 24th Amendment (no poll tax — all services free), and 26th Amendment (voting age enforced in smart contract).

Does VoteChain require new laws?

Yes. At minimum: a VoteChain Authorization Act, amendments to HAVA recognizing blockchain verification, explicit privacy protections prohibiting non-election use of data, a federal participation requirement, and a judicial eligibility data framework with due-process guarantees.

Does this violate state sovereignty over elections?

The federal mandate is limited to federal elections only, which Congress can regulate under Article I, Section 4. State and local elections can optionally adopt VoteChain through state legislation, but this is not required.

Could VoteChain be challenged as an "undue burden" on voting?

This is a recognized legal risk under Burdick v. Takushi. The mitigation: free and accessible enrollment, existing methods preserved as fallback, and the argument that VoteChain actually reduces burden compared to current ID requirements. Courts would weigh the burden against the state interest in election integrity.

What about biometric privacy laws like Illinois BIPA?

The architecture is designed to support BIPA-like requirements: biometrics stored only on voter-controlled media, never centrally collected. However, jurisdiction-specific legal review would be needed to confirm compliance in each state.

Can law enforcement search VoteChain records?

Linking a DID to a real person requires a court order to access the state PII vault. The proposed legislation prohibits dragnet searches and non-election use. The 4th Amendment provides additional protection against unreasonable searches.

How are the 50 different felony disenfranchisement laws handled?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Each state's judicial eligibility rules are codified as statute-versioned smart contract logic, evaluated against authoritative court, corrections, and restoration data feeds. When data is stale, missing, or conflicting, the system defaults to a provisional ballot with expedited adjudication — never silent denial.

What legal protections exist against VoteChain data misuse?

The proposed legislation explicitly prohibits using VoteChain data for immigration enforcement, law enforcement, and commercial purposes. PII access requires court order. The oversight board has independent authority to investigate misuse.

How does HAVA compliance work?

HAVA requires that provisional ballots be available. VoteChain preserves provisional ballot handling as a fallback for any verification failure, flag, or system outage. This is a core design principle, not an afterthought.

What happens if a state refuses to implement VoteChain?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

This is an open governance question. The design proposes statutory funding conditions and a federal backstop for continuity, but enforcement mechanisms for non-compliant states have not been fully defined. Emergency waiver policies need specification.

The Technology (Explained Simply)

12 1 open

How the cryptography and blockchain work, in plain English.

What is a "permissioned blockchain"?

Unlike public blockchains (Bitcoin, Ethereum) where anyone can participate, a permissioned blockchain only allows authorized entities to operate nodes. In VoteChain, these are federal agencies, state election offices, independent auditors, and oversight bodies. This provides tamper-resistance without the slowness and openness of public chains.

What is a Decentralized Identifier (DID)?

A DID is like a digital passport number that you control. It is a cryptographic key pair — a public part registered on the blockchain and a private part stored on your device or card. Unlike a Social Security number, your DID cannot be used to look up your name, address, or any personal information.

What is a nullifier?

A nullifier is a one-time code mathematically derived from your identity and a specific election. It proves you voted without revealing who you are. Once used, it cannot be reused — so if someone tries to vote twice with the same identity, the duplicate nullifier is caught instantly.

What is a "zero-knowledge proof" in simple terms?

Imagine proving you are old enough to enter a bar without showing your ID. A zero-knowledge proof lets VoteChain confirm "this person meets all five verification requirements" without the system learning who they are, where they live, or how old they are.

What is "threshold decryption"?

Encrypted ballots can only be decrypted when a minimum number of independent trustees (called a "threshold") combine their secret keys. No single trustee — and no single government agency — can decrypt any individual ballot. This is what protects ballot secrecy.

What is an HSM?

A Hardware Security Module — a tamper-resistant physical device that stores cryptographic keys. Every VoteChain node and verification device uses one. Even if someone physically steals a server, the keys inside the HSM are protected against extraction.

How fast is VoteChain?

Target throughput is 10,000+ transactions per second with block finality in under 3 seconds. For comparison, Bitcoin handles about 7 TPS and Ethereum about 30 TPS. A permissioned chain can be much faster because it does not need energy-intensive mining.

What is a "Merkle log" or "bulletin board"?

A Merkle log is an append-only public ledger where new entries can be added but nothing can be deleted or changed. It is structured as a tree of hashes so that anyone can efficiently verify that a specific entry exists. The bulletin board is where encrypted ballots are published for independent verification.

What does "consensus" mean in this context?

Consensus is the process by which the 74 nodes agree on what gets written to the blockchain. VoteChain uses a Byzantine Fault Tolerant (BFT) consensus that requires 3 of 4 node categories to approve, with at least one independent category always in the mix. This means no single faction can control what gets recorded.

