Provide self-contained downloadable report

[ojob]

Hello, Thanks a lot for this project! The background and research is appealing, and the need for an strong open-source solution is here. Indeed, I was looking for such a solution for my company, where we seldom need an online confidential voting solution.

Briefly put, we could not use Belenios, as I could not find a way to generate a poll report, that would be self-contained, with:

• cryptographic proofs
• voters list, with ballots fingerprints
• results counts associated with questions and answers labels.

The idea behind is to be able to archive this report, as a sole proof that:

1. the poll took place, including tracing the voters,
2. the voters ballots are taken into account,
3. the counts are correct.

Did I miss something? Is this feature already considered?

Best Regards,

[glondu]

When the election is archived (which is one week after tally), the administrator can download an archive. Did you notice it?

[glondu]

Note that the matching between each voters and their ballot fingerprint is not exported by design.

As far as I can tell, the aforementioned archive contains all the other data you're asking for. However, it does lack a report in human-readable form. Such report could be generated from the archive.

There used to be a button to manually archive an election, but it was removed in 35cb75e65db16ed7aad61ca95c2fbab1cf2337e6... Maybe it's worth reintroducing it, with more warnings to avoid people clicking on it by accident?

For now, you can force the archival of an election by using the basic (undocumented) admin UI:

• log in as as administrator
• go to https://vote.belenios.org/static/admin_basic.html (adapt the URL to point to the instance you're using)
• select your election
• click on "Archive election"

I think your request is about the human-readable report... However, the cryptographic proofs are verbose and I don't see how they could be embedded in such a report. What do you envision?

[ojob]

Hello, Thanks for the feedback! Indeed, my request was twofold:

• self-contained package: I clearly missed the archive. I see that the .bel file seems complete, but in a specific format. Is there any rationale against a set of files, with one metafile summarizing the fingerprints?
• the core of my request is indeed for a human-readable report. The crypto stuff could appear in appendix, or the other way around: the archive with fingerprints and cryptographic proofs would also contain the human-readable report, hence identifying it with its fingerprint.

I see no need for an early archival of the election, the webpage seems sufficient. The archive is for a longer term need.

Does this make sense? Could this be a feasible approach? I may be able to contribute somehow, at least for testing.

[glondu]

Is there any rationale against a set of files, with one metafile summarizing the fingerprints?

The .bel can be downloaded at any time (by e.g. belenios-tool), and a single file is easier to download and handle. Note that this file evolves in an append-only fashion. You can go back and forth between the .bel and the set of files, with tar -xf and belenios-tool archive make. This is done in the monitor_elections.py script.

Does this make sense? Could this be a feasible approach?

Yes. Concerning the cryptographic stuff, I think providing the hash of the Result event (i.e. the last one) in the human-readable report is sufficient, since it encompasses everything.

What I am thinking of is a new belenios-tool (sub-)command that would generate the public report from the .bel file. The report would be made available on the result page, and in the archive.zip file, but anybody could also re-generate it.