stonecoldpat / anonymousvoting Goto Github PK

Hi, how are you?
I'm using the Open Vote Network as the basis for my final research project as an undergraduate at university. I'm trying to follow the video in the Readme, but I can't seem to compile the contract with the Ethereum Wallet app.
I receive the following error:

Could not compile source code. 

 "throw" is deprecated in favour of "revert()", "require()" and "assert()".
            throw;
            ^---^
, 

and trying to correct this only leads to more errors. Is there anything I can do to compile the contracts and deploy them to a private net? Maybe using Truffle instead of the Ethereum Wallet?

@stonecoldpat great work here!

Questions:

Does this require any trusted computing authority?

Does a single ZKP have to be generated by any/single authority before the voting process begins?

Do voters generate their "voter.txt" themselves or does that have to be generated by a trusted authority?

I know your video explains no trusted authority.. just trying to identify it that means what I think it does.

From a computational point of view, the only way the voters position (1 or 0) gets revealed is if they all collude right?

--

Side note, are you based in Ireland/UK.. thinking of vacationing there, maybe we could meetup =D

Hi,

I'm not a cryptographer so I must be missing something, please go easy on me.

Anyway, if anyone can do the tally as votes are coming in, then it would be trivial to know what everybody voted, right? The tally after the first vote would already trivially expose the vote of the first voter.

So, what am I missing?

hello, I would like to know how to run this code for more details~ I'm a little confused about the instructions.

Hi.Can I encrypt a message using localCrypto.sol on chain? I know on chain encryption may seems dummy but I need it in a special usage to prove something.

In the paper "Anonymous voting by two-round public discussion", they discuss about the limitation when some voters refuse to send data in the second round.

They say that in this case, we have to restart the protocol.

Is there a solution to avoid having to start the process again and still manage to compute the tally?

In a real election, there will be some voters who will register but won't vote in the second round ? This case seems to me inevitable. If there is no solution to this problem, then it seems that this protocol can't be applied in real life :(.

Suppose this was implemented for official government elections and I'm a very skeptical person when it comes to trusting elections.

What I would really like is to be able to vote from one machine (e.g. my phone, my pc, a voting machine in my local high school, etc.) and receive a receipt which has some sort of code I can use in combination with my private password to then go to a 2nd machine and verify that the code was recorded correctly. Totally separate machine, with separate software not under physical control from the same people.

Meaning, I may be afraid that the machine I'm actually voting on is compromised and thus altering my vote as a man-in-the-middle attack but I would feel better if I could verify on a second machine or at any point in time down the road that my vote was actually tallied correctly.

Does this dapp have any sort of verification mechanism for an individual to independently confirm that their vote was indeed cast correctly?

Or in other words, how can I trust that the software I am using to cast votes is doing so faithfully?

Hi~!
I came up with the idea of a blockchain voting system using zero knowledge. Then your project caught my eye and I worked on it.
The project used cosmos-sdk and implemented solidity's zero knowledge code in the go language.

The project is here. (https://github.com/qkrwnsgh1288/anonymous-vote)
Any comments are welcome.
I appreciate your project. 😄😄👍👍

Hello !

Currently if a user loses his or her Ethereum account password after registering, he / she is no longer able to vote and the vote must start from scratch.

I would like to know if you had already thought about a way to allow the loss of a user's password.

I was wondering if a mapping between the old key and the new key could be enough.

Let me explain :

The administrator entered the "0x56" key of a voter A. However, voter A lost the password to access his account. He goes to the administrator, proves his identity and that he is the owner of the "0x56" account. And that he created a new account "0x25"
The administrator sends a transaction to the Voting SmartContrat to map the "0x25" account to the "0x56" account.
Thus, for each transaction from "0x25", the contract will look if this address is linked to a registered address. If this is the case, then it will authorize the vote from that address as if it originated from the old address.
Of course, a check must be made to prevent an old address from being linked to two new addresses.

What do you think of this system?

Thank you :)

Hello,

I tried to compile the two contracts with the browser solidity but when i try to create the contract AnonymousVoting.sol:AnonymousVoting, I receive the following error :
callback contain no result Gas required exceeds block gas limit: 4294967295

In your paper, you write about the cost of gas when the number of voters increased; but i didn't expect i couldn't even create the Contract on my private Blockchain.

For information, here is my genesis.json :
{ "config": { "chainId": 15, "homesteadBlock": 0, "eip155Block": 0, "eip158Block": 0 }, "nonce": "0x0000000000000042", "mixhash": "0x0000000000000000000000000000000000000000000000000000000000000000", "difficulty": "0x4000", "alloc": {}, "coinbase": "0x0000000000000000000000000000000000000000", "timestamp": "0x00", "parentHash": "0x0000000000000000000000000000000000000000000000000000000000000000", "gasLimit": "0xffffffff", "extraData": "0x00" }
Do you have an idea of this problem ?

Thanks you for your work !

I was trying to deploy this contract to ropsten using remix and meta mask, but I ran into the error callback contain no result Gas required exceeds limit: 3000000.

Hello,

I used your work as a basis for developing a more advanced application.
In particular, I created an application under Electron to allow a simple use of the vote.
Concerning the voting protocol:

• I deleted the limit of 40 voters;
• I added the possibility of a multi-candidate vote;
• I added a unique code authentication;
• I removed the obligation to vote, which decreases the strength of the secrecy of the vote (the secret is known by the administrator)
• I am creating a distributed administration which will guarantee the secrecy of the vote as long as all the administrators are not corrupt. It only takes one administrator who is not corrupted to keep all votes secret.

You can find this project here : https://github.com/descampsk/wavevote

Do not hesitate to comment.

Thank you again for your work.

Hello !