What blockchain framework would VoteChain use?

The recommendation is Hyperledger Fabric or a similar permissioned framework. Hyperledger Fabric is production-proven in supply chain, finance, and healthcare. However, the specific framework selection is an open question — a competitive 90-day evaluation of top candidates is proposed.

Which ZKP system would be used?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

The candidates are Groth16, PLONK, and STARKs, each with different tradeoffs for proof size, generation time, and setup requirements. The specific choice is an open question requiring benchmark testing under realistic election-day load simulations.

What is "post-quantum cryptography"?

Current encryption could theoretically be broken by future quantum computers. Post-quantum cryptography uses mathematical problems that are believed to be hard even for quantum computers. VoteChain specifies NIST PQC standards (published 2024) for new keys, with a migration plan for existing keys.

Coercion & Vote Buying

10 2 open

Can someone force you to vote a certain way or sell your vote?

Can someone force me to vote a certain way?

At a polling place (Mode 1), coercion resistance works the same as today — privacy booths, poll worker oversight, and controlled access. The EWP does not change this; it adds cryptographic verification after the ballot is cast. The hard problem is remote voting.

What about coercion in remote voting?

Unsupervised remote voting (Mode 3) is where coercion becomes a protocol-level concern — the voter is at home or work, possibly under observation. No protocol can fully solve this. VoteChain defines mitigations, not magic. Mode 3 is gated and cannot deploy until coercion controls are independently validated.

What is "revoting" and how does it help?

If enabled, voters can cast multiple times, with only the last valid cast before polls close being counted. If someone forces you to vote under observation, you can later re-cast privately. This reduces coercion but does not eliminate it — a coercer could monitor you until polls close.

Can I go to a polling place to override a remote vote?

Yes. An in-person override allows a verified in-person ballot to replace any remote cast, with an on-chain audit trail. This provides a guaranteed escape path for coerced voters — even if someone forced your remote vote, you can nullify it in person.

Can I prove to someone how I voted?

No. The receipt only proves your encrypted ballot was included on the bulletin board — it does not reveal your selections. Even if you share your receipt with a coercer, they cannot determine how you voted. This "receipt-freeness" is a fundamental design invariant across all deployment modes.

Could someone buy votes through VoteChain?

Vote buying requires the buyer to verify how you voted. VoteChain makes this structurally difficult: receipts do not reveal selections, threshold decryption prevents individual ballot decryption, and revoting allows you to change your vote after being "paid." However, no system can completely prevent all forms of vote buying.

Is remote voting actually safe enough to deploy?

Not yet. Mode 3 (unsupervised remote) has seven hard gate criteria that must all be independently cleared before deployment — including coercion mitigation, network privacy, client integrity, phishing defense, and equity parity. None have been cleared. Modes 1 (polling place) and 2 (supervised) deploy first.

What stops someone from selling their credential?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

The credential requires liveness verification — biometric or multi-factor authentication — at the point of voting. Selling your credential is like selling a key that requires your fingerprint to use. However, in a remote voting scenario, this protection is weaker because the seller could authenticate remotely.

How does VoteChain handle domestic abuse situations?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

In-person voting (Mode 1) provides the same physical separation from an abuser as today's polling places. The in-person override allows a coerced voter to nullify a forced remote vote. However, domestic coercion in remote voting environments remains a fundamentally difficult problem that technology alone cannot fully solve.

Why not just skip remote voting entirely?

That is a legitimate position. VoteChain's Mode 1 (polling place) and Mode 2 (supervised) are designed to work without Mode 3. Remote voting is gated specifically because the design acknowledges it may never be safe enough. Modes 1 and 2 do not wait for Mode 3.

Overseas & Military Voters

8 1 open

How VoteChain serves UOCAVA voters deployed around the world.

Can military members stationed overseas use VoteChain?

Yes. VoteChain explicitly supports UOCAVA voters (active-duty uniformed services, eligible family members, and U.S. citizens overseas). Enrollment happens at embassies, consulates, and military installations with supervised liveness-method setup.

How does overseas enrollment work?

UOCAVA-compliant enrollment is available at consulates, embassies, and military bases. The liveness method is set up in-person at the facility. The system then integrates with existing absentee ballot request and return processes rather than replacing them.

What about submarines or deployed ships with no internet?

Mode 2 (supervised remote) supports satellite or delayed-sync for deployed and shipboard environments. Verification can queue locally on supervised devices and sync when connectivity is available, with post-sync reconciliation.

What if my verification status is uncertain at ballot return deadline?

VoteChain verification status must never suppress a lawful UOCAVA ballot request. If verification is uncertain, the ballot is routed to provisional adjudication with priority review and a deadline-aware triage queue tied to the state's specific FWAB/ballot return deadline.

Can I recover a lost credential from overseas?

