Please understand - I’m really not trying to be a jerk here.
Using the blockchain to verify messages is a great idea which resolves many of the security issues you would have otherwise faced.
However, I cannot stress this enough:
Your adversaries have hundreds of employees with decades of experience and hundreds of millions in funding.
You are attempting to build a secure system on nights & weekends.
If you are successful in getting your project used widely, they will find an exploit.
Yeah, in the limit this will be up against government level cyberattacks. I’ve gone to as much effort as possible to ensure the nvbclient, as it stands, is able to be used safely. To that end it can be operated entirely on an airgapped machine, which I presume is how big parties will use it since it’s just not worth the risk and hassle of having a compromised machine. The privkey is never written to disk in plaintext. No external resources are loaded despite the interface being used through a browser. The AEC can’t even write their voting apps without loading external resources (see the recent NSW example). I’ve gone with the security model I understand can work on a shoestring budget.
We know that good security practices can still outmaneuver NSA level forces, even at a personal level. Additionally, if the NVB gains mass adoption even 10 years from now (quickly in the political world but a lifetime in the digital world) the technology and secure hardware we can use will be both diverse and cheap without sacrificing security. I have confidence that these problems will be solved and a suitable solution will be found before the NVB reaches critical mass. Until that point I don’t think we’re a large enough target to focus such activities on.
When we’re close enough to using this software in production this software will be scrutinized, and it’s not impossible to make it secure (ofc, there’s still the user but we’ll never get rid of them). When that happens I’ll try to let you know, so you can take a closer look at that sort of work.
Great discussion at the NVB meetup last night, for anyone interested, here’s a copy of the slides and a recording of the talk itself.
I mentioned it in person last night, but I feel it’s worth posting here too; I feel that PPAU and NVB have a great deal of philosophical overlap: We’re both strongly desiring increased transparency of governance, and we both wish to enable people to directly participate, in our country’s democracy beyond simply voting every few years.
Technologically, blockchain based solutions are sound, they are truly immutable and trustless. The weakness here, is unfortunately a human one; With NVB’s proposal, there still exists one actor who must be highly trusted, and is a single point of failure: the actual senator charged with implementing whatever the outcome is determined by LD votes.
All said, when then next election comes around, and we do our internal preferences vote, I’ll certainly be putting NVB near the top, most likely in the top four, in my own vote.