I found a issue with Chrome and others navigators when they try to connect to a ethereum node with rpc which is on a distant machine on the local newtork.

The error is :

XMLHttpRequest cannot load http://XXXXXXXXX.8545/. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.99.100' is therefore not allowed access.

I didn't manage to understand how put a header to avoid this issue.

However, to avoid this issue, I put the arguments --disable-web-security --user-data-dir to launch Chrome, but it doesnt seem to be the best solution.

This issue exist on firefox too.

Do you have an idea ?

Thank you !

Hello,

I'm trying to deploy the Open Vote system in my private Ethereum network, but I'm facing a problem which is blocking me at the first step.

When I open the Admin page I'm always getting the following message:

• You do not have an Ethereum account that is the Election Authority for this vote

Modifying the admin.html in order to print some debug logs I've realized that the anonymousvotingAddr.owner() is always 0x. Thus, when it compares the owner address with the addresses in my node, it always fail.

I'm deploying the contract with remix using the compiler version "0.4.23+commit.124ca40d.Emscripten.clang". When I create the contract I try to pass both the gap and the charity address arguments. But maybe I'm doing something wrong since when I try to get the gap or charity values I always get 0 or 0x.

I've also tried to deploy it using the Ethereum wallet with the same result.

Is there anything that I'm missing or could it be related with the compiler that I'm using?
Thanks!

Hi, I'm studying your contract code, and I've cloned your code.
I'm using ganache as testrpc, then deployed contract codes to ganache.
But it occurred an out of gas error. So I raised the gas limit, stillthe same error occurs!
So I raised the gas limit to 10000000000000000.
Here is my ganache's block status page.

The transaction in block 4 is the creation transaction of the AnonymousVoting contract
(the transaction in block 3 is the creation transaction of the LocalCrypto contract)
The transaction also failed with out of gas error. I was amazed at this.
On another issue, I could see its contract consumes the completion of the contract under 5 million gas.
But I consumed a very very high gas!
What is this problem???

Hello !

I am trying to extend your voting protocol with multiple candidates. I read the following papers :

• Anonymous voting by two-round public discussion - F.Hao, P.Y.A Ryan , P. Zielinski
• Proofs of Partial Knowledge and Simplied Design of Witness Hiding Protocols
• A Secure and Optimally EfficientMulti-Authority Election Scheme

But I can not achieve the ZKP protocol for multiple candidates. I understood the operation of the ZKP 1 out of 2 to ensure that the voter votes yes or not, but this protocol only works for two choices. When we got n Generators Gi = g^2im for the candidat i.
For n choices, I think we should have 2n verifications :

• a1 = g^r1 x^d1
• b1 = h^r1 (y/G1)^d1
• a2 = g^r2 x^d2
• b2 = h^r2 (y/G2)^d2
  ....
• an = g^rn x^dn
• bn = h^rn (y/Gn)^dn

But i don't achieve a way to calculate each rn and dn.

Can you give me a hint or an explication if you understand this 1 out of n ZKP ? I didnt find any informations on internet :(.

Thank you !

Kévin

Hello,

If you don't know at the moment, you should definitively check this :

https://www.polys.me/

It seems to us a similar version of your protocol, with EIGamal Encryption combined with a secret sharing to allow someone not to vote. Very similar to what I wanted to do, I think. But I don't have all information.

I would like to know your opinion on this !

Can you make the following more clear?

• What happens if a voter does not register?
• What happens if a voter does not cast her vote?
• Is abstention possible to the voter?

From README:

please play with this code! Do what you want! Completely open-source

Can you give more details on what is allowed to do or not with this code?

I didn't find any license in the repository, so the best would be to choose an open-source license to answer my question: https://choosealicense.com/ for example.

Thank you

I'm trying to understand the reconstruction step, when voters register, why is account 1 being used in the way you specified here:

https://github.com/stonecoldpat/anonymousvoting/blob/master/AnonymousVoting.sol#L842

I'm having trouble on my end with your system. I'm using my JS conversion of the Java file and I'm trying to determine if there is something wrong with my JS version or if I'm not understanding accounts right.

What is odd is that all other voters (0, 2, 3) work fine (their ZKP is created and verified successfully, and they can create either the yes or no ZKP, and they verify out as well... accept account/voter[1]. The ZKP proof gets created and verified as normal, but when I try to create the 1 of 2 ZKP yes or no, I create it, it looks normal, but on the verify 1 of 2 step, I get in an invalid reading.

Any thoughts on this?

I'm sure its my JS or something..

I can see that the vote is submitted like this (sample from vote.html):

result = anonymousvotingAddr.submitVote.sendTransaction(params, y, a1, b1, a2, b2, {
    from: web3.eth.accounts[accounts_index],
    gas: 4200000
});

Even if the params values are anonymous, they'll be registered along with the voter address in the blockchain.

Is not possible that, while scanning Etherscan, someone could guess who is the voter, given that they have the voter address and the params values?

I did a version of your Java file in JS.. does this look right?

var EC = require('elliptic').ec;

// Create and initialize EC context
// (better do it once and reuse it)
var ec = new EC('secp256k1');

// Generate keys
var key = ec.genKeyPair();

var x = key.getPrivate().toString(10);
var _x = key.getPublic().x.toString(10);
var _y = key.getPublic().y.toString(10);

var v = ec.genKeyPair().getPrivate().toString(10);
var w = ec.genKeyPair().getPrivate().toString(10);
var r = ec.genKeyPair().getPrivate().toString(10);
var d = ec.genKeyPair().getPrivate().toString(10);

console.log(x + "," + _x + "," + _y + "," + v + "," + w + "," + r + "," + d);

I couldn't fine anything on affine coordinate generation and if that matters over normal X and Y coordinates. Perhaps you could shed some light on that.

@stonecoldpat