Yes. Recovery channels include embassy and consular support, military command assistance, and a proposed 24/7 global voter support operation. The recovery process uses the same Shamir secret sharing mechanism, with identity re-verification at the facility.

Are overseas voters second-class citizens in VoteChain?

The design explicitly requires parity. UOCAVA voters get dedicated enrollment paths, supervised voting environments (Mode 2), recovery support, and deadline-aware adjudication. The myth-vs-fact table directly rebuts the claim that overseas voters are an afterthought.

How are absentee ballot deadlines harmonized across states?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Each state has different UOCAVA ballot return deadlines. The system proposes building a state-by-state deadline matrix with machine-readable cutoff rules and deadline-aware triage queues. However, the specific harmonization model is still an open question.

What time zone support exists for overseas voters?

The proposed 24/7 global voter support operation would staff help channels across time zones and languages. Election-week staffing multipliers ensure coverage during peak periods. The minimum staffing model is still being defined.

Deployment & Timeline

8 1 open

When and how VoteChain would be rolled out.

How long would it take to build VoteChain?

The design separates rapid validation from production readiness. A proof of concept could be built in 1–6 months. Production hardening takes 6–24 months. Live pilots in 3–5 jurisdictions would run from months 24–36. Full federal rollout targets months 36–60.

What has to happen before a single voter uses VoteChain?

Congressional authorization, standards body creation (NIST/EAC/CISA), privacy impact assessment, procurement, a full POC with mock election, production hardening with repeated security testing, and independent readiness assessment. This is years of work before live pilots.

When would the first real election use VoteChain?

The timeline targets a first federal election with VoteChain verification at months 56–60 (roughly 5 years from authorization). This is aggressive — federal IT projects frequently exceed timelines. The design acknowledges this and separates rapid POC from the harder production phases.

Would it be deployed everywhere at once?

No. Deployment is phased, state by state. After pilot elections in 3–5 diverse jurisdictions, states onboard incrementally from months 36–52. The national enrollment target is 80% by months 44–56. Fallback to existing methods continues during transition.

What is the enrollment target?

The Phase 2 pilot targets 50%+ enrollment in pilot areas. The Phase 3 national target is 80% enrollment. Expansion is supported by free enrollment, mobile units, community partner organizations, and voter education campaigns.

What happens if the POC fails?

The Phase 1 POC ends with a public exit report documenting measured limits, risks, and go/no-go criteria for hardening. If results do not meet targets, the program publishes transparent findings and either remediates or halts. This is designed to be an honest evaluation, not a rubber stamp.

Can states opt out?

For federal elections, the design proposes a federal participation requirement. For state and local elections, adoption remains entirely optional — a state legislative choice. Enforcement mechanisms for non-compliant states are still an open governance question.

Is this timeline realistic?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Honestly, it is aggressive. Federal IT projects regularly exceed timelines and budgets. The design tries to mitigate this by separating the rapid POC (months) from production hardening (years), but political dynamics, procurement delays, and legacy system integration are real risks.

Open Questions & Honest Gaps

15 15 open

Things VoteChain does not yet have answers for. Listed honestly.

Which specific blockchain framework should VoteChain use?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Hyperledger Fabric is recommended, but Hyperledger Besu and custom solutions are candidates. The proposal calls for a competitive 90-day evaluation with proof-of-concept from the top 3 candidates. The choice affects throughput, consensus mechanics, and long-term maintainability.

Which zero-knowledge proof system performs best at election scale?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Groth16, PLONK, and STARKs each have different tradeoffs for proof size, generation time, and trusted setup requirements. Real benchmarks under election-day load are needed before a decision. This is not a theoretical question — it affects whether verification takes 5 seconds or 60.

Can 50 different judicial eligibility regimes be codified in smart contracts?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Each state has unique rules about felony disenfranchisement, restoration, pardons, and election-crime disqualifiers. The proposal suggests working with NCSL and state courts to create an open-source, statute-versioned rules library. This is a legal and political challenge as much as a technical one.

What happens if a state misses its implementation deadline?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

The enforcement mechanism is undefined. Options include statutory funding conditions, waiver policies for emergencies, and federal backstop operations. But the political reality of forcing non-cooperative states to comply is not something a technical design can solve.

Can same-day registrants enroll fast enough?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Full enrollment is designed to take under 30 minutes. Same-day registrants need it in under 10. The proposed rapid-enrollment track reduces verification and issues a provisional ballot, but this path has not been tested with real users in real conditions.

Can a $50 phone generate zero-knowledge proofs?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Probably not fast enough. The design offloads computation to the polling place device, but this solution has not been validated. Proof generation is computationally expensive and could create bottlenecks on election day if polling-place hardware is insufficient.

