Creation of a Voting System Based off of Biometrics from Extremely Common Hardware

[RoboticMind]

Steps Involved In this Proposed Voting Process

1) Voters validate their biometrics by performing some sort of semi-randomized task that involves somewhat complex actions. 2) Once the user has completed the task, the biometrics are sent along with a vote in a transaction. 3) The network first verifies that the actions performed were done by a human 4) The network checks to make sure that the biometrics don't match a user that has already voted 5) The network checks that the raw biometrics don't exactly match a previous's user's vote as to prevent someone from copying another user's data from a different vote and vote under their name (randomness helps but if the task is similar enough to another task it could be misidentified) 6) Once confirmed, the transaction vote goes through

Potential Ways to Achieve the Biometric Checks Involved

• Neural Networks (Could Be Trained Via BOINC)
• Human Review Process

List of Biometrics that Could Potentially Be Used

• Mouse Movements
• Keyboard Strokes
• Eye Movements Through a Webcam (Needs More Investigation)
• "Body Prints" (see paper 6)

Potential Tasks for Verification

• Connecting Random Dots | Mouse Based |
• Drawing/Tracing of Complex Polygons | Mouse Based |
• Filling in Complex Polygons | Mouse Based |
• Setting Scale on a Resisters Value Read More Here | Mouse/Keyboard Based |
• Tracking a ball's movements | Eye-Tracking Based |
• Show a "Body Print" | Body Print Based |

  Related Published Papers

  1) http://research.ijcaonline.org/volume111/number8/pxc3901307.pdf 2) https://www.academia.edu/5218185/A_User_Identification_System_Using_Signature_Written_with_Mouse 3) https://link.springer.com/chapter/10.1007%2FBFb0028470 (partially viewable without paying) 4) https://ieeexplore.ieee.org/document/633558 ( paywall [I wasn't able to view it] ) 5) https://ieeexplore.ieee.org/document/7782336/ ( paywall [I wasn't able to view it] ) 6) http://www.christianholz.net/bodyprint.html (applicable to mobile devices)

  Other Notes:

• Any other Biometric data that we could use would have to easy to produce, identifiable as human or nonhuman, as well as having the raw data not be exactly identical
• Any random number generation involved would come from something like a TXID or a UTXO's ID as to not trust the wallet to generate the randomness
• The wallet could run the check on the biometrics before voting as to see if the network would think it is false, so the user wouldn't have to wait.
• The large biometric data stored could be stored on a separate blockchain as to not require everyone to not require everyone to download an enormous blockchain. The transaction could link to the data on the other chain and could be stored temporarily in the mempool while verifying.
• Accessibility to people with limited to no vision is low with the biometrics listed above

  Suggestions

• @ganzuul suggested adding a section labeled "polls you may like to vote in", similar to how online streaming companies suggest what movies to watch. This would be to encourage people to vote in more polls as they would see the polls that matter more to them.
• @Peppernrino and @ganzuul suggested using a two factor authentication system

  (this will be updated with any suggestions)

[tomasbrod]

Related #21 .

[Peppernrino]

After some nice discussions in the Discord, and the Gridcoin Hangouts... some suggestions have come out of the woodwork:

Jim Owens: https://www.jumio.com/ NeuralMiner: https://voting.decred.org/ Peppernrino: 2FA, or could we think about possibly creating a hardware key on wallet generation? Like a YubiKey... and if there were >1 keyfile present on the USB, it wouldn't work?

[Peppernrino]

from Discord yesterday:

nos: @Peppernrino Re: biometrics for polling. Might want a per-poll optional 2FA scheme which gets used for culling votes after the poll closes instead. I.e. an email or SMS which asks 'is this your vote?'

sort of like how C-Cex sends you an email after making a transaction... "someone made a tx for this much. was this you?" ---> "someone voted this option on gridcoin poll #XXX. was this you?"

[RoboticMind]

The problems with 2FA are: 1) Sending a message for verification cannot be done by everyone in the network so it would have to be done by one or a few people 3) The controller of 2FA could stop verifying people that inputting a certain type of vote by claiming the 2FA check failed or just not sending it 4) The controller of 2FA could stop verifying any voting entirely

Verification of the message can be done through Public Key Private Key Cryptography

[RoboticMind]

@ganzuul has a different voting proposal to look at: https://github.com/gridcoin-community/Gridcoin-Tasks/issues/219. It is currently in the draft phase.

[RoboticMind]

For privacy issues, we can use an obfuscated neural network so that the inputs are private (being the identifiable information) but the output is known.

There could be witnesses voted in that have their own trained obfuscated neural network with the weights and biases not be public as to not allow people to fabricate results from having public weights.

They would all have to be trained on different data sets to make sure that attacks involving the training data are mitigated.

Witnesses would have their relevant information public to obfuscate the inputs. If enough of the witness come to a consesnus the vote is blocked or allowed.

More information on obfuscated neural networks can be found on this paper