Open dsernst opened 2 years ago
One issue w/ this if we totally automate the check is that people won't really understand how the check works, or what it's really doing, or if it can be trusted.
Another variation on the UI, is that we could provide a big button { I Checked My Vote }
, for voters to manually click on the Election Status page, and report up to the API if/when they hit it. Then people would have a much clearer sense of what the # checked represents.
Best of all would be separate Anti-Malware Codes: How Voters Can Prove They Confirmed Their Vote. But that requires distributing via paper invitations pre-election.
In terms of reporting these stats — publicly, and to admin, what I'd like most is:
And really Anti-Malware Code isn't a simple binary, but is actually meant to be entered using a separate device (whole point of them is to assume first device is compromised), so could get even more nuanced with how many different codes + devices voters confirmed with...
And then there could be a separate option for Admins to enable whether these stats are private only for them to see, or visible for everyone to see on the election status page.
This is a common complaint people bring up:
Some mitigations:
For that 2nd one:
Track & show how many voters verify their vote
It could help communicate better verification if we automatically had clients confirm their Verification #s were in the decrypted vote list, and report their success back to the API.
This could have a few benefits:
X out of Y (Z%) have verified
, all updating in real time. This could reassure people about the final results, rather than currently assuming that no one is checking.Verification #
s do not show up in the final unlocked list, we (SIV) absolutely want to be alerted. There's no reason this should happen, and we definitely need to know!Steps to implement
We could have the voter generate a KeyPair when they submit their vote, telling the admin their PubKey. Then at Verification, they could signCould use encrypted vote data as a pub key, randomizer as priv key, as described hereI verified
, using their private key.