How should smart contract updates be governed?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

The proposal requires multi-party approval (federal + state majority + auditor sign-off) with 30-day public comment for non-emergency changes. But the precise governance model — how to handle bug fixes, emergency patches, and rule changes — needs detailed specification.

How are naturalized citizens with incomplete USCIS records handled?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Legacy records from before digitization are inconsistent. The proposed path is sworn affidavit plus 3 supporting documents plus manual review, but this creates a slower, more burdensome path for a specific demographic — which raises equity concerns.

How do you keep the oversight board independent long-term?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

The proposal includes staggered terms, supermajority removal requirements, and an inspector general with independent authority. But no institutional design is immune to political capture over decades. This is a governance challenge, not a technology problem.

How does VoteChain integrate with tribal nations?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Tribal IDs and governance structures are unique. The design calls for dedicated engagement with tribal governments and treating tribal enrollment authorities as first-class participants. But no specific integration model has been proposed — this requires direct tribal consultation.

Is coercion resistance actually achievable for remote voting?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Maybe not fully. Revoting and in-person override reduce coercion but do not eliminate it. The EWP itself states that "no protocol can fully solve this" for uncontrolled environments. Mode 3 has seven hard gate criteria, and coercion mitigation effectiveness is one of them.

Can federal data sources (SSA, USCIS) actually meet reliability targets?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

This is a major integration risk. VoteChain depends on government APIs that may need significant modernization to meet uptime and latency targets. A formal API readiness audit is proposed but has not been conducted. The high-risk budget scenario accounts for this.

What is the acceptable trustee threshold for ballot decryption?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

The threshold "t" and total "n" for trustee key holders affect both security (collusion resistance) and operational complexity (key ceremony logistics, availability during tally). The right numbers depend on the governance model for federal vs. state elections.

What conformance tests are needed for independent implementations?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Without a published conformance suite and test vectors, interoperability between different implementations is aspirational. This must be resolved before any multi-vendor deployment — otherwise each vendor's system may produce incompatible results.

What minimum staffing model supports 24/7 global voter operations?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

VoteChain needs help desk coverage across all time zones and major languages, with surge capacity during elections. The baseline staffing model, partner surge contracts, and election-week multipliers have not been specified. This directly affects the cost model.

Comparison to Alternatives

8 1 open

How VoteChain compares to paper IDs, centralized databases, and other systems.

How does VoteChain compare to current paper ID checks?

Paper ID checks are simple but have weaknesses: fake IDs exist, fraud detection takes weeks, poll workers see your personal information, and 50 states have 50 different rules. VoteChain aims for faster fraud detection, stronger tamper resistance, and better privacy — but at higher cost and complexity.

Why not just build a centralized national voter database?

A central database creates a single point of failure. One hack, one compromised admin, or one corrupt official could alter records for millions of voters. VoteChain distributes the ledger across 74 independent nodes — compromising the system requires corrupting a majority across multiple categories.

How does VoteChain compare on privacy?

Paper ID checks: the poll worker sees your name and photo. Centralized database: the government sees everything. VoteChain: zero-knowledge proofs mean the poll worker sees only a green or red light, and no PII exists on the blockchain. VoteChain is architecturally the strongest on privacy.

How does VoteChain compare on cost?

Paper ID checks cost roughly $1–3 per vote. A centralized database would cost about $4. VoteChain costs about $5.60 per vote — the most expensive option. The justification is that the additional cost buys tamper-resistance, real-time fraud detection, and public auditability.

What about just improving post-election audits?

Better audits are valuable but catch fraud too late. By the time a post-election audit finds issues, invalid ballots may already be counted, results may already be certified, and remedies may be limited. VoteChain detects cryptographic conflicts in seconds, not weeks.

How does VoteChain compare to the SAVE Act approach?

The SAVE Act focuses on document-based citizenship verification at voting time. VoteChain's approach is "verify once with multiple databases, then use cryptographic credentials." The key difference: VoteChain aims to reduce voter burden rather than increase it, while still achieving stronger verification.

Could VoteChain ideas be combined with simpler approaches?

Yes. Some VoteChain components — like the real-time duplicate detection via nullifiers or the continuous death record monitoring — could be implemented without a full blockchain. The design is modular, and partial adoption of specific ideas is possible.

What system best handles the threat of a compromised insider?

Open

This is an open question. The answer below describes what is currently known. The highlighted area remains unsolved or requires further research.

Paper ID systems rely on the poll worker's judgment. A centralized database can be altered by its administrator. VoteChain's immutable multi-party ledger means a compromised official cannot alter records without detection. However, no system is immune to insider threats at the governance level — this remains an open challenge.

We the People

of the United States

in Order to form a more perfect Union, establish Justice, insure domestic Tranquility, provide for the common defence, promote the general Welfare, and secure the Blessings of Liberty to ourselves and our Posterity, do ordain and establish this Constitution for the United States of America.

