Belenios: Verifiable online voting system

Original Article ↗ Hacker News Discussion ↗

Role of Verifiability vs. Trust

  • Many commenters argue elections are ultimately about public trust, not just mathematical verifiability.
  • Simple, observable paper processes are seen as easier for ordinary people to understand and therefore trust.
  • Others counter that verifiability is more fundamental: a system that can be independently checked (even if not widely understood) is safer than a “trusted” but potentially compromised one.
  • Concern: relying on “experts” to vouch for complex crypto systems may fail in an era of low institutional trust.

Paper vs. Electronic / Online Voting

  • Strong camp: in‑person paper ballots, locally counted with observers, remain the most tamper‑resistant and socially robust, especially for high‑stakes national elections.
  • Arguments for paper: decentralization, difficulty of large‑scale fraud, transparency of the process, ease for laypeople to monitor.
  • Arguments for e‑voting: convenience, higher participation (esp. younger/remote voters), accessibility for disabled voters, potential for frequent or low‑stakes votes.
  • Many see online voting as fundamentally unsafe: client machines, servers, and networks cannot be fully trusted, and centralization enables large‑scale manipulation.

Coercion, Vote‑Buying, and “No‑Receipt”

  • Major unresolved problem: allowing individuals to verify their vote while preventing them from proving it to coercers or buyers.
  • Mail‑in and remote voting are criticized for enabling family pressure and organized coercion; others note similar issues exist already with paper.
  • Some schemes propose revoting, dummy ballots, or “deniable” tracking numbers, but commenters point out practical attack vectors (video, apps, social pressure).

Identity, Eligibility, and Sybil‑Resistance

  • Belenios focuses on verifiable tallying; commenters highlight that deciding who may vote and authenticating them is a separate, hard problem.
  • National e‑ID–based systems are proposed, but critics note governments could create fake IDs or fail to clean voter rolls.
  • Auditing voter registries is complicated by privacy laws and limited public access.

Views on Belenios and E2E Systems

  • Belenios is praised as a serious end‑to‑end verifiable design, with open source code.
  • Critiques: complex usability, difficult threshold decryption ceremonies, and reliance on infrastructure/parties whose independence is hard to assess.
  • Several emphasize it may be suitable for organizational or low‑stakes elections, but not for high‑stakes national votes.