Article I — The Legislative Branch

Section 1

All legislative Powers herein granted shall be vested in a Congress of the United States, which shall consist of a Senate and House of Representatives.

Section 2 — The House of Representatives

The House of Representatives shall be composed of Members chosen every second Year by the People of the several States, and the Electors in each State shall have the Qualifications requisite for Electors of the most numerous Branch of the State Legislature.

No Person shall be a Representative who shall not have attained to the Age of twenty five Years, and been seven Years a Citizen of the United States, and who shall not, when elected, be an Inhabitant of that State in which he shall be chosen.

Representatives and direct Taxes shall be apportioned among the several States which may be included within this Union, according to their respective Numbers, which shall be determined by adding to the whole Number of free Persons, including those bound to Service for a Term of Years, and excluding Indians not taxed, three fifths of all other Persons.

The actual Enumeration shall be made within three Years after the first Meeting of the Congress of the United States, and within every subsequent Term of ten Years, in such Manner as they shall by Law direct. The Number of Representatives shall not exceed one for every thirty Thousand, but each State shall have at Least one Representative.

When vacancies happen in the Representation from any State, the Executive Authority thereof shall issue Writs of Election to fill such Vacancies.

The House of Representatives shall chuse their Speaker and other Officers; and shall have the sole Power of Impeachment.

Section 3 — The Senate

The Senate of the United States shall be composed of two Senators from each State, chosen by the Legislature thereof, for six Years; and each Senator shall have one Vote.

Immediately after they shall be assembled in Consequence of the first Election, they shall be divided as equally as may be into three Classes. The Seats of the Senators of the first Class shall be vacated at the Expiration of the second Year, of the second Class at the Expiration of the fourth Year, and of the third Class at the Expiration of the sixth Year, so that one third may be chosen every second Year.

No Person shall be a Senator who shall not have attained to the Age of thirty Years, and been nine Years a Citizen of the United States, and who shall not, when elected, be an Inhabitant of that State for which he shall be chosen.

The Vice President of the United States shall be President of the Senate, but shall have no Vote, unless they be equally divided.

The Senate shall chuse their other Officers, and also a President pro tempore, in the Absence of the Vice President, or when he shall exercise the Office of President of the United States.

The Senate shall have the sole Power to try all Impeachments. When sitting for that Purpose, they shall be on Oath or Affirmation. When the President of the United States is tried, the Chief Justice shall preside: And no Person shall be convicted without the Concurrence of two thirds of the Members present.

Judgment in Cases of Impeachment shall not extend further than to removal from Office, and disqualification to hold and enjoy any Office of honor, Trust or Profit under the United States: but the Party convicted shall nevertheless be liable and subject to Indictment, Trial, Judgment and Punishment, according to Law.

Section 4 — Elections

The Times, Places and Manner of holding Elections for Senators and Representatives, shall be prescribed in each State by the Legislature thereof; but the Congress may at any time by Law make or alter such Regulations, except as to the Places of chusing Senators.

The Congress shall assemble at least once in every Year, and such Meeting shall be on the first Monday in December, unless they shall by Law appoint a different Day.

Section 5 — Rules of Proceedings

Each House shall be the Judge of the Elections, Returns and Qualifications of its own Members, and a Majority of each shall constitute a Quorum to do Business; but a smaller Number may adjourn from day to day, and may be authorized to compel the Attendance of absent Members, in such Manner, and under such Penalties as each House may provide.

Each House may determine the Rules of its Proceedings, punish its Members for disorderly Behaviour, and, with the Concurrence of two thirds, expel a Member.

Each House shall keep a Journal of its Proceedings, and from time to time publish the same, excepting such Parts as may in their Judgment require Secrecy; and the Yeas and Nays of the Members of either House on any question shall, at the Desire of one fifth of those Present, be entered on the Journal.

Section 6 — Compensation and Privileges

The Senators and Representatives shall receive a Compensation for their Services, to be ascertained by Law, and paid out of the Treasury of the United States. They shall in all Cases, except Treason, Felony and Breach of the Peace, be privileged from Arrest during their Attendance at the Session of their respective Houses, and in going to and returning from the same; and for any Speech or Debate in either House, they shall not be questioned in any other Place.

No Senator or Representative shall, during the Time for which he was elected, be appointed to any civil Office under the Authority of the United States, which shall have been created, or the Emoluments whereof shall have been encreased during such time; and no Person holding any Office under the United States, shall be a Member of either House during his Continuance in Office.

Section 7 — Revenue Bills, Legislative Process

All Bills for raising Revenue shall originate in the House of Representatives; but the Senate may propose or concur with Amendments as on other Bills.

Every Bill which shall have passed the House of Representatives and the Senate, shall, before it become a Law, be presented to the President of the United States; If he approve he shall sign it, but if not he shall return it, with his Objections to that House in which it shall have originated, who shall enter the Objections at large on their Journal, and proceed to reconsider it.

If after such Reconsideration two thirds of that House shall agree to pass the Bill, it shall be sent, together with the Objections, to the other House, by which it shall likewise be reconsidered, and if approved by two thirds of that House, it shall become a Law. But in all such Cases the Votes of both Houses shall be determined by yeas and Nays, and the Names of the Persons voting for and against the Bill shall be entered on the Journal of each House respectively.

If any Bill shall not be returned by the President within ten Days (Sundays excepted) after it shall have been presented to him, the Same shall be a Law, in like Manner as if he had signed it, unless the Congress by their Adjournment prevent its Return, in which Case it shall not be a Law.

Every Order, Resolution, or Vote to which the Concurrence of the Senate and House of Representatives may be necessary (except on a question of Adjournment) shall be presented to the President of the United States; and before the Same shall take Effect, shall be approved by him, or being disapproved by him, shall be repassed by two thirds of the Senate and House of Representatives, according to the Rules and Limitations prescribed in the Case of a Bill.

Section 8 — Powers of Congress

The Congress shall have Power To lay and collect Taxes, Duties, Imposts and Excises, to pay the Debts and provide for the common Defence and general Welfare of the United States; but all Duties, Imposts and Excises shall be uniform throughout the United States;

To borrow Money on the credit of the United States;

To regulate Commerce with foreign Nations, and among the several States, and with the Indian Tribes;

To establish an uniform Rule of Naturalization, and uniform Laws on the subject of Bankruptcies throughout the United States;

To coin Money, regulate the Value thereof, and of foreign Coin, and fix the Standard of Weights and Measures;

To provide for the Punishment of counterfeiting the Securities and current Coin of the United States;

To establish Post Offices and post Roads;

To promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries;

To constitute Tribunals inferior to the supreme Court;

To define and punish Piracies and Felonies committed on the high Seas, and Offences against the Law of Nations;

To declare War, grant Letters of Marque and Reprisal, and make Rules concerning Captures on Land and Water;

To raise and support Armies, but no Appropriation of Money to that Use shall be for a longer Term than two Years;

To provide and maintain a Navy;

To make Rules for the Government and Regulation of the land and naval Forces;

To provide for calling forth the Militia to execute the Laws of the Union, suppress Insurrections and repel Invasions;

To provide for organizing, arming, and disciplining, the Militia, and for governing such Part of them as may be employed in the Service of the United States, reserving to the States respectively, the Appointment of the Officers, and the Authority of training the Militia according to the discipline prescribed by Congress;

To exercise exclusive Legislation in all Cases whatsoever, over such District (not exceeding ten Miles square) as may, by Cession of particular States, and the Acceptance of Congress, become the Seat of the Government of the United States, and to exercise like Authority over all Places purchased by the Consent of the Legislature of the State in which the Same shall be, for the Erection of Forts, Magazines, Arsenals, dock-Yards, and other needful Buildings;

To make all Laws which shall be necessary and proper for carrying into Execution the foregoing Powers, and all other Powers vested by this Constitution in the Government of the United States, or in any Department or Officer thereof.

Section 9 — Limits on Congress

The Migration or Importation of such Persons as any of the States now existing shall think proper to admit, shall not be prohibited by the Congress prior to the Year one thousand eight hundred and eight, but a Tax or duty may be imposed on such Importation, not exceeding ten dollars for each Person.

The Privilege of the Writ of Habeas Corpus shall not be suspended, unless when in Cases of Rebellion or Invasion the public Safety may require it.

No Bill of Attainder or ex post facto Law shall be passed.

No Capitation, or other direct, Tax shall be laid, unless in Proportion to the Census or enumeration herein before directed to be taken.

No Tax or Duty shall be laid on Articles exported from any State.

No Preference shall be given by any Regulation of Commerce or Revenue to the Ports of one State over those of another: nor shall Vessels bound to, or from, one State, be obliged to enter, clear, or pay Duties in another.

No Money shall be drawn from the Treasury, but in Consequence of Appropriations made by Law; and a regular Statement and Account of the Receipts and Expenditures of all public Money shall be published from time to time.

No Title of Nobility shall be granted by the United States: And no Person holding any Office of Profit or Trust under them, shall, without the Consent of the Congress, accept of any present, Emolument, Office, or Title, of any kind whatever, from any King, Prince, or foreign State.

Section 10 — Limits on States

No State shall enter into any Treaty, Alliance, or Confederation; grant Letters of Marque and Reprisal; coin Money; emit Bills of Credit; make any Thing but gold and silver Coin a Tender in Payment of Debts; pass any Bill of Attainder, ex post facto Law, or Law impairing the Obligation of Contracts, or grant any Title of Nobility.

No State shall, without the Consent of the Congress, lay any Imposts or Duties on Imports or Exports, except what may be absolutely necessary for executing it's inspection Laws: and the net Produce of all Duties and Imposts, laid by any State on Imports or Exports, shall be for the Use of the Treasury of the United States; and all such Laws shall be subject to the Revision and Controul of the Congress.

No State shall, without the Consent of Congress, lay any Duty of Tonnage, keep Troops, or Ships of War in time of Peace, enter into any Agreement or Compact with another State, or with a foreign Power, or engage in War, unless actually invaded, or in such imminent Danger as will not admit of delay.

Article II — The Executive Branch

Section 1 — The President

The executive Power shall be vested in a President of the United States of America. He shall hold his Office during the Term of four Years, and, together with the Vice President, chosen for the same Term, be elected, as follows:

Each State shall appoint, in such Manner as the Legislature thereof may direct, a Number of Electors, equal to the whole Number of Senators and Representatives to which the State may be entitled in the Congress: but no Senator or Representative, or Person holding an Office of Trust or Profit under the United States, shall be appointed an Elector.

No Person except a natural born Citizen, or a Citizen of the United States, at the time of the Adoption of this Constitution, shall be eligible to the Office of President; neither shall any Person be eligible to that Office who shall not have attained to the Age of thirty five Years, and been fourteen Years a Resident within the United States.

In Case of the Removal of the President from Office, or of his Death, Resignation, or Inability to discharge the Powers and Duties of the said Office, the Same shall devolve on the Vice President, and the Congress may by Law provide for the Case of Removal, Death, Resignation or Inability, both of the President and Vice President, declaring what Officer shall then act as President, and such Officer shall act accordingly, until the Disability be removed, or a President shall be elected.

The President shall, at stated Times, receive for his Services, a Compensation, which shall neither be encreased nor diminished during the Period for which he shall have been elected, and he shall not receive within that Period any other Emolument from the United States, or any of them.

Before he enter on the Execution of his Office, he shall take the following Oath or Affirmation:—"I do solemnly swear (or affirm) that I will faithfully execute the Office of President of the United States, and will to the best of my Ability, preserve, protect and defend the Constitution of the United States."

Section 2 — Powers of the President

The President shall be Commander in Chief of the Army and Navy of the United States, and of the Militia of the several States, when called into the actual Service of the United States; he may require the Opinion, in writing, of the principal Officer in each of the executive Departments, upon any Subject relating to the Duties of their respective Offices, and he shall have Power to grant Reprieves and Pardons for Offences against the United States, except in Cases of Impeachment.

He shall have Power, by and with the Advice and Consent of the Senate, to make Treaties, provided two thirds of the Senators present concur; and he shall nominate, and by and with the Advice and Consent of the Senate, shall appoint Ambassadors, other public Ministers and Consuls, Judges of the supreme Court, and all other Officers of the United States.

The President shall have Power to fill up all Vacancies that may happen during the Recess of the Senate, by granting Commissions which shall expire at the End of their next Session.

Section 3 — Duties of the President

He shall from time to time give to the Congress Information of the State of the Union, and recommend to their Consideration such Measures as he shall judge necessary and expedient; he may, on extraordinary Occasions, convene both Houses, or either of them, and in Case of Disagreement between them, with Respect to the Time of Adjournment, he may adjourn them to such Time as he shall think proper; he shall receive Ambassadors and other public Ministers; he shall take Care that the Laws be faithfully executed, and shall Commission all the Officers of the United States.

Section 4 — Impeachment

The President, Vice President and all civil Officers of the United States, shall be removed from Office on Impeachment for, and Conviction of, Treason, Bribery, or other high Crimes and Misdemeanors.

Article III — The Judicial Branch

Section 1 — Federal Courts

The judicial Power of the United States, shall be vested in one supreme Court, and in such inferior Courts as the Congress may from time to time ordain and establish. The Judges, both of the supreme and inferior Courts, shall hold their Offices during good Behaviour, and shall, at stated Times, receive for their Services, a Compensation, which shall not be diminished during their Continuance in Office.

Section 2 — Jurisdiction

The judicial Power shall extend to all Cases, in Law and Equity, arising under this Constitution, the Laws of the United States, and Treaties made, or which shall be made, under their Authority;—to all Cases affecting Ambassadors, other public Ministers and Consuls;—to all Cases of admiralty and maritime Jurisdiction;—to Controversies to which the United States shall be a Party;—to Controversies between two or more States;—between a State and Citizens of another State;—between Citizens of different States;—between Citizens of the same State claiming Lands under Grants of different States, and between a State, or the Citizens thereof, and foreign States, Citizens or Subjects.

In all Cases affecting Ambassadors, other public Ministers and Consuls, and those in which a State shall be Party, the supreme Court shall have original Jurisdiction. In all the other Cases before mentioned, the supreme Court shall have appellate Jurisdiction, both as to Law and Fact, with such Exceptions, and under such Regulations as the Congress shall make.

The Trial of all Crimes, except in Cases of Impeachment, shall be by Jury; and such Trial shall be held in the State where the said Crimes shall have been committed; but when not committed within any State, the Trial shall be at such Place or Places as the Congress may by Law have directed.

Section 3 — Treason

Treason against the United States, shall consist only in levying War against them, or in adhering to their Enemies, giving them Aid and Comfort. No Person shall be convicted of Treason unless on the Testimony of two Witnesses to the same overt Act, or on Confession in open Court.

The Congress shall have Power to declare the Punishment of Treason, but no Attainder of Treason shall work Corruption of Blood, or Forfeiture except during the Life of the Person attainted.

Article IV — The States

Section 1 — Full Faith and Credit

Full Faith and Credit shall be given in each State to the public Acts, Records, and judicial Proceedings of every other State. And the Congress may by general Laws prescribe the Manner in which such Acts, Records and Proceedings shall be proved, and the Effect thereof.

Section 2 — Privileges and Immunities

The Citizens of each State shall be entitled to all Privileges and Immunities of Citizens in the several States.

A Person charged in any State with Treason, Felony, or other Crime, who shall flee from Justice, and be found in another State, shall on Demand of the executive Authority of the State from which he fled, be delivered up, to be removed to the State having Jurisdiction of the Crime.

No Person held to Service or Labour in one State, under the Laws thereof, escaping into another, shall, in Consequence of any Law or Regulation therein, be discharged from such Service or Labour, but shall be delivered up on Claim of the Party to whom such Service or Labour may be due.

Section 3 — New States and Federal Property

New States may be admitted by the Congress into this Union; but no new State shall be formed or erected within the Jurisdiction of any other State; nor any State be formed by the Junction of two or more States, or Parts of States, without the Consent of the Legislatures of the States concerned as well as of the Congress.

The Congress shall have Power to dispose of and make all needful Rules and Regulations respecting the Territory or other Property belonging to the United States; and nothing in this Constitution shall be so construed as to Prejudice any Claims of the United States, or of any particular State.

Section 4 — Guarantee to States

The United States shall guarantee to every State in this Union a Republican Form of Government, and shall protect each of them against Invasion; and on Application of the Legislature, or of the Executive (when the Legislature cannot be convened) against domestic Violence.

Article V — Amendment Process

The Congress, whenever two thirds of both Houses shall deem it necessary, shall propose Amendments to this Constitution, or, on the Application of the Legislatures of two thirds of the several States, shall call a Convention for proposing Amendments, which, in either Case, shall be valid to all Intents and Purposes, as Part of this Constitution, when ratified by the Legislatures of three fourths of the several States, or by Conventions in three fourths thereof, as the one or the other Mode of Ratification may be proposed by the Congress; Provided that no Amendment which may be made prior to the Year One thousand eight hundred and eight shall in any Manner affect the first and fourth Clauses in the Ninth Section of the first Article; and that no State, without its Consent, shall be deprived of its equal Suffrage in the Senate.

Article VI — Supremacy Clause

All Debts contracted and Engagements entered into, before the Adoption of this Constitution, shall be as valid against the United States under this Constitution, as under the Confederation.

This Constitution, and the Laws of the United States which shall be made in Pursuance thereof; and all Treaties made, or which shall be made, under the Authority of the United States, shall be the supreme Law of the Land; and the Judges in every State shall be bound thereby, any Thing in the Constitution or Laws of any State to the Contrary notwithstanding.

The Senators and Representatives before mentioned, and the Members of the several State Legislatures, and all executive and judicial Officers, both of the United States and of the several States, shall be bound by Oath or Affirmation, to support this Constitution; but no religious Test shall ever be required as a Qualification to any Office or public Trust under the United States.

Article VII — Ratification

The Ratification of the Conventions of nine States, shall be sufficient for the Establishment of this Constitution between the States so ratifying the Same.

What is a "Legislative Day"?

150 Questions, Answered Honestly

The Basics

Privacy & Surveillance

Security & Hacking

Voter Experience

Fraud Detection

Accessibility & Equity

Cost & Funding

Legal & Constitutional

The Technology (Explained Simply)

Coercion & Vote Buying

Overseas & Military Voters

Deployment & Timeline

Open Questions & Honest Gaps

Comparison to Alternatives

Introduction

Committee Review

Floor Debate

Other Chamber

Conference

Presidential Action

Theme

Font

Privacy